From 6f9e6159be265ca91f873576d15ccbbc061fed8d Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Sun, 7 Apr 2024 14:15:36 +0000 Subject: T5169: Add PoC for generating CGNAT rules rfc6888 Add PoC for generating CGNAT rules https://datatracker.ietf.org/doc/html/rfc6888 Not all requirements are implemented, but some of them. Implemented: REQ-2 ``` A CGN MUST have a default "IP address pooling" behavior of "Paired" CGN must use the same external IP address mapping for all sessions associated with the same internal IP address, be they TCP, UDP, ICMP, something else, or a mix of different protocols. ``` REQ-3 ``` The CGN function SHOULD NOT have any limitations on the size or the contiguity of the external address pool ``` REQ-4 ``` A CGN MUST support limiting the number of external ports (or, equivalently, "identifiers" for ICMP) that are assigned per subscriber ``` CLI: ``` set nat cgnat pool external ext1 external-port-range '1024-65535' set nat cgnat pool external ext1 per-user-limit port '1000' set nat cgnat pool external ext1 range 192.0.2.222/32 set nat cgnat pool internal int1 range '100.64.0.0/28' set nat cgnat rule 10 source pool 'int1' set nat cgnat rule 10 translation pool 'ext1' ``` --- interface-definitions/nat_cgnat.xml.in | 197 +++++++++++++++++++++++++++++++++ 1 file changed, 197 insertions(+) create mode 100644 interface-definitions/nat_cgnat.xml.in (limited to 'interface-definitions') diff --git a/interface-definitions/nat_cgnat.xml.in b/interface-definitions/nat_cgnat.xml.in new file mode 100644 index 000000000..caa26b4d9 --- /dev/null +++ b/interface-definitions/nat_cgnat.xml.in @@ -0,0 +1,197 @@ + + + + + + + Carrier-grade NAT (CGNAT) parameters + 221 + + + + + External and internal pool parameters + + + + + External pool name + + txt + External pool name + + + #include + + Name of pool can only contain alpha-numeric letters, hyphen and underscores + + + + + Port range + + range + Numbered port range (e.g., 1001-1005) + + + + + + 1024-65535 + + + + Per user limits for the pool + + + + + Ports per user + + u32:1-65535 + Numeric IP port + + + + + + 2000 + + + + + + Range of IP addresses + + ipv4net + IPv4 prefix + + + ipv4range + IPv4 address range + + + + + + + + + + + Sequence + + u32:1-999999 + Sequence number + + + + + Sequence number must be between 1 and 999999 + + + + + + + + + Internal pool name + + txt + Internal pool name + + + #include + + Name of pool can only contain alpha-numeric letters, hyphen and underscores + + + + + Range of IP addresses + + ipv4net + IPv4 prefix + + + ipv4range + IPv4 address range + + + + + + + + + + + + + + + Rule + + u32:1-999999 + Number for this CGNAT rule + + + + + Rule number must be between 1 and 999999 + + + + + Source parameters + + + + + Source internal pool + + nat cgnat pool internal + + + txt + Source internal pool name + + + #include + + Name of pool can only contain alpha-numeric letters, hyphen and underscores + + + + + + + Translation parameters + + + + + Translation external pool + + nat cgnat pool external + + + txt + Translation external pool name + + + #include + + Name of pool can only contain alpha-numeric letters, hyphen and underscores + + + + + + + + + + + -- cgit v1.2.3