[ONOS-7951] Use Stateful SNAT to handle N-S traffic in openstack
Change-Id: Ife7284d2ebd3ade7ce968005a69dff98857a65f3
diff --git a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/util/RulePopulatorUtil.java b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/util/RulePopulatorUtil.java
index b5abaec..dace1ff 100644
--- a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/util/RulePopulatorUtil.java
+++ b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/util/RulePopulatorUtil.java
@@ -17,6 +17,7 @@
import org.onlab.packet.Ip4Address;
import org.onlab.packet.IpAddress;
+import org.onlab.packet.TpPort;
import org.onosproject.net.Device;
import org.onosproject.net.DeviceId;
import org.onosproject.net.behaviour.ExtensionSelectorResolver;
@@ -53,11 +54,22 @@
private static final String CT_PRESENT_FLAGS = "presentFlags";
private static final String CT_IPADDRESS_MIN = "ipAddressMin";
private static final String CT_IPADDRESS_MAX = "ipAddressMax";
+ private static final String CT_PORT_MIN = "portMin";
+ private static final String CT_PORT_MAX = "portMax";
+ private static final String CT_NESTED_ACTIONS = "nestedActions";
- private static final int ADDRESS_MIN_FLAG = 0;
- private static final int ADDRESS_MAX_FLAG = 1;
- private static final int PORT_MIN_FLAG = 2;
- private static final int PORT_MAX_FLAG = 3;
+ public static final int CT_NAT_SRC_FLAG = 0;
+ public static final int CT_NAT_DST_FLAG = 1;
+ public static final int CT_NAT_PERSISTENT_FLAG = 2;
+ public static final int CT_NAT_PROTO_HASH_FLAG = 3;
+ public static final int CT_NAT_PROTO_RANDOM_FLAG = 4;
+
+ private static final int ADDRESS_V4_MIN_FLAG = 0;
+ private static final int ADDRESS_V4_MAX_FLAG = 1;
+ private static final int ADDRESS_V6_MIN_FLAG = 2;
+ private static final int ADDRESS_V6_MAX_FLAG = 3;
+ private static final int PORT_MIN_FLAG = 4;
+ private static final int PORT_MAX_FLAG = 5;
// Refer to http://openvswitch.org/support/dist-docs/ovs-fields.7.txt for the values
public static final long CT_STATE_NONE = 0;
@@ -76,9 +88,9 @@
* @param id DeviceId
* @return a builder for OVS Connection Tracking feature actions
*/
- public static NiriraConnTrackTreatmentBuilder
+ public static NiciraConnTrackTreatmentBuilder
niciraConnTrackTreatmentBuilder(DriverService ds, DeviceId id) {
- return new NiriraConnTrackTreatmentBuilder(ds, id);
+ return new NiciraConnTrackTreatmentBuilder(ds, id);
}
/**
@@ -207,18 +219,21 @@
/**
* Builder class for OVS Connection Tracking feature actions.
*/
- public static final class NiriraConnTrackTreatmentBuilder {
+ public static final class NiciraConnTrackTreatmentBuilder {
private DriverService driverService;
private DeviceId deviceId;
private IpAddress natAddress = null;
+ private TpPort natPortMin = null;
+ private TpPort natPortMax = null;
private int zone;
private boolean commit;
private short table = -1;
private boolean natAction;
+ private int natFlag;
-
- private NiriraConnTrackTreatmentBuilder(DriverService driverService,
+ // private constructor
+ private NiciraConnTrackTreatmentBuilder(DriverService driverService,
DeviceId deviceId) {
this.driverService = driverService;
this.deviceId = deviceId;
@@ -230,7 +245,7 @@
* @param c true if commit, false if not.
* @return NiriraConnTrackTreatmentBuilder object
*/
- public NiriraConnTrackTreatmentBuilder commit(boolean c) {
+ public NiciraConnTrackTreatmentBuilder commit(boolean c) {
this.commit = c;
return this;
}
@@ -241,7 +256,7 @@
* @param z zone number
* @return NiriraConnTrackTreatmentBuilder object
*/
- public NiriraConnTrackTreatmentBuilder zone(int z) {
+ public NiciraConnTrackTreatmentBuilder zone(int z) {
this.zone = z;
return this;
}
@@ -252,7 +267,7 @@
* @param t table number to restart
* @return NiriraConnTrackTreatmentBuilder object
*/
- public NiriraConnTrackTreatmentBuilder table(short t) {
+ public NiciraConnTrackTreatmentBuilder table(short t) {
this.table = t;
return this;
}
@@ -263,18 +278,56 @@
* @param ip NAT IP address
* @return NiriraConnTrackTreatmentBuilder object
*/
- public NiriraConnTrackTreatmentBuilder natIp(IpAddress ip) {
+ public NiciraConnTrackTreatmentBuilder natIp(IpAddress ip) {
this.natAddress = ip;
return this;
}
/**
+ * Sets min port for NAT.
+ *
+ * @param port port number
+ * @return NiciraConnTrackTreatmentBuilder object
+ */
+ public NiciraConnTrackTreatmentBuilder natPortMin(TpPort port) {
+ this.natPortMin = port;
+ return this;
+ }
+
+ /**
+ * Sets max port for NAT.
+ *
+ * @param port port number
+ * @return NiciraConnTrackTreatmentBuilder object
+ */
+ public NiciraConnTrackTreatmentBuilder natPortMax(TpPort port) {
+ this.natPortMax = port;
+ return this;
+ }
+
+ /**
+ * Sets NAT flags.
+ * SRC NAT: 1 << 0
+ * DST NAT: 1 << 1
+ * PERSISTENT NAT: 1 << 2
+ * PROTO_HASH NAT: 1 << 3
+ * PROTO_RANDOM NAT : 1 << 4
+ *
+ * @param flag flag value
+ * @return NiciraConnTrackTreatmentBuilder object
+ */
+ public NiciraConnTrackTreatmentBuilder natFlag(int flag) {
+ this.natFlag = 1 << flag;
+ return this;
+ }
+
+ /**
* Sets the flag for NAT action.
*
* @param nat nat action is included if true, no nat action otherwise
* @return NiriraConnTrackTreatmentBuilder object
*/
- public NiriraConnTrackTreatmentBuilder natAction(boolean nat) {
+ public NiciraConnTrackTreatmentBuilder natAction(boolean nat) {
this.natAction = nat;
return this;
}
@@ -286,21 +339,37 @@
*/
public ExtensionTreatment build() {
DriverHandler handler = driverService.createHandler(deviceId);
- ExtensionTreatmentResolver etr = handler.behaviour(ExtensionTreatmentResolver.class);
+ ExtensionTreatmentResolver etr =
+ handler.behaviour(ExtensionTreatmentResolver.class);
ExtensionTreatment natTreatment = etr.getExtensionInstruction(
ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_NAT.type());
try {
- if (natAddress != null) {
- natTreatment.setPropertyValue(CT_FLAGS, 1);
- natTreatment.setPropertyValue(CT_PRESENT_FLAGS,
- buildPresentFlag(false, true));
- natTreatment.setPropertyValue(CT_IPADDRESS_MIN, natAddress);
- natTreatment.setPropertyValue(CT_IPADDRESS_MAX, natAddress);
- } else {
+
+ if (natAddress == null && natPortMin == null && natPortMax == null) {
natTreatment.setPropertyValue(CT_FLAGS, 0);
natTreatment.setPropertyValue(CT_PRESENT_FLAGS, 0);
+ } else {
+ natTreatment.setPropertyValue(CT_FLAGS, this.natFlag);
+
+ natTreatment.setPropertyValue(CT_PRESENT_FLAGS,
+ buildPresentFlag((natPortMin != null && natPortMax != null),
+ natAddress != null));
}
+
+ if (natAddress != null) {
+ natTreatment.setPropertyValue(CT_IPADDRESS_MIN, natAddress);
+ natTreatment.setPropertyValue(CT_IPADDRESS_MAX, natAddress);
+ }
+
+ if (natPortMin != null) {
+ natTreatment.setPropertyValue(CT_PORT_MIN, natPortMin.toInt());
+ }
+
+ if (natPortMax != null) {
+ natTreatment.setPropertyValue(CT_PORT_MAX, natPortMax.toInt());
+ }
+
} catch (Exception e) {
log.error("Failed to set NAT due to error : {}", e);
return null;
@@ -316,7 +385,7 @@
ctTreatment.setPropertyValue(CT_FLAGS, commit ? 1 : 0);
ctTreatment.setPropertyValue(CT_ZONE, zone);
ctTreatment.setPropertyValue(CT_TABLE, table > -1 ? table : 0xff);
- ctTreatment.setPropertyValue("nestedActions", nat);
+ ctTreatment.setPropertyValue(CT_NESTED_ACTIONS, nat);
} catch (Exception e) {
log.error("Failed to set CT due to error : {}", e);
return null;
@@ -330,11 +399,12 @@
int presentFlag = 0;
if (isPortPresent) {
- presentFlag = presentFlag | 1 << PORT_MIN_FLAG | 1 << PORT_MAX_FLAG;
+ presentFlag = 1 << PORT_MIN_FLAG | 1 << PORT_MAX_FLAG;
}
if (isAddressPresent) {
- presentFlag = 1 << ADDRESS_MIN_FLAG | 1 << ADDRESS_MAX_FLAG;
+ // TODO: need to support IPv6 address
+ presentFlag = presentFlag | 1 << ADDRESS_V4_MIN_FLAG | 1 << ADDRESS_V4_MAX_FLAG;
}
return presentFlag;