Hi, Thanks for the patches & fixes ! Could you submit them using gerrit ? I'll be easier for CI & review. Here is some info on how to set up an account [0] and push patches with git review [1].
Also more specifically on using the plugin_lb, I'll be interested in knowing more about the use-case you're targeting. We've built a new plugin (plugin_cnat), for doing generic "cloud nat" e.g. vip based load-balancing - as what plugin_lb does - as well as regular NAT. Maglev support is missing, but should be added soon, and I'm trying to make it as extensible as possible, so searching for feedback :) Cheers -Nathan [0] https://wiki.fd.io/view/DEV/Setting_up_Gerrit [1] https://wiki.fd.io/view/VPP/Pulling,_Building,_Running,_Hacking_and_Pushing_VPP_Code#Setting_up_Gerrit Le dim. 24 janv. 2021 à 06:45, <kangzy1...@qq.com> a écrit : > VPP lb plugin NAT4 patch > > 1. Fixed NAT4 SNAT invalid src_port ; > 2. Add NAT4 TCP SNAT support; > 3. Fixed NAT4 add SNAT map with protocol 0; > > this patch have test with vpp v20.05.1 and above . but not fixed NAT6 > VPP info: > > vpp# show version > vpp v20.05.1-1~g692e862-dirty built by root on centos7-170 at > 2020-08-12T00:54:00 > vpp# show hardware-interfaces > Name Idx Link Hardware > TenGigabitEthernet5/0/0 1 down TenGigabitEthernet5/0/0 > Link speed: unknown > Ethernet address 90:e2:ba:0a:73:0c > Intel 82599 > carrier down > flags: pmd tx-offload intel-phdr-cksum rx-ip4-cksum > Devargs: > rx: queues 4 (max 128), desc 2048 (min 32 max 4096 align 8) > tx: queues 2 (max 64), desc 2048 (min 32 max 4096 align 8) > pci: device 8086:10fb subsystem 8086:7a11 address 0000:05:00.00 numa 0 > max rx packet len: 15872 > promiscuous: unicast off all-multicast off > vlan offload: strip off filter off qinq off > rx offload avail: vlan-strip ipv4-cksum udp-cksum tcp-cksum tcp-lro > macsec-strip vlan-filter vlan-extend jumbo-frame > scatter > security keep-crc rss-hash > rx offload active: ipv4-cksum > tx offload avail: vlan-insert ipv4-cksum udp-cksum tcp-cksum sctp-cksum > tcp-tso macsec-insert multi-segs security > tx offload active: udp-cksum tcp-cksum > rss avail: ipv4-tcp ipv4-udp ipv4 ipv6-tcp-ex ipv6-udp-ex ipv6-tcp > ipv6-udp ipv6-ex ipv6 > rss active: none > tx burst function: ixgbe_xmit_pkts > rx burst function: ixgbe_recv_pkts > > TenGigabitEthernet5/0/1 2 down TenGigabitEthernet5/0/1 > Link speed: unknown > Ethernet address 90:e2:ba:0a:73:0d > Intel 82599 > carrier down > flags: pmd tx-offload intel-phdr-cksum rx-ip4-cksum > Devargs: > rx: queues 4 (max 128), desc 2048 (min 32 max 4096 align 8) > tx: queues 2 (max 64), desc 2048 (min 32 max 4096 align 8) > pci: device 8086:10fb subsystem 8086:7a11 address 0000:05:00.01 numa 0 > max rx packet len: 15872 > promiscuous: unicast off all-multicast off > vlan offload: strip off filter off qinq off > rx offload avail: vlan-strip ipv4-cksum udp-cksum tcp-cksum tcp-lro > macsec-strip vlan-filter vlan-extend jumbo-frame > scatter > security keep-crc rss-hash > rx offload active: ipv4-cksum > tx offload avail: vlan-insert ipv4-cksum udp-cksum tcp-cksum sctp-cksum > tcp-tso macsec-insert multi-segs security > tx offload active: udp-cksum tcp-cksum > rss avail: ipv4-tcp ipv4-udp ipv4 ipv6-tcp-ex ipv6-udp-ex ipv6-tcp > ipv6-udp ipv6-ex ipv6 > rss active: none > tx burst function: ixgbe_xmit_pkts > rx burst function: ixgbe_recv_pkts > > local0 0 down local0 > Link speed: unknown > local > > patch > > diff --git a/src/plugins/lb/lb.c b/src/plugins/lb/lb.c > index ab5e808..5bec0d2 100644 > --- a/src/plugins/lb/lb.c > +++ b/src/plugins/lb/lb.c > @@ -228,7 +228,7 @@ u8 *format_lb_vip_detailed (u8 * s, va_list * args) > format_white_space, indent, > (vip->encap_args.srv_type == LB_SRV_TYPE_CLUSTERIP)?"clusterip": > "nodeport", > - ntohs(vip->port), ntohs(vip->encap_args.target_port)); > + (vip->port), ntohs(vip->encap_args.target_port)); > } > > //Print counters > @@ -688,7 +688,7 @@ next: > clib_bihash_kv_8_8_t kv4; > m_key4.addr = as->address.ip4; > m_key4.port = vip->encap_args.target_port; > - m_key4.protocol = 0; > + m_key4.protocol = vip->protocol; > m_key4.fib_index = 0; > > if (vip->encap_args.srv_type == LB_SRV_TYPE_CLUSTERIP) > diff --git a/src/plugins/lb/node.c b/src/plugins/lb/node.c > index a2c35bd..85a0552 100644 > --- a/src/plugins/lb/node.c > +++ b/src/plugins/lb/node.c > @@ -495,7 +495,15 @@ lb_node_fn (vlib_main_t * vm, > csum, lbm->ass[asindex0].address.ip4.as_u32); > uh->checksum = ip_csum_fold (csum); > } > - else > + else if (ip40->protocol == IP_PROTOCOL_TCP) > + { > + tcp_header_t *th0; > + th0 = (tcp_header_t *)(ip40 + 1); > + th0->dst_port = vip0->encap_args.target_port; > + th0->checksum = 0; > + th0->checksum = ip4_tcp_udp_compute_checksum (vm, p0, > ip40); > + } > + else > { > asindex0 = 0; > } > @@ -792,7 +800,8 @@ lb_nat_in2out_node_fn (vlib_main_t * vm, > vlib_node_runtime_t * node, > ip40 = vlib_buffer_get_current (b0); > udp0 = ip4_next_header (ip40); > tcp0 = (tcp_header_t *) udp0; > - proto0 = lb_ip_proto_to_nat_proto (ip40->protocol); > + //proto0 = lb_ip_proto_to_nat_proto (ip40->protocol); > + proto0 = ip40->protocol; > > key40.addr = ip40->src_address; > key40.protocol = proto0; > @@ -807,7 +816,7 @@ lb_nat_in2out_node_fn (vlib_main_t * vm, > vlib_node_runtime_t * node, > > sm40 = pool_elt_at_index(lbm->snat_mappings, index40); > new_addr0 = sm40->src_ip.ip4.as_u32; > - new_port0 = sm40->src_port; > + new_port0 = clib_host_to_net_u16(sm40->src_port); > vnet_buffer(b0)->sw_if_index[VLIB_TX] = sm40->fib_index; > old_addr0 = ip40->src_address.as_u32; > ip40->src_address.as_u32 = new_addr0; > > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18592): https://lists.fd.io/g/vpp-dev/message/18592 Mute This Topic: https://lists.fd.io/mt/80073171/21656 Mute #vpp:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp Mute #nat:https://lists.fd.io/g/vpp-dev/mutehashtag/nat Mute #lb:https://lists.fd.io/g/vpp-dev/mutehashtag/lb Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
