Updated git submodules

[docs.git] / docs / user-guide / natapp-user-guide.rst

NATApp User Guide
=================

The NATApp User Guide contains information about configuration,
administration, management, using and troubleshooting the feature.

Overview
--------

NATApp provides network different types of address translation
functionality for OpenDaylight. After installing this feature, network
administrators can select the type of NAT functionality they want to
enable by sending a REST API command. Subsequently, the user may enter
the gloabl IP addresses to the YANG Data Store through REST APIs. When
an OpenDaylight managed enterprise network with local IPs tries to
connect to external networks such as Internet, NATApp comes into play
and installs appropriate flow rules at the OpenFlow switch for
bidirectional NAT translation.

NATApp Architecture
-------------------

NATApp listens on OpenFlow southbound interface for Packet\_In messages.
The application parses the message for header information. If the
received message has a local IP address the application installs rules
on the OpenFlow switch for network address translation from local to
global IP addresses. NATApp has NATPacketHandler class that implements
the PacketProcessing interface to override the OnPacketReceived
notification by which the application is notified of Packet\_In
messages.

Configuring NATApp
------------------

REST APIs are available at the following URI:
http://localhost:8181/apidoc/explorer/index.html#!/natapp(2016-01-25)

Mininet Topology
~~~~~~~~~~~~~~~~

::

    sudo mn --mac --topo=single,10 --controller=remote,ip=127.0.0.1,port=6653

Install a flow to flood the ARP packets.

::

    sh ovs-ofctl add-flow s1 dl_type=0x0806,actions=FLOOD

Check the flow for ARP Flooding

::

    sh ovs-ofctl dump-flows s1

Administering or Managing NATApp
--------------------------------

Static NAT and Dynamic NAT
~~~~~~~~~~~~~~~~~~~~~~~~~~

First user has to select the type of NAT he wants by using the following
URI:

POST URI
    http://localhost:8181/restconf/operations/natapp:nat-type

Sample Input
    {"natapp:input": { "type:static":""}}

Sample Input
    {"natapp:input": { "type:dynamic":""}}

Then user can inject the Global IPs using the following URI

PUT URI
    http://localhost:8181/restconf/config/natapp:staticNat/

Sample Input
    {"natapp:staticNat": {"globalIP":["172.0.0.1/32","172.0.0.2/32",
    "172.0.0.3/32", "172.0.0.4/32", "172.0.0.5/32", "172.0.0.6/32",
    "172.0.0.7/32", "172.0.0.8/32", "172.0.0.9/32", "172.0.0.10/32"] }}

From mininet verify any pair of hosts can ping each other. The NATApp
modifies the destination IP address of the ICMP Echo request with the
global IP address. Check the mininet flows for this modification.

::

    sh ovs-ofctl dump-flows s1

Port Address Translation (PAT)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

User can select PAT by using the following URI.

POST URI
    http://localhost:8181/restconf/operations/natapp:nat-type

Sample Input
    {"natapp:input": { "type:pat":""}}

Then user can inject the Global IPs using the following URI

PUT URI
    http://localhost:8181/restconf/config/natapp:patNat/

Sample Input
    {"natapp:patNat": {"globalIP":"172.0.0.1/32"}}

From Mininet use the command as xterm h1 h5. At h5 give the following
commands

::

    $ ip r add 172.0.0.1/32 dev h5-eth0
    $ arp -s 172.0.0.1 00:00:00:00:00:01
    $ nc -l 5000

At h1, Give the following command

::

    $ echo "TCS" | nc -p 8000 10.0.0.5 5000

::

    mininet> sh ovs-ofctl dump-flows s1
    NXST_FLOW reply (xid=0x4):
     cookie=0x0, duration=811.272s, table=0, n_packets=5, n_bytes=342, idle_age=13, priority=210,tcp,in_port=1,tp_src=8000 actions=mod_nw_src:172.0.0.1,mod_tp_src:2000,output:5
     cookie=0x0, duration=499.843s, table=0, n_packets=2, n_bytes=84, idle_age=13, arp actions=FLOOD
     cookie=0x0, duration=811.203s, table=0, n_packets=3, n_bytes=206, idle_age=13, priority=209,tcp,in_port=5,tp_dst=2000 actions=mod_nw_dst:10.0.0.1,mod_tp_dst:8000,output:1