Skip to content

Commit

Permalink
T6411: CGNAT fix sequences for external address ranges
Browse files Browse the repository at this point in the history 
Fix the bug where address external alocation was not rely on sequences
of the external IP addresses (if set)
  • Loading branch information
@sever-sever
sever-sever committed May 28, 2024
1 parent 48e5266 commit 55e02be
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 1 deletion.
39 changes: 39 additions & 0 deletions smoketest/scripts/cli/test_cgnat.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,5 +95,44 @@ def test_cgnat(self):
self.verify_nftables(nftables_search, 'ip cgnat', inverse=False, args='-s')


def test_cgnat_sequence(self):
internal_name = 'earth'
external_name = 'milky_way'
internal_net = '100.64.0.0/28'

ext_addr_alpha_proxima = '192.0.2.121/32'
ext_addr_beta_cygni = '198.51.100.23/32'
ext_addr_gamma_leonis = '203.0.113.102/32'

ext_seq_beta_cygni = '3'
ext_seq_gamma_leonis = '10'

external_ports = '1024-65535'
ports_per_subscriber = '10000'
rule = '100'

nftables_search = [
['100.64.0.0 : 198.51.100.23 . 1024-11023, 100.64.0.1 : 198.51.100.23 . 11024-21023'],
['100.64.0.4 : 198.51.100.23 . 41024-51023, 100.64.0.5 : 198.51.100.23 . 51024-61023'],
['100.64.0.6 : 203.0.113.102 . 1024-11023, 100.64.0.7 : 203.0.113.102 . 11024-21023'],
['100.64.0.8 : 203.0.113.102 . 21024-31023, 100.64.0.9 : 203.0.113.102 . 31024-41023'],
['100.64.0.10 : 203.0.113.102 . 41024-51023, 100.64.0.11 : 203.0.113.102 . 51024-61023'],
['100.64.0.12 : 192.0.2.121 . 1024-11023, 100.64.0.13 : 192.0.2.121 . 11024-21023'],
['100.64.0.14 : 192.0.2.121 . 21024-31023, 100.64.0.15 : 192.0.2.121 . 31024-41023'],
]

self.cli_set(base_path + ['pool', 'external', external_name, 'external-port-range', external_ports])
self.cli_set(base_path + ['pool', 'external', external_name, 'per-user-limit', 'port', ports_per_subscriber])
self.cli_set(base_path + ['pool', 'external', external_name, 'range', ext_addr_alpha_proxima])
self.cli_set(base_path + ['pool', 'external', external_name, 'range', ext_addr_beta_cygni, 'seq', ext_seq_beta_cygni])
self.cli_set(base_path + ['pool', 'external', external_name, 'range', ext_addr_gamma_leonis, 'seq', ext_seq_gamma_leonis])
self.cli_set(base_path + ['pool', 'internal', internal_name, 'range', internal_net])
self.cli_set(base_path + ['rule', rule, 'source', 'pool', internal_name])
self.cli_set(base_path + ['rule', rule, 'translation', 'pool', external_name])
self.cli_commit()

self.verify_nftables(nftables_search, 'ip cgnat', inverse=False, args='-s')


if __name__ == '__main__':
unittest.main(verbosity=2)
6 changes: 5 additions & 1 deletion src/conf_mode/nat_cgnat.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -252,7 +252,11 @@ def generate(config):
ext_pool_name: str = rule_config['translation']['pool']
int_pool_name: str = rule_config['source']['pool']

external_ranges: list = [range for range in config['pool']['external'][ext_pool_name]['range']]
# Sort the external ranges by sequence
external_ranges: list = sorted(
config['pool']['external'][ext_pool_name]['range'],
key=lambda r: int(config['pool']['external'][ext_pool_name]['range'][r].get('seq', 999999))
)
internal_ranges: list = [range for range in config['pool']['internal'][int_pool_name]['range']]
external_list_hosts_count = []
external_list_hosts = []
Expand Down

0 comments on commit 55e02be

Please sign in to comment.