Skip to content

NAT example

Jump to bottom
Gregory Shimansky edited this page Dec 19, 2017 · 7 revisions

NAT example is a fully functional network address translation program written entirely in userspace using YANFF. To run it it is necessary to configure two interfaces, one for private network and another for public. NAT example supports multiple private-public interface pairs, but this instruction describes running NAT with just one pair.

The following applies to running YANFF example on two virtual machines which can be brought up using vagrant up command in vagrant directory. This command creates two virtual machines yanff-0 and yanff-1 connected with two virtual network cables on interfaces enp0s8 and enp0s9. In DPDK these interfaces are bound on port 0 and 1.

Let our yanff-0 machine interface enp0s8 be private network, yanff-0 machine interface enp0s9 be public network, and yanff-1 be the NAT host. First it is necessary to configure static IP addresses on private and public interfaces on yanff-0. By default VMs are started up with network ports bound to DPDK driver. It is necessary to either reboot yanff-0 or execute command unbindports on it. After that command ifconfig -a should show interfaces enp0s8 and enp0s9 with unassigned IPs.

Network manager is not installed on VMs by default, so we are using classic Ubuntu network configuration. Create two files in /etc/network/interfaces.d: File 10-enp0s8.cfg:

iface enp0s8 inet static
address 192.168.14.2
netmask 255.255.255.0
broadcast 192.168.14.255

and file 10-enp0s9.cfg:

iface enp0s9 inet static
address 192.168.16.2
netmask 255.255.255.0
broadcast 192.168.16.255

After that execute commands ifup enp0s8 and ifup enp0s9 and it should assign address 192.168.14.2 to interface enp0s8 and address 192.168.16.2 to interface enp0s9.

If you are using network manager, the following commands should create necessary configuration and bring interfaces up:

nmcli c add type ethernet ifname enp0s8 con-name enp0s8 ip4 192.168.14.2/24
nmcli c up enp0s8
nmcli c add type ethernet ifname enp0s9 con-name enp0s9 ip4 192.168.16.2/24
nmcli c up enp0s9

Second it is necessary to configure NAT on yanff-1. This is a sample config.json file which should work for this VMs configuration:

{
    "port-pairs": [
        {
            "private-port": {
                "index": 0,
                "subnet": "192.168.14.1/24"
            },
            "public-port": {
                "index": 1,
                "dst-mac": "08:00:27:bb:92:1d",
                "subnet": "192.168.16.1"
            }
        }
    ]
}

This configuration tells NAT that its IP address on private interface is 192.168.14.1 and its IP address on public interface is 192.168.16.1. Please note that dst-mac for public-port should have MAC address of enp0s9 interface of yanff-0. It is necessary because currently NAT example supports only one server in public network because ARP protocol is not fully implemented in NAT, and it is not able to send ARP requests. Therefore it is necessary to tell NAT the destination MAC address for packets going to the public network.

With this configuration it is possible only to ping NAT host from yanff-0 because add packets to public address 192.168.16.2 would go directly without affecting NAT. But it is possible to test ICMP packets handling: ping 192.168.14.1 and ping 192.168.16.1 commands should work correctly.

Clone this wiki locally