FD.io VPP  v18.01-8-g0eacf49
Vector Packet Processing
src/plugins/nat

dslite add pool address

Summary/usage

dslite add pool address <ip4-range-start> [- <ip4-range-end>]  [del].

Declaration and implementation

Declaration: dslite_add_pool_address_command (src/plugins/nat/dslite_cli.c line 241)

Implementation: dslite_add_del_pool_addr_command_fn.

dslite set aftr-tunnel-endpoint-address

Summary/usage

dslite set aftr-tunnel-endpoint-address <ip6>.

Declaration and implementation

Declaration: dslite_set_aftr_tunnel_addr (src/plugins/nat/dslite_cli.c line 254)

Implementation: dslite_set_aftr_tunnel_addr_command_fn.

nat addr-port-assignment-alg

Summary/usage

nat addr-port-assignment-alg <alg-name> [<alg-params>].

Declaration and implementation

Declaration: nat44_set_alloc_addr_and_port_alg_command (src/plugins/nat/nat.c line 3820)

Implementation: nat44_set_alloc_addr_and_port_alg_command_fn.

nat ipfix logging

Summary/usage

nat ipfix logging [domain <domain-id>] [src-port <port>] [disable].

Description

Example usage
vpp# snat ipfix logging
To enable NAT IPFIX logging use:
 vpp# nat ipfix logging
To set IPFIX exporter use:
 vpp# set ipfix exporter collector 10.10.10.3 src 10.10.10.1

Declaration and implementation

Declaration: snat_ipfix_logging_enable_disable_command (src/plugins/nat/nat.c line 2689)

Implementation: snat_ipfix_logging_enable_disable_command_fn.

nat virtual-reassembly

Summary/usage

nat virtual-reassembly ip4|ip6 [max-reassemblies <n>] [max-fragments <n>] [timeout <sec>] [enable|disable].

Declaration and implementation

Declaration: nat_reass_command (src/plugins/nat/nat_reass.c line 739)

Implementation: nat_reass_command_fn.

nat44 add address

Summary/usage

nat44 add address <ip4-range-start> [- <ip4-range-end>] [tenant-vrf <vrf-id>] [twice-nat] [del].

Declaration and implementation

Declaration: add_address_command (src/plugins/nat/nat.c line 2086)

Implementation: add_address_command_fn.

nat44 add identity mapping

Summary/usage

nat44 add identity mapping <interface>|<ip4-addr> [<protocol> <port>] [vrf <table-id>] [del].

Description

Example usage
vpp# snat add identity mapping
Identity mapping translate an IP address to itself.
To create identity mapping for address 10.0.0.3 port 6303 for TCP protocol
use:
 vpp# nat44 add identity mapping 10.0.0.3 tcp 6303
To create identity mapping for address 10.0.0.3 use:
 vpp# nat44 add identity mapping 10.0.0.3
To create identity mapping for DHCP addressed interface use:
 vpp# nat44 add identity mapping GigabitEthernet0/a/0 tcp 3606

Declaration and implementation

Declaration: add_identity_mapping_command (src/plugins/nat/nat.c line 2458)

Implementation: add_identity_mapping_command_fn.

nat44 add interface address

Summary/usage

nat44 add interface address <interface> [twice-nat] [del].

Declaration and implementation

Declaration: snat_add_interface_address_command (src/plugins/nat/nat.c line 3661)

Implementation: snat_add_interface_address_command_fn.

nat44 add load-balancing static mapping

Summary/usage

nat44 add load-balancing static mapping protocol tcp|udp external <addr>:<port> local <addr>:<port> probability <n> [twice-nat] [vrf <table-id>] [del].

Declaration and implementation

Declaration: add_lb_static_mapping_command (src/plugins/nat/nat.c line 2556)

Implementation: add_lb_static_mapping_command_fn.

nat44 add static mapping

Summary/usage

nat44 add static mapping tcp|udp|icmp local <addr> [<port>] external <addr> [<port>] [vrf <table-id>] [twice-nat] [del].

Description

Example usage
vpp# snat add static mapping
Static mapping allows hosts on the external network to initiate connection
to to the local network host.
To create static mapping between local host address 10.0.0.3 port 6303 and
external address 4.4.4.4 port 3606 for TCP protocol use:
 vpp# nat44 add static mapping tcp local 10.0.0.3 6303 external 4.4.4.4 3606
If not runnig "static mapping only" NAT plugin mode use before:
 vpp# nat44 add address 4.4.4.4
To create static mapping between local and external address use:
 vpp# nat44 add static mapping local 10.0.0.3 external 4.4.4.4

Declaration and implementation

Declaration: add_static_mapping_command (src/plugins/nat/nat.c line 2362)

Implementation: add_static_mapping_command_fn.

nat44 del session

Summary/usage

nat44 del session in|out <addr>:<port> tcp|udp|icmp [vrf <id>].

Declaration and implementation

Declaration: nat44_del_session_command (src/plugins/nat/nat.c line 3774)

Implementation: nat44_del_session_command_fn.

nat44 deterministic add

Summary/usage

nat44 deterministic add in <addr>/<plen> out <addr>/<plen> [del].

Description

Example usage
vpp# snat deterministic add
Create bijective mapping of inside address to outside address and port range
pairs, with the purpose of enabling deterministic NAT to reduce logging in
CGN deployments.
To create deterministic mapping between inside network 10.0.0.0/18 and
outside network 1.1.1.0/30 use:
# vpp# nat44 deterministic add in 10.0.0.0/18 out 1.1.1.0/30

Declaration and implementation

Declaration: snat_det_map_command (src/plugins/nat/nat.c line 3884)

Implementation: snat_det_map_command_fn.

nat44 deterministic close session in

Summary/usage

nat44 deterministic close session in <in_addr>:<in_port> <ext_addr>:<ext_port>.

Description

Example usage
vpp# snat deterministic close_session_in
Close session using inside ip address and port
and external ip address and port, use:
 vpp# nat44 deterministic close session in 3.3.3.3:3487 2.2.2.2:2387

Declaration and implementation

Declaration: snat_det_close_session_in_command (src/plugins/nat/nat.c line 4211)

Implementation: snat_det_close_session_in_fn.

nat44 deterministic close session out

Summary/usage

nat44 deterministic close session out <out_addr>:<out_port> <ext_addr>:<ext_port>.

Description

Example usage
vpp# snat deterministic close session out
Close session using outside ip address and port
and external ip address and port, use:
 vpp# nat44 deterministic close session out 1.1.1.1:1276 2.2.2.2:2387

Declaration and implementation

Declaration: snat_det_close_sesion_out_command (src/plugins/nat/nat.c line 4142)

Implementation: snat_det_close_session_out_fn.

nat44 deterministic forward

Summary/usage

nat44 deterministic forward <addr>.

Description

Example usage
vpp# snat deterministic forward
Return outside address and port range from inside address for deterministic
NAT.
To obtain outside address and port of inside host use:
 vpp# nat44 deterministic forward 10.0.0.2
 1.1.1.0:<1054-1068>

Declaration and implementation

Declaration: snat_det_forward_command (src/plugins/nat/nat.c line 3944)

Implementation: snat_det_forward_command_fn.

nat44 deterministic reverse

Summary/usage

nat44 deterministic reverse <addr>:<port>.

Description

Example usage
vpp# snat deterministic reverse
Return inside address from outside address and port for deterministic NAT.
To obtain inside host address from outside address and port use:
 #vpp nat44 deterministic reverse 1.1.1.1:1276
 10.0.16.16

Declaration and implementation

Declaration: snat_det_reverse_command (src/plugins/nat/nat.c line 4008)

Implementation: snat_det_reverse_command_fn.

nat44 forwarding

Summary/usage

nat44 forwarding enable|disable.

Description

Example usage
vpp# nat44 forwarding
Enable or disable forwarding
Forward packets which don't match existing translation
or static mapping instead of dropping them.
To enable forwarding, use:
 vpp# nat44 forwarding enable
To disable forwarding, use:
 vpp# nat44 forwarding disable

Declaration and implementation

Declaration: snat_forwarding_set_command (src/plugins/nat/nat.c line 4279)

Implementation: snat_forwarding_set_command_fn.

nat64 add interface address

Summary/usage

nat64 add interface address <interface> [del].

Description

Example usage
vpp# nat64 add interface address
Add/delete NAT64 pool address from specific (DHCP addressed) interface.
To add NAT64 pool address from specific interface use:
 vpp# nat64 add interface address GigabitEthernet0/8/0

Declaration and implementation

Declaration: nat64_add_interface_address_command (src/plugins/nat/nat64_cli.c line 1052)

Implementation: nat64_add_interface_address_command_fn.

nat64 add pool address

Summary/usage

nat64 add pool address <ip4-range-start> [- <ip4-range-end>] [tenant-vrf <vrf-id>] [del].

Description

Example usage
vpp# nat64 add pool address
Add/delete NAT64 pool address.
To add single NAT64 pool address use:
 vpp# nat64 add pool address 10.1.1.10
To add NAT64 pool address range use:
 vpp# nat64 add pool address 10.1.1.2 - 10.1.1.5
To add NAT64 pool address for specific tenant use:
 vpp# nat64 add pool address 10.1.1.100 tenant-vrf 100

Declaration and implementation

Declaration: nat64_add_pool_address_command (src/plugins/nat/nat64_cli.c line 848)

Implementation: nat64_add_del_pool_addr_command_fn.

nat64 add prefix

Summary/usage

nat64 add prefix <ip6-prefix>/<plen> [tenant-vrf <vrf-id>] [del] [interface <interface].

Description

Example usage
vpp# nat64 add prefix
Set NAT64 prefix for generating IPv6 representations of IPv4 addresses.
To set NAT64 global prefix use:
 vpp# nat64 add prefix 2001:db8::/32
To set NAT64 prefix for specific tenant use:
 vpp# nat64 add prefix 2001:db8:122:300::/56 tenant-vrf 10

Declaration and implementation

Declaration: nat64_add_del_prefix_command (src/plugins/nat/nat64_cli.c line 1020)

Implementation: nat64_add_del_prefix_command_fn.

nat64 add static bib

Summary/usage

nat64 add static bib <ip6-addr> <port> <ip4-addr> <port> tcp|udp|icmp [vfr <table-id>] [del].

Description

Example usage
vpp# nat64 add static bib
Add/delete NAT64 static BIB entry.
To create NAT64 satatic BIB entry use:
 vpp# nat64 add static bib 2001:db8:c000:221:: 1234 10.1.1.3 5678 tcp
 vpp# nat64 add static bib 2001:db8:c000:221:: 1234 10.1.1.3 5678 udp vrf 10

Declaration and implementation

Declaration: nat64_add_del_static_bib_command (src/plugins/nat/nat64_cli.c line 913)

Implementation: nat64_add_del_static_bib_command_fn.

set interface nat44

Summary/usage

set interface nat44 in <intfc> out <intfc> [output-feature] [del].

Declaration and implementation

Declaration: set_interface_snat_command (src/plugins/nat/nat.c line 2206)

Implementation: snat_feature_command_fn.

set interface nat64

Summary/usage

set interface nat64 in|out <intfc> [del].

Description

Example usage
vpp# set interface nat64
Enable/disable NAT64 feature on the interface.
To enable NAT64 feature with local (IPv6) network interface
GigabitEthernet0/8/0 and external (IPv4) network interface
GigabitEthernet0/a/0 use:
 vpp# set interface nat64 in GigabitEthernet0/8/0 out GigabitEthernet0/a/0

Declaration and implementation

Declaration: set_interface_nat64_command (src/plugins/nat/nat64_cli.c line 881)

Implementation: nat64_interface_feature_command_fn.

set nat workers

Summary/usage

set nat workers <workers-list>.

Description

Example usage
vpp# set snat workers
Set NAT workers if 2 or more workers available, use:
 vpp# set snat workers 0-2,5

Declaration and implementation

Declaration: set_workers_command (src/plugins/nat/nat.c line 2627)

Implementation: set_workers_command_fn.

set nat44 deterministic timeout

Summary/usage

set nat44 deterministic timeout [udp <sec> | tcp-established <sec> tcp-transitory <sec> | icmp <sec> | reset].

Description

Example usage
vpp# set snat deterministic timeout
Set values of timeouts for deterministic NAT (in seconds), use:
 vpp# set nat44 deterministic timeout udp 120 tcp-established 7500
 tcp-transitory 250 icmp 90
To reset default values use:
 vpp# set nat44 deterministic timeout reset

Declaration and implementation

Declaration: set_timeout_command (src/plugins/nat/nat.c line 4070)

Implementation: set_timeout_command_fn.

set nat64 timeouts

Summary/usage

set nat64 timeouts udp <sec> icmp <sec> tcp-trans <sec> tcp-est <sec> tcp-incoming-syn <sec> | reset.

Description

Example usage
vpp# set nat64 timeouts
Set NAT64 session timeouts (in seconds).
To set NAT64 session timeoutes use use:
 vpp# set nat64 timeouts udp 200 icmp 30 tcp-trans 250 tcp-est 7450
To reset NAT64 session timeoutes to default values use:
 vpp# set nat64 timeouts reset

Declaration and implementation

Declaration: set_nat64_timeouts_command (src/plugins/nat/nat64_cli.c line 956)

Implementation: nat64_set_timeouts_command_fn.

show dslite aftr-tunnel-endpoint-address

Summary/usage

show dslite aftr-tunnel-endpoint-address.

Declaration and implementation

Declaration: dslite_show_aftr_ip6_addr (src/plugins/nat/dslite_cli.c line 260)

Implementation: dslite_show_aftr_ip6_addr_command_fn.

show dslite pool

Summary/usage

show dslite pool.

Declaration and implementation

Declaration: show_dslite_pool_command (src/plugins/nat/dslite_cli.c line 248)

Implementation: dslite_show_pool_command_fn.

show dslite sessions

Summary/usage

show dslite sessions.

Declaration and implementation

Declaration: dslite_show_sessions (src/plugins/nat/dslite_cli.c line 266)

Implementation: dslite_show_sessions_command_fn.

show nat virtual-reassembly

Summary/usage

show nat virtual-reassembly.

Declaration and implementation

Declaration: show_nat_reass_command (src/plugins/nat/nat_reass.c line 747)

Implementation: show_nat_reass_command_fn.

show nat44

Summary/usage

show nat44.

Declaration and implementation

Declaration: show_snat_command (src/plugins/nat/nat.c line 3445)

Implementation: show_snat_command_fn.

show nat64 bib

Summary/usage

show nat64 bib all|tcp|udp|icmp|unknown.

Description

Example usage
vpp# show nat64 bib
Show NAT64 BIB entries.
To show NAT64 TCP BIB entries use:
 vpp# show nat64 bib tcp
 NAT64 tcp BIB:
  fd01:1::2 6303 10.0.0.3 62303 tcp vrf 0 dynamic 1 sessions
  2001:db8:c000:221:: 1234 10.1.1.3 5678 tcp vrf 0 static 2 sessions
To show NAT64 UDP BIB entries use:
 vpp# show nat64 bib udp
 NAT64 udp BIB:
  fd01:1::2 6304 10.0.0.3 10546 udp vrf 0 dynamic 10 sessions
  2001:db8:c000:221:: 1234 10.1.1.3 5678 udp vrf 10 static 0 sessions
To show NAT64 ICMP BIB entries use:
 vpp# show nat64 bib icmp
 NAT64 icmp BIB:
  fd01:1::2 6305 10.0.0.3 63209 icmp vrf 10 dynamic 1 sessions

Declaration and implementation

Declaration: show_nat64_bib_command (src/plugins/nat/nat64_cli.c line 940)

Implementation: nat64_show_bib_command_fn.

show nat64 interfaces

Summary/usage

show nat64 interfaces.

Description

Example usage
vpp# show nat64 interfaces
Show interfaces with NAT64 feature.
To show interfaces with NAT64 feature use:
 vpp# show nat64 interfaces
 NAT64 interfaces:
  GigabitEthernet0/8/0 in
  GigabitEthernet0/a/0 out

Declaration and implementation

Declaration: show_nat64_interfaces_command (src/plugins/nat/nat64_cli.c line 898)

Implementation: nat64_show_interfaces_command_fn.

show nat64 pool

Summary/usage

show nat64 pool.

Description

Example usage
vpp# show nat64 pool
Show NAT64 pool.
 vpp# show nat64 pool
 NAT64 pool:
  10.1.1.3 tenant VRF: 0
  10.1.1.10 tenant VRF: 10

Declaration and implementation

Declaration: show_nat64_pool_command (src/plugins/nat/nat64_cli.c line 865)

Implementation: nat64_show_pool_command_fn.

show nat64 prefix

Summary/usage

show nat64 prefix.

Description

Example usage
vpp# show nat64 prefix
Show NAT64 prefix.
To show NAT64 prefix use:
 vpp# show nat64 prefix
 NAT64 prefix:
  2001:db8::/32 tenant-vrf 0
  2001:db8:122:300::/56 tenant-vrf 10

Declaration and implementation

Declaration: show_nat64_prefix_command (src/plugins/nat/nat64_cli.c line 1038)

Implementation: nat64_show_prefix_command_fn.

show nat64 session table

Summary/usage

show nat64 session table all|tcp|udp|icmp|unknown.

Description

Example usage
vpp# show nat64 session table
Show NAT64 session table.
To show NAT64 TCP session table use:
 vpp# show nat64 session table tcp
 NAT64 tcp session table:
  fd01:1::2 6303 64:ff9b::ac10:202 20 10.0.0.3 62303 172.16.2.2 20 tcp vrf 0
  fd01:3::2 6303 64:ff9b::ac10:202 20 10.0.10.3 21300 172.16.2.2 20 tcp vrf 10
To show NAT64 UDP session table use:
#vpp show nat64 session table udp
NAT64 udp session table:
 fd01:1::2 6304 64:ff9b::ac10:202 20 10.0.0.3 10546 172.16.2.2 20 udp vrf 0
 fd01:3::2 6304 64:ff9b::ac10:202 20 10.0.10.3 58627 172.16.2.2 20 udp vrf 10
 fd01:1::2 1235 64:ff9b::a00:3 4023 10.0.0.3 24488 10.0.0.3 4023 udp vrf 0
 fd01:1::3 23 64:ff9b::a00:3 24488 10.0.0.3 4023 10.0.0.3 24488 udp vrf 0
To show NAT64 ICMP session table use:
#vpp show nat64 session table icmp
NAT64 icmp session table:
 fd01:1::2 64:ff9b::ac10:202 6305 10.0.0.3 172.16.2.2 63209 icmp vrf 0

Declaration and implementation

Declaration: show_nat64_st_command (src/plugins/nat/nat64_cli.c line 1004)

Implementation: nat64_show_st_command_fn.

show nat64 timeouts

Summary/usage

show nat64 timeouts.

Description

Example usage
vpp# show nat64 timeoutss
Show NAT64 session timeouts:
 vpp# show nat64 timeouts
 NAT64 session timeouts:
  UDP 300sec
  ICMP 60sec
  TCP transitory 240sec
  TCP established 7440sec
  TCP incoming SYN 6sec

Declaration and implementation

Declaration: show_nat64_timeouts_command (src/plugins/nat/nat64_cli.c line 976)

Implementation: nat64_show_timeouts_command_fn.