2 * Copyright (c) 2017 Red Hat, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netvirt.natservice.internal;
10 import com.google.common.base.Optional;
11 import java.math.BigInteger;
12 import java.util.ArrayList;
13 import java.util.List;
14 import java.util.concurrent.ExecutionException;
15 import org.apache.commons.lang3.tuple.ImmutablePair;
16 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
17 import org.opendaylight.genius.datastoreutils.listeners.DataTreeEventCallbackRegistrar;
18 import org.opendaylight.genius.infra.Datastore.Configuration;
19 import org.opendaylight.genius.infra.TypedReadWriteTransaction;
20 import org.opendaylight.genius.infra.TypedWriteTransaction;
21 import org.opendaylight.genius.interfacemanager.interfaces.IInterfaceManager;
22 import org.opendaylight.genius.mdsalutil.ActionInfo;
23 import org.opendaylight.genius.mdsalutil.InstructionInfo;
24 import org.opendaylight.genius.mdsalutil.MatchInfo;
25 import org.opendaylight.genius.mdsalutil.MatchInfoBase;
26 import org.opendaylight.genius.mdsalutil.MetaDataUtil;
27 import org.opendaylight.genius.mdsalutil.NWUtil;
28 import org.opendaylight.genius.mdsalutil.NwConstants;
29 import org.opendaylight.genius.mdsalutil.actions.ActionNxConntrack;
30 import org.opendaylight.genius.mdsalutil.actions.ActionNxConntrack.NxCtAction;
31 import org.opendaylight.genius.mdsalutil.actions.ActionNxCtClear;
32 import org.opendaylight.genius.mdsalutil.actions.ActionNxLoadInPort;
33 import org.opendaylight.genius.mdsalutil.actions.ActionNxLoadMetadata;
34 import org.opendaylight.genius.mdsalutil.actions.ActionNxResubmit;
35 import org.opendaylight.genius.mdsalutil.actions.ActionSetFieldEthernetSource;
36 import org.opendaylight.genius.mdsalutil.instructions.InstructionApplyActions;
37 import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager;
38 import org.opendaylight.genius.mdsalutil.matches.MatchEthernetType;
39 import org.opendaylight.genius.mdsalutil.matches.MatchIpv4Destination;
40 import org.opendaylight.genius.mdsalutil.matches.MatchMetadata;
41 import org.opendaylight.genius.mdsalutil.matches.MatchTunnelId;
42 import org.opendaylight.genius.mdsalutil.nxmatches.NxMatchCtState;
43 import org.opendaylight.netvirt.fibmanager.api.IFibManager;
44 import org.opendaylight.netvirt.natservice.ha.NatDataUtil;
45 import org.opendaylight.netvirt.vpnmanager.api.IVpnFootprintService;
46 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
47 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.idmanager.rev160406.IdManagerService;
48 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.OdlInterfaceRpcService;
49 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.itm.rpcs.rev160406.ItmRpcService;
50 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.l3vpn.rev130911.vpn.instance.op.data.vpn.instance.op.data.entry.vpn.to.dpn.list.IpAddresses;
51 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ext.routers.Routers;
52 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ext.routers.routers.ExternalIps;
53 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.external.subnets.Subnets;
54 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.types.rev160517.IpPrefixOrAddressBuilder;
55 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.action.rev140421.NxActionNatFlags;
56 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.action.rev140421.NxActionNatRangePresent;
57 import org.slf4j.Logger;
58 import org.slf4j.LoggerFactory;
60 public abstract class ConntrackBasedSnatService extends AbstractSnatService {
61 private static final Logger LOG = LoggerFactory.getLogger(ConntrackBasedSnatService.class);
63 protected static final int TRACKED_NEW_CT_STATE = 0x21;
64 protected static final int TRACKED_NEW_CT_MASK = 0x21;
65 protected static final int SNAT_CT_STATE = 0x40;
66 protected static final int SNAT_CT_STATE_MASK = 0x40;
67 protected static final int DNAT_CT_STATE = 0x80;
68 protected static final int DNAT_CT_STATE_MASK = 0x80;
70 public ConntrackBasedSnatService(DataBroker dataBroker, IMdsalApiManager mdsalManager, ItmRpcService itmManager,
71 IdManagerService idManager, NAPTSwitchSelector naptSwitchSelector,
72 OdlInterfaceRpcService odlInterfaceRpcService,
73 IInterfaceManager interfaceManager, IVpnFootprintService vpnFootprintService,
74 IFibManager fibManager, NatDataUtil natDataUtil,
75 DataTreeEventCallbackRegistrar eventCallbacks) {
76 super(dataBroker, mdsalManager, itmManager, odlInterfaceRpcService, idManager, naptSwitchSelector,
77 interfaceManager, vpnFootprintService, fibManager, natDataUtil, eventCallbacks);
81 protected void addSnatSpecificEntriesForNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
82 Routers routers, BigInteger dpnId) {
83 LOG.info("installSnatSpecificEntriesForNaptSwitch: called for router {}",
84 routers.getRouterName());
85 String routerName = routers.getRouterName();
86 Long routerId = NatUtil.getVpnId(confTx, routerName);
87 int elanId = NatUtil.getElanInstanceByName(confTx, routers.getNetworkId().getValue())
88 .getElanTag().intValue();
89 if (routerId == NatConstants.INVALID_ID) {
90 LOG.error("InvalidRouterId: unable to installSnatSpecificEntriesForNaptSwitch on dpn {}", dpnId);
93 /* Install Outbound NAT entries */
95 addSnatMissEntryForPrimrySwch(confTx, dpnId, routerId, elanId);
96 addTerminatingServiceTblEntry(confTx, dpnId, routerId, elanId);
98 String extGwMacAddress = NatUtil.getExtGwMacAddFromRouterName(confTx, routerName);
99 addOutboundTblTrackEntry(confTx, dpnId, routerId, extGwMacAddress);
100 for (ExternalIps externalIp : routers.getExternalIps()) {
101 if (!NWUtil.isIpv4Address(externalIp.getIpAddress())) {
102 // In this class we handle only IPv4 use-cases.
105 //The logic now handle only one external IP per router, others if present will be ignored.
106 long extSubnetId = NatUtil.getExternalSubnetVpnId(confTx, externalIp.getSubnetId());
107 addOutboundTblEntry(confTx, dpnId, routerId, externalIp.getIpAddress(), elanId, extGwMacAddress);
108 addNaptPfibFlow(confTx, routers, dpnId, routerId, extSubnetId);
110 //Install Inbound NAT entries
111 addInboundEntry(confTx, dpnId, routerId, externalIp.getIpAddress(), elanId, extSubnetId);
112 addNaptPfibEntry(confTx, dpnId, routerId);
114 String fibExternalIp = NatUtil.validateAndAddNetworkMask(externalIp.getIpAddress());
115 Optional<Subnets> externalSubnet = NatUtil.getOptionalExternalSubnets(confTx, externalIp.getSubnetId());
116 if (externalSubnet.isPresent()) {
117 String externalVpn = externalIp.getSubnetId().getValue();
118 String vpnRd = NatUtil.getVpnRd(confTx, externalVpn);
119 vpnFootprintService.updateVpnToDpnMapping(dpnId, externalVpn, vpnRd, null /* interfaceName*/,
120 new ImmutablePair<>(IpAddresses.IpAddressSource.ExternalFixedIP, fibExternalIp),
128 protected void removeSnatSpecificEntriesForNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
129 Routers routers, BigInteger dpnId) throws ExecutionException, InterruptedException {
130 LOG.info("installSnatSpecificEntriesForNaptSwitch: called for router {}",
131 routers.getRouterName());
132 String routerName = routers.getRouterName();
133 Long routerId = NatUtil.getVpnId(confTx, routerName);
134 if (routerId == NatConstants.INVALID_ID) {
135 LOG.error("InvalidRouterId: unable to installSnatSpecificEntriesForNaptSwitch on dpn {}", dpnId);
138 /* Remove Outbound NAT entries */
140 removeSnatMissEntryForPrimrySwch(confTx, dpnId, routerId);
141 removeTerminatingServiceTblEntry(confTx, dpnId, routerId);
143 removeOutboundTblTrackEntry(confTx, dpnId, routerId);
144 for (ExternalIps externalIp : routers.getExternalIps()) {
145 if (!NWUtil.isIpv4Address(externalIp.getIpAddress())) {
146 // In this class we handle only IPv4 use-cases.
149 //The logic now handle only one external IP per router, others if present will be ignored.
150 removeOutboundTblEntry(confTx, dpnId, routerId);
151 removeNaptPfibFlow(confTx, routers, dpnId, routerId);
153 //Install Inbound NAT entries
154 removeInboundEntry(confTx, dpnId, routerId);
155 removeNaptPfibEntry(confTx, dpnId, routerId);
157 String fibExternalIp = NatUtil.validateAndAddNetworkMask(externalIp.getIpAddress());
158 Optional<Subnets> externalSubnet = NatUtil.getOptionalExternalSubnets(confTx, externalIp.getSubnetId());
159 if (externalSubnet.isPresent()) {
160 String externalVpn = externalIp.getSubnetId().getValue();
161 String vpnRd = NatUtil.getVpnRd(confTx, externalVpn);
162 vpnFootprintService.updateVpnToDpnMapping(dpnId, externalVpn, vpnRd, null /* interfaceName*/,
163 new ImmutablePair<>(IpAddresses.IpAddressSource.ExternalFixedIP, fibExternalIp),
171 protected void addSnatSpecificEntriesForNonNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
172 Routers routers, BigInteger dpnId) {
173 // Nothing to to do here
177 protected void removeSnatSpecificEntriesForNonNaptSwitch(TypedReadWriteTransaction<Configuration> confTx,
178 Routers routers, BigInteger dpnId) {
179 // Nothing to to do here
182 protected void addSnatMissEntryForPrimrySwch(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId,
183 Long routerId, int elanId) {
184 LOG.info("installSnatSpecificEntriesForNaptSwitch : called for the primary NAPT switch dpnId {}", dpnId);
185 List<MatchInfo> matches = new ArrayList<>();
186 matches.add(MatchEthernetType.IPV4);
187 matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
188 List<InstructionInfo> instructions = new ArrayList<>();
189 List<ActionInfo> actionsInfos = new ArrayList<>();
190 List<NxCtAction> ctActionsList = new ArrayList<>();
191 NxCtAction nxCtAction = new ActionNxConntrack.NxNat(0, 0, 0,null, null,0, 0);
192 ctActionsList.add(nxCtAction);
193 ActionNxConntrack actionNxConntrack = new ActionNxConntrack(0, 0, elanId,
194 NwConstants.OUTBOUND_NAPT_TABLE,ctActionsList);
196 actionsInfos.add(actionNxConntrack);
197 instructions.add(new InstructionApplyActions(actionsInfos));
199 String flowRef = getFlowRef(dpnId, NwConstants.PSNAT_TABLE, routerId);
200 addFlow(confTx, dpnId, NwConstants.PSNAT_TABLE, flowRef, NatConstants.DEFAULT_PSNAT_FLOW_PRIORITY, flowRef,
201 NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
204 protected void removeSnatMissEntryForPrimrySwch(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
205 Long routerId) throws ExecutionException, InterruptedException {
206 LOG.info("installSnatSpecificEntriesForNaptSwitch : called for the primary NAPT switch dpnId {}", dpnId);
208 String flowRef = getFlowRef(dpnId, NwConstants.PSNAT_TABLE, routerId);
209 removeFlow(confTx, dpnId, NwConstants.PSNAT_TABLE, flowRef);
212 protected void addTerminatingServiceTblEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId,
213 Long routerId, int elanId) {
214 LOG.info("installTerminatingServiceTblEntry : creating entry for Terminating Service Table "
215 + "for switch {}, routerId {}", dpnId, routerId);
216 List<MatchInfo> matches = new ArrayList<>();
217 matches.add(MatchEthernetType.IPV4);
218 matches.add(new MatchTunnelId(BigInteger.valueOf(routerId)));
220 List<ActionInfo> actionsInfos = new ArrayList<>();
221 List<NxCtAction> ctActionsList = new ArrayList<>();
222 NxCtAction nxCtAction = new ActionNxConntrack.NxNat(0, 0, 0,null, null,0, 0);
223 ctActionsList.add(nxCtAction);
224 ActionNxConntrack actionNxConntrack = new ActionNxConntrack(0, 0, elanId, NwConstants
225 .OUTBOUND_NAPT_TABLE,ctActionsList);
226 ActionNxLoadMetadata actionLoadMeta = new ActionNxLoadMetadata(MetaDataUtil
227 .getVpnIdMetadata(routerId), LOAD_START, LOAD_END);
228 actionsInfos.add(actionLoadMeta);
229 actionsInfos.add(actionNxConntrack);
230 List<InstructionInfo> instructions = new ArrayList<>();
231 instructions.add(new InstructionApplyActions(actionsInfos));
232 String flowRef = getFlowRef(dpnId, NwConstants.INTERNAL_TUNNEL_TABLE, routerId);
233 addFlow(confTx, dpnId, NwConstants.INTERNAL_TUNNEL_TABLE, flowRef, NatConstants.DEFAULT_TS_FLOW_PRIORITY,
234 flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
237 protected void removeTerminatingServiceTblEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
238 Long routerId) throws ExecutionException, InterruptedException {
239 LOG.info("installTerminatingServiceTblEntry : creating entry for Terminating Service Table "
240 + "for switch {}, routerId {}", dpnId, routerId);
242 String flowRef = getFlowRef(dpnId, NwConstants.INTERNAL_TUNNEL_TABLE, routerId);
243 removeFlow(confTx, dpnId, NwConstants.INTERNAL_TUNNEL_TABLE, flowRef);
246 protected void addOutboundTblTrackEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId,
247 Long routerId, String extGwMacAddress) {
248 LOG.info("createOutboundTblTrackEntry : called for switch {}, routerId {}", dpnId, routerId);
249 List<MatchInfoBase> matches = new ArrayList<>();
250 matches.add(MatchEthernetType.IPV4);
251 matches.add(new NxMatchCtState(SNAT_CT_STATE, SNAT_CT_STATE_MASK));
252 matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
253 ArrayList<ActionInfo> listActionInfo = new ArrayList<>();
254 listActionInfo.add(new ActionSetFieldEthernetSource(new MacAddress(extGwMacAddress)));
255 ArrayList<InstructionInfo> instructionInfo = new ArrayList<>();
256 listActionInfo.add(new ActionNxResubmit(NwConstants.NAPT_PFIB_TABLE));
257 instructionInfo.add(new InstructionApplyActions(listActionInfo));
259 String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId) + "trkest";
260 addFlow(confTx, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef, NatConstants.SNAT_TRK_FLOW_PRIORITY, flowRef,
261 NwConstants.COOKIE_SNAT_TABLE, matches, instructionInfo);
264 protected void removeOutboundTblTrackEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
265 Long routerId) throws ExecutionException, InterruptedException {
266 LOG.info("createOutboundTblTrackEntry : called for switch {}, routerId {}", dpnId, routerId);
268 String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId) + "trkest";
269 removeFlow(confTx, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef);
272 protected void addOutboundTblEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId, long routerId,
273 String externalIp, int elanId, String extGwMacAddress) {
274 LOG.info("createOutboundTblEntry : dpId {} and routerId {}", dpnId, routerId);
275 List<MatchInfoBase> matches = new ArrayList<>();
276 matches.add(MatchEthernetType.IPV4);
277 matches.add(new NxMatchCtState(TRACKED_NEW_CT_STATE, TRACKED_NEW_CT_MASK));
278 matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
279 List<ActionInfo> actionsInfos = new ArrayList<>();
280 actionsInfos.add(new ActionSetFieldEthernetSource(new MacAddress(extGwMacAddress)));
281 List<NxCtAction> ctActionsListCommit = new ArrayList<>();
282 int rangePresent = NxActionNatRangePresent.NXNATRANGEIPV4MIN.getIntValue();
283 int flags = NxActionNatFlags.NXNATFSRC.getIntValue();
284 NxCtAction nxCtActionCommit = new ActionNxConntrack.NxNat(0, flags, rangePresent,
285 IpPrefixOrAddressBuilder.getDefaultInstance(externalIp).getIpAddress(), null,0, 0);
286 ctActionsListCommit.add(nxCtActionCommit);
287 int ctCommitFlag = 1;
288 ActionNxConntrack actionNxConntrackSubmit = new ActionNxConntrack(ctCommitFlag, 0, elanId,
289 NwConstants.NAPT_PFIB_TABLE, ctActionsListCommit);
290 actionsInfos.add(actionNxConntrackSubmit);
291 List<InstructionInfo> instructions = new ArrayList<>();
292 instructions.add(new InstructionApplyActions(actionsInfos));
293 String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId);
294 addFlow(confTx, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef, NatConstants.SNAT_NEW_FLOW_PRIORITY,
295 flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
298 protected void removeOutboundTblEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
299 long routerId) throws ExecutionException, InterruptedException {
300 LOG.info("createOutboundTblEntry : dpId {} and routerId {}", dpnId, routerId);
301 String flowRef = getFlowRef(dpnId, NwConstants.OUTBOUND_NAPT_TABLE, routerId);
302 removeFlow(confTx, dpnId, NwConstants.OUTBOUND_NAPT_TABLE, flowRef);
305 protected void addNaptPfibFlow(TypedReadWriteTransaction<Configuration> confTx, Routers routers, BigInteger dpnId,
306 long routerId, long extSubnetId) {
307 Long extNetId = NatUtil.getVpnId(confTx, routers.getNetworkId().getValue());
308 LOG.info("installNaptPfibFlow : dpId {}, extNetId {}", dpnId, extNetId);
309 List<MatchInfoBase> matches = new ArrayList<>();
310 matches.add(MatchEthernetType.IPV4);
311 matches.add(new NxMatchCtState(SNAT_CT_STATE, SNAT_CT_STATE_MASK));
312 matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
313 List<ActionInfo> listActionInfo = new ArrayList<>();
314 if (extSubnetId == NatConstants.INVALID_ID) {
315 LOG.error("installNaptPfibFlow : external subnet id is invalid.");
318 ActionNxLoadMetadata actionLoadMeta = new ActionNxLoadMetadata(MetaDataUtil
319 .getVpnIdMetadata(extSubnetId), LOAD_START, LOAD_END);
320 listActionInfo.add(actionLoadMeta);
321 listActionInfo.add(new ActionNxLoadInPort(BigInteger.ZERO));
322 listActionInfo.add(new ActionNxCtClear());
323 listActionInfo.add(new ActionNxResubmit(NwConstants.L3_FIB_TABLE));
324 ArrayList<InstructionInfo> instructions = new ArrayList<>();
325 instructions.add(new InstructionApplyActions(listActionInfo));
326 String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId);
327 flowRef = flowRef + "OUTBOUND";
328 addFlow(confTx, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef, NatConstants.SNAT_TRK_FLOW_PRIORITY,
329 flowRef, NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
332 protected void removeNaptPfibFlow(TypedReadWriteTransaction<Configuration> confTx, Routers routers,
333 BigInteger dpnId, long routerId) throws ExecutionException, InterruptedException {
334 Long extNetId = NatUtil.getVpnId(confTx, routers.getNetworkId().getValue());
335 LOG.info("installNaptPfibFlow : dpId {}, extNetId {}", dpnId, extNetId);
336 String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId) + "OUTBOUND";
337 removeFlow(confTx, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef);
340 protected void addInboundEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId, long routerId,
341 String externalIp, int elanId, long extSubnetId) {
342 LOG.info("installInboundEntry : dpId {} and routerId {}", dpnId, routerId);
343 List<MatchInfoBase> matches = new ArrayList<>();
344 matches.add(MatchEthernetType.IPV4);
345 matches.add(new MatchIpv4Destination(externalIp,"32"));
346 if (extSubnetId == NatConstants.INVALID_ID) {
347 LOG.error("installInboundEntry : external subnet id is invalid.");
350 matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(extSubnetId),
351 MetaDataUtil.METADATA_MASK_VRFID));
352 List<ActionInfo> actionsInfos = new ArrayList<>();
353 List<NxCtAction> ctActionsList = new ArrayList<>();
354 NxCtAction nxCtAction = new ActionNxConntrack.NxNat(0, 0, 0,null, null,0, 0);
355 ActionNxLoadMetadata actionLoadMeta = new ActionNxLoadMetadata(MetaDataUtil
356 .getVpnIdMetadata(routerId), LOAD_START, LOAD_END);
357 actionsInfos.add(actionLoadMeta);
358 ctActionsList.add(nxCtAction);
359 ActionNxConntrack actionNxConntrack = new ActionNxConntrack(0, 0, elanId, NwConstants
360 .NAPT_PFIB_TABLE,ctActionsList);
362 actionsInfos.add(actionNxConntrack);
363 List<InstructionInfo> instructions = new ArrayList<>();
364 instructions.add(new InstructionApplyActions(actionsInfos));
365 String flowRef = getFlowRef(dpnId, NwConstants.INBOUND_NAPT_TABLE, routerId);
366 flowRef = flowRef + "OUTBOUND";
367 addFlow(confTx, dpnId, NwConstants.INBOUND_NAPT_TABLE, flowRef, NatConstants.DEFAULT_TS_FLOW_PRIORITY, flowRef,
368 NwConstants.COOKIE_SNAT_TABLE, matches, instructions);
371 protected void removeInboundEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
372 long routerId) throws ExecutionException, InterruptedException {
373 LOG.info("installInboundEntry : dpId {} and routerId {}", dpnId, routerId);
375 String flowRef = getFlowRef(dpnId, NwConstants.INBOUND_NAPT_TABLE, routerId) + "OUTBOUND";
376 removeFlow(confTx, dpnId, NwConstants.INBOUND_NAPT_TABLE, flowRef);
379 protected void addNaptPfibEntry(TypedWriteTransaction<Configuration> confTx, BigInteger dpnId, long routerId) {
380 LOG.info("installNaptPfibEntry : called for dpnId {} and routerId {} ", dpnId, routerId);
381 List<MatchInfoBase> matches = new ArrayList<>();
382 matches.add(MatchEthernetType.IPV4);
383 matches.add(new NxMatchCtState(DNAT_CT_STATE, DNAT_CT_STATE_MASK));
384 matches.add(new MatchMetadata(MetaDataUtil.getVpnIdMetadata(routerId), MetaDataUtil.METADATA_MASK_VRFID));
386 ArrayList<ActionInfo> listActionInfo = new ArrayList<>();
387 ArrayList<InstructionInfo> instructionInfo = new ArrayList<>();
388 listActionInfo.add(new ActionNxLoadInPort(BigInteger.ZERO));
389 listActionInfo.add(new ActionNxResubmit(NwConstants.L3_FIB_TABLE));
390 instructionInfo.add(new InstructionApplyActions(listActionInfo));
392 String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId) + "INBOUND";
393 addFlow(confTx, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef, NatConstants.DEFAULT_PSNAT_FLOW_PRIORITY, flowRef,
394 NwConstants.COOKIE_SNAT_TABLE, matches, instructionInfo);
397 protected void removeNaptPfibEntry(TypedReadWriteTransaction<Configuration> confTx, BigInteger dpnId,
398 long routerId) throws ExecutionException, InterruptedException {
399 LOG.info("installNaptPfibEntry : called for dpnId {} and routerId {} ", dpnId, routerId);
400 String flowRef = getFlowRef(dpnId, NwConstants.NAPT_PFIB_TABLE, routerId) + "INBOUND";
401 removeFlow(confTx, dpnId, NwConstants.NAPT_PFIB_TABLE, flowRef);