natservice/impl/src/main/java/org/opendaylight/netvirt/natservice/internal/ConntrackBasedSnatService.java

   1 /*
   2  * Copyright (c) 2017 Red Hat, Inc. and others. All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.netvirt.natservice.internal;
   9
  10 import com.google.common.base.Optional;
  11 import java.math.BigInteger;
  12 import java.util.ArrayList;
  13 import java.util.List;
  14 import java.util.concurrent.ExecutionException;
  15 import org.apache.commons.lang3.tuple.ImmutablePair;
  16 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
  17 import org.opendaylight.genius.datastoreutils.listeners.DataTreeEventCallbackRegistrar;
  18 import org.opendaylight.genius.infra.Datastore.Configuration;
  19 import org.opendaylight.genius.infra.TypedReadWriteTransaction;
  20 import org.opendaylight.genius.infra.TypedWriteTransaction;
  21 import org.opendaylight.genius.interfacemanager.interfaces.IInterfaceManager;
  22 import org.opendaylight.genius.mdsalutil.ActionInfo;
  23 import org.opendaylight.genius.mdsalutil.InstructionInfo;
  24 import org.opendaylight.genius.mdsalutil.MatchInfo;
  25 import org.opendaylight.genius.mdsalutil.MatchInfoBase;
  26 import org.opendaylight.genius.mdsalutil.MetaDataUtil;
  27 import org.opendaylight.genius.mdsalutil.NWUtil;
  28 import org.opendaylight.genius.mdsalutil.NwConstants;
  29 import org.opendaylight.genius.mdsalutil.actions.ActionNxConntrack;
  30 import org.opendaylight.genius.mdsalutil.actions.ActionNxConntrack.NxCtAction;
  31 import org.opendaylight.genius.mdsalutil.actions.ActionNxCtClear;
  32 import org.opendaylight.genius.mdsalutil.actions.ActionNxLoadInPort;
  33 import org.opendaylight.genius.mdsalutil.actions.ActionNxLoadMetadata;
  34 import org.opendaylight.genius.mdsalutil.actions.ActionNxResubmit;
  35 import org.opendaylight.genius.mdsalutil.actions.ActionSetFieldEthernetSource;
  36 import org.opendaylight.genius.mdsalutil.instructions.InstructionApplyActions;
  37 import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
  38 import org.opendaylight.genius.mdsalutil.matches.MatchEthernetType;
  39 import org.opendaylight.genius.mdsalutil.matches.MatchIpv4Destination;
  40 import org.opendaylight.genius.mdsalutil.matches.MatchMetadata;
  41 import org.opendaylight.genius.mdsalutil.nxmatches.NxMatchCtState;
  42 import org.opendaylight.netvirt.fibmanager.api.IFibManager;
  43 import org.opendaylight.netvirt.natservice.ha.NatDataUtil;
  44 import org.opendaylight.netvirt.vpnmanager.api.IVpnFootprintService;
  45 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
  46 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.idmanager.rev160406.IdManagerService;
  47 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.OdlInterfaceRpcService;
  48 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.itm.rpcs.rev160406.ItmRpcService;
  49 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.l3vpn.rev130911.vpn.instance.op.data.vpn.instance.op.data.entry.vpn.to.dpn.list.IpAddresses;
  50 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ext.routers.Routers;
  51 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ext.routers.routers.ExternalIps;
  52 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.external.subnets.Subnets;
  53 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.types.rev160517.IpPrefixOrAddressBuilder;
  54 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.action.rev140421.NxActionNatFlags;
  55 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.action.rev140421.NxActionNatRangePresent;
  56 import org.slf4j.Logger;
  57 import org.slf4j.LoggerFactory;
  58
  59 public abstract class ConntrackBasedSnatService extends AbstractSnatService {
  60     private static final Logger LOG = LoggerFactory.getLogger(ConntrackBasedSnatService.class);
  61
  62     protected static final int TRACKED_NEW_CT_STATE = 0x21;
  63     protected static final int TRACKED_NEW_CT_MASK = 0x21;
  64     protected static final int SNAT_CT_STATE = 0x40;
  65     protected static final int SNAT_CT_STATE_MASK = 0x40;
  66     protected static final int DNAT_CT_STATE = 0x80;
  67     protected static final int DNAT_CT_STATE_MASK = 0x80;
  68
  69     public ConntrackBasedSnatService(DataBroker dataBroker, IMdsalApiManager mdsalManager, ItmRpcService itmManager,
  70                                      IdManagerService idManager, NAPTSwitchSelector naptSwitchSelector,
  71                                      OdlInterfaceRpcService odlInterfaceRpcService,
  72                                      IInterfaceManager interfaceManager, IVpnFootprintService vpnFootprintService,
  73                                      IFibManager fibManager, NatDataUtil natDataUtil,
  74                                      DataTreeEventCallbackRegistrar eventCallbacks) {
  75         super(dataBroker, mdsalManager, itmManager, odlInterfaceRpcService, idManager, naptSwitchSelector,
  76                 interfaceManager, vpnFootprintService, fibManager, natDataUtil, eventCallbacks);
  77     }
  78
  79     @Override
  80     protected void addSnatSpecificEntriesForNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
  81         Routers routers, BigInteger dpnId) {
  82         LOG.info("installSnatSpecificEntriesForNaptSwitch: called for router {}",
  83             routers.getRouterName());
  84         String routerName = routers.getRouterName();
  85         Long routerId = NatUtil.getVpnId(confTx, routerName);
  86         int elanId = NatUtil.getElanInstanceByName(confTx, routers.getNetworkId().getValue())
  87             .getElanTag().intValue();
  88         if (routerId == NatConstants.INVALID_ID) {
  89             LOG.error("InvalidRouterId: unable to installSnatSpecificEntriesForNaptSwitch on dpn {}", dpnId);
  90             return;
  91         }
  92         /* Install Outbound NAT entries */
  93
  94         addSnatMissEntryForPrimrySwch(confTx, dpnId, routerId, elanId);
  95
  96         String extGwMacAddress = NatUtil.getExtGwMacAddFromRouterName(confTx, routerName);
  97         addOutboundTblTrackEntry(confTx, dpnId, routerId, extGwMacAddress);
  98         for (ExternalIps externalIp : routers.nonnullExternalIps()) {
  99             if (!NWUtil.isIpv4Address(externalIp.getIpAddress())) {
 100                 // In this class we handle only IPv4 use-cases.
 101                 continue;
 102             }
 103             //The logic now handle only one external IP per router, others if present will be ignored.
 104             long extSubnetId = NatUtil.getExternalSubnetVpnId(confTx, externalIp.getSubnetId());
 105             addOutboundTblEntry(confTx, dpnId, routerId, externalIp.getIpAddress(), elanId, extGwMacAddress);
 106             addNaptPfibFlow(confTx, routers, dpnId, routerId, extSubnetId);
 107
 108             //Install Inbound NAT entries
 109             addInboundEntry(confTx, dpnId, routerId, externalIp.getIpAddress(), elanId, extSubnetId);
 110             addNaptPfibEntry(confTx, dpnId, routerId);
 111
 112             String fibExternalIp = NatUtil.validateAndAddNetworkMask(externalIp.getIpAddress());
 113             Optional<Subnets> externalSubnet = NatUtil.getOptionalExternalSubnets(confTx, externalIp.getSubnetId());
 114             if (externalSubnet.isPresent()) {
 115                 String externalVpn =  externalIp.getSubnetId().getValue();
 116                 String vpnRd = NatUtil.getVpnRd(confTx, externalVpn);
 117                 vpnFootprintService.updateVpnToDpnMapping(dpnId, externalVpn, vpnRd, null /* interfaceName*/,
 118                     new ImmutablePair<>(IpAddresses.IpAddressSource.ExternalFixedIP, fibExternalIp),
 119                     true);
 120             }
 121             break;
 122         }
 123     }
 124
 125     @Override
 126     protected void removeSnatSpecificEntriesForNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
 127             Routers routers, BigInteger dpnId) throws ExecutionException, InterruptedException {
 128         LOG.info("installSnatSpecificEntriesForNaptSwitch: called for router {}",
 129             routers.getRouterName());
 130         String routerName = routers.getRouterName();
 131         Long routerId = NatUtil.getVpnId(confTx, routerName);
 132         if (routerId == NatConstants.INVALID_ID) {
 133             LOG.error("InvalidRouterId: unable to installSnatSpecificEntriesForNaptSwitch on dpn {}", dpnId);
 134             return;
 135         }
 136         /* Remove Outbound NAT entries */
 137
 138         removeSnatMissEntryForPrimrySwch(confTx, dpnId, routerId);
 139
 140         removeOutboundTblTrackEntry(confTx, dpnId, routerId);
 141         for (ExternalIps externalIp : routers.nonnullExternalIps()) {
 142             if (!NWUtil.isIpv4Address(externalIp.getIpAddress())) {
 143                 // In this class we handle only IPv4 use-cases.
 144                 continue;
 145             }
 146             //The logic now handle only one external IP per router, others if present will be ignored.
 147             removeOutboundTblEntry(confTx, dpnId, routerId);
 148             removeNaptPfibFlow(confTx, routers, dpnId, routerId);
 149
 150             //Install Inbound NAT entries
 151             removeInboundEntry(confTx, dpnId, routerId);
 152             removeNaptPfibEntry(confTx, dpnId, routerId);
 153
 154             String fibExternalIp = NatUtil.validateAndAddNetworkMask(externalIp.getIpAddress());
 155             Optional<Subnets> externalSubnet = NatUtil.getOptionalExternalSubnets(confTx, externalIp.getSubnetId());
 156             if (externalSubnet.isPresent()) {
 157                 String externalVpn =  externalIp.getSubnetId().getValue();
 158                 String vpnRd = NatUtil.getVpnRd(confTx, externalVpn);
 159                 vpnFootprintService.updateVpnToDpnMapping(dpnId, externalVpn, vpnRd, null /* interfaceName*/,
 160                     new ImmutablePair<>(IpAddresses.IpAddressSource.ExternalFixedIP, fibExternalIp),
 161                     false);
 162             }
 163             break;
 164         }
 165     }
 166
 167     @Override
 168     protected void addSnatSpecificEntriesForNonNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
 169         Routers routers, BigInteger dpnId) {
 170         // Nothing to to do here
 171     }
 172
 173     @Override
 174     protected void removeSnatSpecificEntriesForNonNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
 175         Routers routers, BigInteger dpnId) {
 176         // Nothing to to do here
 177     }
 178
 179     protected void addSnatMissEntryForPrimrySwch(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId,
 180         Long routerId, int elanId) {
 181         LOG.info("installSnatSpecificEntriesForNaptSwitch : called for the primary NAPT switch dpnId {}", dpnId);
 182         List<MatchInfo> matches = new ArrayList<>();
 183         matches.add(MatchEthernetType.IPV4);
 184         matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
 185         List<InstructionInfo> instructions = new ArrayList<>();
 186         List<ActionInfo> actionsInfos = new ArrayList<>();
 187         List<NxCtAction> ctActionsList = new ArrayList<>();
 188         NxCtAction nxCtAction = new ActionNxConntrack.NxNat(0, 0, 0,null, null,0, 0);
 189         ctActionsList.add(nxCtAction);
 190         ActionNxConntrack actionNxConntrack = new ActionNxConntrack(0, 0, elanId,
 191                 NwConstants.OUTBOUND_NAPT_TABLE,ctActionsList);
 192
 193         actionsInfos.add(actionNxConntrack);
 194         instructions.add(new InstructionApplyActions(actionsInfos));
 195
 196         String flowRef = getFlowRef(dpnId, NwConstants.PSNAT_TABLE, routerId);
 197         NatUtil.addFlow(confTx, mdsalManager, dpnId, NwConstants.PSNAT_TABLE, flowRef,
 198                 NatConstants.DEFAULT_PSNAT_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches,
 199                 instructions);
 200     }
 201
 202     protected void removeSnatMissEntryForPrimrySwch(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
 203             Long routerId) throws ExecutionException, InterruptedException {
 204         LOG.info("installSnatSpecificEntriesForNaptSwitch : called for the primary NAPT switch dpnId {}", dpnId);
 205
 206         String flowRef = getFlowRef(dpnId, NwConstants.PSNAT_TABLE, routerId);
 207         NatUtil.removeFlow(confTx, mdsalManager, dpnId, NwConstants.PSNAT_TABLE, flowRef);
 208     }
 209
 210     protected void addOutboundTblTrackEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId,
 211         Long routerId, String extGwMacAddress) {
 212         LOG.info("createOutboundTblTrackEntry : called for switch {}, routerId {}", dpnId, routerId);
 213         List<MatchInfoBase> matches = new ArrayList<>();
 214         matches.add(MatchEthernetType.IPV4);
 215         matches.add(new NxMatchCtState(SNAT_CT_STATE, SNAT_CT_STATE_MASK));
 216         matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
 217         ArrayList<ActionInfo> listActionInfo = new ArrayList<>();
 218         listActionInfo.add(new ActionSetFieldEthernetSource(new MacAddress(extGwMacAddress)));
 219         ArrayList<InstructionInfo> instructionInfo = new ArrayList<>();
 220         listActionInfo.add(new ActionNxResubmit(NwConstants.NAPT_PFIB_TABLE));
 221         instructionInfo.add(new InstructionApplyActions(listActionInfo));
 222
 223         String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId) + "trkest";
 224         NatUtil.addFlow(confTx, mdsalManager, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef,
 225                 NatConstants.SNAT_TRK_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches,
 226                 instructionInfo);
 227     }
 228
 229     protected void removeOutboundTblTrackEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
 230             Long routerId) throws ExecutionException, InterruptedException {
 231         LOG.info("createOutboundTblTrackEntry : called for switch {}, routerId {}", dpnId, routerId);
 232
 233         String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId) + "trkest";
 234         NatUtil.removeFlow(confTx, mdsalManager, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef);
 235     }
 236
 237     protected void addOutboundTblEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId, long routerId,
 238         String externalIp, int elanId, String extGwMacAddress) {
 239         LOG.info("createOutboundTblEntry : dpId {} and routerId {}", dpnId, routerId);
 240         List<MatchInfoBase> matches = new ArrayList<>();
 241         matches.add(MatchEthernetType.IPV4);
 242         matches.add(new NxMatchCtState(TRACKED_NEW_CT_STATE, TRACKED_NEW_CT_MASK));
 243         matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
 244         List<ActionInfo> actionsInfos = new ArrayList<>();
 245         actionsInfos.add(new ActionSetFieldEthernetSource(new MacAddress(extGwMacAddress)));
 246         List<NxCtAction> ctActionsListCommit = new ArrayList<>();
 247         int rangePresent = NxActionNatRangePresent.NXNATRANGEIPV4MIN.getIntValue();
 248         int flags = NxActionNatFlags.NXNATFSRC.getIntValue();
 249         NxCtAction nxCtActionCommit = new ActionNxConntrack.NxNat(0, flags, rangePresent,
 250             IpPrefixOrAddressBuilder.getDefaultInstance(externalIp).getIpAddress(), null,0, 0);
 251         ctActionsListCommit.add(nxCtActionCommit);
 252         int ctCommitFlag = 1;
 253         ActionNxConntrack actionNxConntrackSubmit = new ActionNxConntrack(ctCommitFlag, 0, elanId,
 254             NwConstants.NAPT_PFIB_TABLE, ctActionsListCommit);
 255         actionsInfos.add(actionNxConntrackSubmit);
 256         List<InstructionInfo> instructions = new ArrayList<>();
 257         instructions.add(new InstructionApplyActions(actionsInfos));
 258         String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId);
 259         NatUtil.addFlow(confTx, mdsalManager, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef,
 260                 NatConstants.SNAT_NEW_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
 261     }
 262
 263     protected void removeOutboundTblEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
 264             long routerId) throws ExecutionException, InterruptedException {
 265         LOG.info("createOutboundTblEntry : dpId {} and routerId {}", dpnId, routerId);
 266         String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId);
 267         NatUtil.removeFlow(confTx, mdsalManager, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef);
 268     }
 269
 270     protected void addNaptPfibFlow(TypedReadWriteTransaction<Configuration> confTx, Routers routers, BigInteger dpnId,
 271         long routerId, long extSubnetId) {
 272         Long extNetId = NatUtil.getVpnId(confTx, routers.getNetworkId().getValue());
 273         LOG.info("installNaptPfibFlow : dpId {}, extNetId {}", dpnId, extNetId);
 274         List<MatchInfoBase> matches = new ArrayList<>();
 275         matches.add(MatchEthernetType.IPV4);
 276         matches.add(new NxMatchCtState(SNAT_CT_STATE, SNAT_CT_STATE_MASK));
 277         matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
 278         List<ActionInfo> listActionInfo = new ArrayList<>();
 279         if (extSubnetId == NatConstants.INVALID_ID) {
 280             LOG.error("installNaptPfibFlow : external subnet id is invalid.");
 281             return;
 282         }
 283         ActionNxLoadMetadata actionLoadMeta = new ActionNxLoadMetadata(MetaDataUtil
 284             .getVpnIdMetadata(extSubnetId), LOAD_START, LOAD_END);
 285         listActionInfo.add(actionLoadMeta);
 286         listActionInfo.add(new ActionNxLoadInPort(BigInteger.ZERO));
 287         listActionInfo.add(new ActionNxCtClear());
 288         listActionInfo.add(new ActionNxResubmit(NwConstants.L3_FIB_TABLE));
 289         ArrayList<InstructionInfo> instructions = new ArrayList<>();
 290         instructions.add(new InstructionApplyActions(listActionInfo));
 291         String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId);
 292         flowRef = flowRef + "OUTBOUND";
 293         NatUtil.addFlow(confTx, mdsalManager, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef,
 294                 NatConstants.SNAT_TRK_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
 295     }
 296
 297     protected void removeNaptPfibFlow(TypedReadWriteTransaction<Configuration> confTx, Routers routers,
 298             BigInteger dpnId, long routerId) throws ExecutionException, InterruptedException {
 299         Long extNetId = NatUtil.getVpnId(confTx, routers.getNetworkId().getValue());
 300         LOG.info("installNaptPfibFlow : dpId {}, extNetId {}", dpnId, extNetId);
 301         String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId) + "OUTBOUND";
 302         NatUtil.removeFlow(confTx, mdsalManager, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef);
 303     }
 304
 305     protected void addInboundEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId, long routerId,
 306         String externalIp, int elanId, long extSubnetId) {
 307         LOG.info("installInboundEntry : dpId {} and routerId {}", dpnId, routerId);
 308         List<MatchInfoBase> matches = new ArrayList<>();
 309         matches.add(MatchEthernetType.IPV4);
 310         matches.add(new MatchIpv4Destination(externalIp,"32"));
 311         if (extSubnetId == NatConstants.INVALID_ID) {
 312             LOG.error("installInboundEntry : external subnet id is invalid.");
 313             return;
 314         }
 315         matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(extSubnetId),
 316             MetaDataUtil.METADATA_MASK_VRFID));
 317         List<ActionInfo> actionsInfos = new ArrayList<>();
 318         List<NxCtAction> ctActionsList = new ArrayList<>();
 319         NxCtAction nxCtAction = new ActionNxConntrack.NxNat(0, 0, 0,null, null,0, 0);
 320         ActionNxLoadMetadata actionLoadMeta = new ActionNxLoadMetadata(MetaDataUtil
 321             .getVpnIdMetadata(routerId), LOAD_START, LOAD_END);
 322         actionsInfos.add(actionLoadMeta);
 323         ctActionsList.add(nxCtAction);
 324         ActionNxConntrack actionNxConntrack = new ActionNxConntrack(0, 0, elanId, NwConstants
 325             .NAPT_PFIB_TABLE,ctActionsList);
 326
 327         actionsInfos.add(actionNxConntrack);
 328         List<InstructionInfo> instructions = new ArrayList<>();
 329         instructions.add(new InstructionApplyActions(actionsInfos));
 330         String flowRef = getFlowRef(dpnId, NwConstants.INBOUND_NAPT_TABLE, routerId);
 331         flowRef = flowRef + "OUTBOUND";
 332         NatUtil.addFlow(confTx, mdsalManager, dpnId, NwConstants.INBOUND_NAPT_TABLE, flowRef,
 333                 NatConstants.DEFAULT_TS_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
 334     }
 335
 336     protected void removeInboundEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
 337             long routerId) throws ExecutionException, InterruptedException {
 338         LOG.info("installInboundEntry : dpId {} and routerId {}", dpnId, routerId);
 339
 340         String flowRef = getFlowRef(dpnId, NwConstants.INBOUND_NAPT_TABLE, routerId) + "OUTBOUND";
 341         NatUtil.removeFlow(confTx, mdsalManager, dpnId, NwConstants.INBOUND_NAPT_TABLE, flowRef);
 342     }
 343
 344     protected void addNaptPfibEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId, long routerId) {
 345         LOG.info("installNaptPfibEntry : called for dpnId {} and routerId {} ", dpnId, routerId);
 346         List<MatchInfoBase> matches = new ArrayList<>();
 347         matches.add(MatchEthernetType.IPV4);
 348         matches.add(new NxMatchCtState(DNAT_CT_STATE, DNAT_CT_STATE_MASK));
 349         matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
 350
 351         ArrayList<ActionInfo> listActionInfo = new ArrayList<>();
 352         ArrayList<InstructionInfo> instructionInfo = new ArrayList<>();
 353         listActionInfo.add(new ActionNxLoadInPort(BigInteger.ZERO));
 354         listActionInfo.add(new ActionNxResubmit(NwConstants.L3_FIB_TABLE));
 355         instructionInfo.add(new InstructionApplyActions(listActionInfo));
 356
 357         String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId) + "INBOUND";
 358         NatUtil.addFlow(confTx, mdsalManager, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef,
 359                 NatConstants.DEFAULT_PSNAT_FLOW_PRIORITY, flowRef, NwConstants.COOKIE_SNAT_TABLE, matches,
 360                 instructionInfo);
 361     }
 362
 363     protected void removeNaptPfibEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
 364             long routerId) throws ExecutionException, InterruptedException {
 365         LOG.info("installNaptPfibEntry : called for dpnId {} and routerId {} ", dpnId, routerId);
 366         String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId) + "INBOUND";
 367         NatUtil.removeFlow(confTx, mdsalManager, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef);
 368     }
 369 }