diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2023-07-28 20:29:01 +0000 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2023-07-31 12:47:13 +0000 |
commit | b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a (patch) | |
tree | 9d199fbc4d1f5b31a81f3ec1a68fc6d8dfc0f27d /smoketest | |
parent | 26af45a61bbe8b219b57127a869e723b11886522 (diff) | |
download | vyos-1x-b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a.tar.gz vyos-1x-b7825f1f2b9b3ff7d25e8e072d60db7b70fa250a.zip |
T5014: nat: add source and destination nat options for configuring load balance within a single rule.
Diffstat (limited to 'smoketest')
-rwxr-xr-x | smoketest/scripts/cli/test_nat.py | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index 02fa03f7b..673be9905 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -231,5 +231,42 @@ class TestNAT(VyOSUnitTestSHIM.TestCase): self.verify_nftables(nftables_search, 'ip vyos_static_nat') + def test_nat_balance(self): + ifname = 'eth0' + member_1 = '198.51.100.1' + weight_1 = '10' + member_2 = '198.51.100.2' + weight_2 = '90' + member_3 = '192.0.2.1' + weight_3 = '35' + member_4 = '192.0.2.2' + weight_4 = '65' + dst_port = '443' + + self.cli_set(dst_path + ['rule', '1', 'inbound-interface', ifname]) + self.cli_set(dst_path + ['rule', '1', 'protocol', 'tcp']) + self.cli_set(dst_path + ['rule', '1', 'destination', 'port', dst_port]) + self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'source-address']) + self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'source-port']) + self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'destination-address']) + self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'destination-port']) + self.cli_set(dst_path + ['rule', '1', 'balance', 'member', member_1, 'weight', weight_1]) + self.cli_set(dst_path + ['rule', '1', 'balance', 'member', member_2, 'weight', weight_2]) + + self.cli_set(src_path + ['rule', '1', 'outbound-interface', ifname]) + self.cli_set(src_path + ['rule', '1', 'balance', 'hash', 'random']) + self.cli_set(src_path + ['rule', '1', 'balance', 'member', member_3, 'weight', weight_3]) + self.cli_set(src_path + ['rule', '1', 'balance', 'member', member_4, 'weight', weight_4]) + + self.cli_commit() + + nftables_search = [ + [f'iifname "{ifname}"', f'tcp dport {dst_port}', f'dnat to jhash ip saddr . tcp sport . ip daddr . tcp dport mod 100 map', f'0-9 : {member_1}, 10-99 : {member_2}'], + [f'oifname "{ifname}"', f'snat to numgen random mod 100 map', f'0-34 : {member_3}, 35-99 : {member_4}'] + ] + + self.verify_nftables(nftables_search, 'ip vyos_nat') + + if __name__ == '__main__': unittest.main(verbosity=2) |