nat

package

v0.0.0-...-6b04af2 Latest Latest Go to latest Published: Mar 3, 2017 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/iovisor/iovisor-ovn

Links

Open Source Insights

README ¶

NAT IOModule

This module is a NAT that implements source address translation. In particular PAT algorithm is applied: source IP Address and Ports are changed in order to hide intern private ip addresses and exit on the internet (or another network) with only one public IP address.

notes:

first port is always attached to internal network, second port to external one.
nat iomodule should be part of the code of the router. This is not possible for framework issues (hover does not allow to use 1+ eBPF programs inside the same iomodule).
this is a transparent nat:
always attach a nat to a router.
the layer 2 (arp request, layer 2 rewrite) is managed by the router.
the nat only modifies packet layers 3-4

API:

SetPublicIp(ip string): Set public ip address
ip: public ip address. (e.g. 10.10.1.100)

How to use

Using iovisor-ovn daemon in standalone mode, the user can deploy and configure a single or a chain of IOModules. The entire setup can be deployed starting from a YAML configuration file.

$GOPATH/bin/iovisorovnd -file <configuration.yaml>

Some examples are available in /examples folder:

Nat and Router

Please note that NAT IOModule Must be deployed attached to a Router.

YAML Configuration Format

The following is an example of the configuration of a NAT:

[...]
- name: Nat
type: nat
config:
public_ip: 10.10.1.100

[...]

public_ip: defines public ip address.

Limitations

The first port of the nat is always attached to the internal network.
The second port of the nat is always attached to the public network.
No cleanup is performed on the nat tables entries
The mechanism to choose the source port is incremental starting from port 1025.

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2017 Politecnico di Torino ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

Variables
type NatModule
- func Create(hc *hover.Client) *NatModule
type NatModuleInterface

Constants ¶

This section is empty.

Variables ¶

View Source

var NatCode = `` /* 16194-byte string literal not displayed */

Functions ¶

This section is empty.

Types ¶

type NatModule ¶

type NatModule struct {
	ModuleId   string
	PortsCount int //number of allocated ports
	Interfaces map[string]*NatModuleInterface
	// contains filtered or unexported fields
}

func Create ¶

func Create(hc *hover.Client) *NatModule

func (*NatModule) AttachExternalInterface ¶

func (n *NatModule) AttachExternalInterface(ifaceName string) (err error)

func (*NatModule) AttachToIoModule ¶

func (n *NatModule) AttachToIoModule(ifaceId int, ifaceName string) (err error)

func (*NatModule) Configure ¶

func (n *NatModule) Configure(conf interface{}) (err error)

func (*NatModule) Deploy ¶

func (n *NatModule) Deploy() (err error)

func (*NatModule) Destroy ¶

func (n *NatModule) Destroy() (err error)

func (*NatModule) DetachExternalInterface ¶

func (n *NatModule) DetachExternalInterface(ifaceName string) (err error)

func (*NatModule) DetachFromIoModule ¶

func (n *NatModule) DetachFromIoModule(ifaceName string) (err error)

func (*NatModule) GetModuleId ¶

func (n *NatModule) GetModuleId() string

func (*NatModule) SetPublicIp ¶

func (n *NatModule) SetPublicIp(ip net.IP) (err error)

type NatModuleInterface ¶

type NatModuleInterface struct {
	IfaceIdRedirectHover int    //Iface id inside hover (relative to the m:1234 the interface is attached to ...) and provided my the extended hover /links/ API
	IfaceFd              int    //Interface Fd inside External_Ids (42, etc...)
	LinkIdHover          string //iomodules Link Id
	IfaceName            string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL