nat: 1:1 policy NAT

A NAT sub-plugin doing statically configured match/rewrite on IP4 input or output.
It's stateless (no connection tracking).
Currently it supports rewriting of SA, DA and TCP/UDP ports.
It should be simple to add new rewrites if required.

API:
pnat_binding_add, pnat_binding_del, pnat_bindings_get, pnat_interfaces_get

CLI:
set pnat translation interface <name> match <5-tuple> rewrite <5-tuple> {in|out} [del]
show pnat translations
show pnat interfaces

Trying a new C based unit testing scheme. Where the graph node is tested
in isolation. See pnat/pnat_test.c.
Also added new cmake targets to generate coverage directly.
E.g.:
make test_pnat-ccov-report

File '/vpp/sdnat/src/plugins/nat/pnat/pnat.c':
Name                               Regions    Miss   Cover     Lines    Miss   Cover
------------------------------------------------------------------------------------
pnat_interface_by_sw_if_index           39       8  79.49%        13       0 100.00%
pnat_instructions_from_mask              9       0 100.00%        13       0 100.00%
pnat_binding_add                        64       8  87.50%        31       2  93.55%
pnat_flow_lookup                         4       4   0.00%        10      10   0.00%
pnat_binding_attach                    104      75  27.88%        33       6  81.82%
pnat_binding_detach                     30       5  83.33%        23       2  91.30%
pnat_binding_del                        97      33  65.98%        17       3  82.35%
pnat.c:pnat_calc_key_from_5tuple         9       1  88.89%        14       1  92.86%
pnat.c:pnat_interface_check_mask        10       2  80.00%        11       2  81.82%
pnat.c:pnat_enable                       5       0 100.00%        11       0 100.00%
pnat.c:pnat_enable_interface           107      26  75.70%        60      15  75.00%
pnat.c:pnat_disable_interface           91      30  67.03%        32       7  78.12%
pnat.c:pnat_disable                      7       2  71.43%        13       7  46.15%
------------------------------------------------------------------------------------
TOTAL                                  576     194  66.32%       281      55  80.43%

File '/vpp/sdnat/src/plugins/nat/pnat/pnat_node.h':
Name                               Regions    Miss   Cover     Lines    Miss   Cover
------------------------------------------------------------------------------------
pnat_test.c:pnat_node_inline            67      11  83.58%       115       1  99.13%
pnat_test.c:pnat_calc_key                9       2  77.78%        14       2  85.71%
pnat_test.c:pnat_rewrite_ip4            55      11  80.00%        60      12  80.00%
pnat_test.c:format_pnat_trace            1       1   0.00%        12      12   0.00%
pnat_node.c:pnat_node_inline            63      63   0.00%       115     115   0.00%
pnat_node.c:pnat_calc_key                9       9   0.00%        14      14   0.00%
pnat_node.c:pnat_rewrite_ip4            55      55   0.00%        60      60   0.00%
pnat_node.c:format_pnat_trace            5       5   0.00%        12      12   0.00%
------------------------------------------------------------------------------------
TOTAL                                  264     157  40.53%       402     228  43.28%

Type: feature
Change-Id: I9c897f833603054a8303e7369ebff6512517c9e0
Signed-off-by: Ole Troan <ot@cisco.com>
17 files changed
tree: bac6dbc08280e5bd6d5749ea56c862e6cdc38434
  1. build/
  2. build-data/
  3. build-root/
  4. docs/
  5. doxygen/
  6. extras/
  7. src/
  8. test/
  9. .clang-format
  10. .git_commit_template.txt
  11. .gitignore
  12. .gitreview
  13. INFO.yaml
  14. LICENSE
  15. MAINTAINERS
  16. Makefile
  17. README.md
  18. RELEASE.md
README.md

Vector Packet Processing

Introduction

The VPP platform is an extensible framework that provides out-of-the-box production quality switch/router functionality. It is the open source version of Cisco's Vector Packet Processing (VPP) technology: a high performance, packet-processing stack that can run on commodity CPUs.

The benefits of this implementation of VPP are its high performance, proven technology, its modularity and flexibility, and rich feature set.

For more information on VPP and its features please visit the FD.io website and What is VPP? pages.

Changes

Details of the changes leading up to this version of VPP can be found under @ref release_notes.

Directory layout

Directory nameDescription
build-dataBuild metadata
build-rootBuild output directory
doxygenDocumentation generator configuration
dpdkDPDK patches and build infrastructure
@ref extras/libmemifClient library for memif
@ref src/examplesVPP example code
@ref src/pluginsVPP bundled plugins directory
@ref src/svmShared virtual memory allocation library
src/testsStandalone tests (not part of test harness)
src/vatVPP API test program
@ref src/vlibVPP application library
@ref src/vlibapiVPP API library
@ref src/vlibmemoryVPP Memory management
@ref src/vnetVPP networking
@ref src/vppVPP application
@ref src/vpp-apiVPP application API bindings
@ref src/vppinfraVPP core library
@ref src/vpp/apiNot-yet-relocated API bindings
testUnit tests and Python test harness

Getting started

In general anyone interested in building, developing or running VPP should consult the VPP wiki for more complete documentation.

In particular, readers are recommended to take a look at [Pulling, Building, Running, Hacking, Pushing](https://wiki.fd.io/view/VPP/Pulling,_Building,_Run ning,_Hacking_and_Pushing_VPP_Code) which provides extensive step-by-step coverage of the topic.

For the impatient, some salient information is distilled below.

Quick-start: On an existing Linux host

To install system dependencies, build VPP and then install it, simply run the build script. This should be performed a non-privileged user with sudo access from the project base directory:

./extras/vagrant/build.sh

If you want a more fine-grained approach because you intend to do some development work, the Makefile in the root directory of the source tree provides several convenience shortcuts as make targets that may be of interest. To see the available targets run:

make

Quick-start: Vagrant

The directory extras/vagrant contains a VagrantFile and supporting scripts to bootstrap a working VPP inside a Vagrant-managed Virtual Machine. This VM can then be used to test concepts with VPP or as a development platform to extend VPP. Some obvious caveats apply when using a VM for VPP since its performance will never match that of bare metal; if your work is timing or performance sensitive, consider using bare metal in addition or instead of the VM.

For this to work you will need a working installation of Vagrant. Instructions for this can be found [on the Setting up Vagrant wiki page] (https://wiki.fd.io/view/DEV/Setting_Up_Vagrant).

More information

Several modules provide documentation, see @subpage user_doc for more end-user-oriented information. Also see @subpage dev_doc for developer notes.

Visit the VPP wiki for details on more advanced building strategies and other development notes.

Test Framework

There is PyDoc generated documentation available for the VPP test framework. See @ref test_framework_doc for details.