Skip to content

Commit

Permalink
[Yang] SONiC Yang model support for NAT (sonic-net#7051)
Browse files Browse the repository at this point in the history 
This change has SONiC Yang model support for NAT
- Created SONiC Yang model for NAT
- Tables: STATIC_NAPT, STATIC_NAT, NAT_GLOBAL, NAT_POOL, NAT_BINDINGS.

How I did it
Defined Yang models for NAT based on Guideline doc:
https://github.com/Azure/SONiC/blob/master/doc/mgmt/SONiC_YANG_Model_Guidelines.md
and
https://github.com/Azure/sonic-utilities/blob/master/doc/Command-Reference.md

How to verify it
Added test cases to verify it.
  • Loading branch information
@AkhileshSamineni @Junchao-Mellanox
AkhileshSamineni authored and Junchao-Mellanox committed Jun 18, 2021
1 parent f8d46db commit 720e816
Show file tree
Hide file tree
Showing 18 changed files with 1,227 additions and 4 deletions.
1 change: 1 addition & 0 deletions src/sonic-yang-models/setup.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@
'./yang-models/sonic-flex_counter.yang',
'./yang-models/sonic-interface.yang',
'./yang-models/sonic-loopback-interface.yang',
'./yang-models/sonic-nat.yang',
'./yang-models/sonic-port.yang',
'./yang-models/sonic-portchannel.yang',
'./yang-models/sonic-types.yang',
Expand Down
48 changes: 44 additions & 4 deletions src/sonic-yang-models/tests/files/sample_config_db.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,15 +27,19 @@
}
},
"PORTCHANNEL_INTERFACE": {
"PortChannel0003": {},
"PortChannel0003": {
"nat_zone": "1"
},
"PortChannel0004": {"vrf_name": "Vrf_blue"}
},
"PORTCHANNEL_MEMBER": {
"PortChannel0003|Ethernet1": {},
"PortChannel0004|Ethernet2": {}
},
"VLAN_INTERFACE": {
"Vlan111": {},
"Vlan111": {
"nat_zone": "0"
},
"Vlan777": {},
"Vlan111|2a04:5555:45:6709::1/64": {
"scope": "global",
Expand Down Expand Up @@ -587,7 +591,9 @@
"Ethernet112": {},
"Ethernet14": {},
"Ethernet16": {},
"Ethernet18": {},
"Ethernet18": {
"nat_zone": "1"
},
"Ethernet112|2a04:5555:40:a709::2/126": {
"scope": "global",
"family": "IPv6"
Expand Down Expand Up @@ -672,7 +678,9 @@
}
},
"LOOPBACK_INTERFACE": {
"Loopback0": {},
"Loopback0": {
"nat_zone": "2"
},
"Loopback0|2a04:5555:40:4::4e9/128": {
"scope": "global",
"family": "IPv6"
Expand Down Expand Up @@ -740,6 +748,38 @@
"nexthop_group_threshold_type": "percentage",
"polling_interval": "0"
}
},
"NAT_BINDINGS": {
"bind1": {
"nat_pool": "pool1",
"nat_type": "snat",
"twice_nat_id": "1"
}
},
"NAT_GLOBAL": {
"Values": {
"admin_mode": "enabled",
"nat_tcp_timeout": "86400",
"nat_timeout": "600",
"nat_udp_timeout": "300"
}
},
"NAT_POOL": {
"pool1": {
"nat_ip": "125.56.90.50-125.56.90.100",
"nat_port": "50-100"
}
},
"STATIC_NAPT": {
"125.56.90.10|UDP|100": {
"local_ip": "12.12.0.2",
"local_port": "251"
}
},
"STATIC_NAT": {
"125.56.90.8": {
"local_ip": "12.12.0.2"
}
}
},

Expand Down
7 changes: 7 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/interface.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,12 @@
},
"INTERFACE_IPPREFIX_PORT_MUST_CONDITION_TRUE": {
"desc": "Interface Ip-prefix port-name must condition pass."
},
"INTERFACE_WRONG_NAT_ZONE_RANGE": {
"desc": "Configure wrong value for nat zone.",
"eStr" : "Invalid nat zone for the interface."
},
"INTERFACE_VALID_NAT_ZONE_RANGE": {
"desc": "Configure valid value for nat zone."
}
}
7 changes: 7 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/loopback.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,12 @@
"LOOPBACK_IPPREFIX_PORT_MUST_CONDITION_FALSE": {
"desc": "Loopback Ip-prefix port-name must condition failure.",
"eStrKey" : "Must"
},
"LOOPBACK_INTERFACE_WRONG_NAT_ZONE_RANGE": {
"desc": "Configure wrong value for nat zone.",
"eStr" : "Invalid nat zone for the loopback interface."
},
"LOOPBACK_INTERFACE_VALID_NAT_ZONE_RANGE": {
"desc": "Configure valid value for nat zone."
}
}
100 changes: 100 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/nat.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
{
"STATIC_NAPT_ENTRY_WITH_VALID_VALUES": {
"desc": "Configuring the Static NAPT table with valid values."
},
"STATIC_NAPT_ENTRY_WRONG_GLOBAL_IP": {
"desc": "Configuring a wrong global ip in Static NAPT table.",
"eStrKey" : "Pattern"
},
"STATIC_NAPT_ENTRY_WRONG_IP_PROTOCOL": {
"desc": "Configuring a wrong ip protocol in Static NAPT table.",
"eStrKey": "InvalidValue",
"eStr": ["ip_protocol"]
},
"STATIC_NAPT_ENTRY_WRONG_GLOBAL_L4_PORT": {
"desc": "Configuring a wrong global l4 port in Static NAPT table.",
"eStrKey": "InvalidValue",
"eStr": ["global_l4_port"]
},
"STATIC_NAPT_ENTRY_WITHOUT_LOCAL_IP": {
"desc": "Configuring a Static NAPT table without local ip.",
"eStrKey" : "Mandatory"
},
"STATIC_NAPT_ENTRY_WITHOUT_LOCAL_PORT": {
"desc": "Configuring a Static NAPT table without local port.",
"eStrKey" : "Mandatory"
},
"STATIC_NAPT_ENTRY_INVALID_TWICE_NAT_ID": {
"desc": "Configuring a invalid twice nat id in Static NAPT table.",
"eStrKey": "InvalidValue"
},
"STATIC_NAT_ENTRY_WITH_VALID_VALUES": {
"desc": "Configuring the Static NAT table with valid values."
},
"STATIC_NAT_ENTRY_WRONG_GLOBAL_IP": {
"desc": "Configuring a wrong global ip in Static NAT table.",
"eStrKey" : "Pattern"
},
"STATIC_NAT_ENTRY_WITHOUT_LOCAL_IP": {
"desc": "Configuring a Static NAT table without local ip.",
"eStrKey" : "Mandatory"
},
"STATIC_NAT_ENTRY_INVALID_TWICE_NAT_ID": {
"desc": "Configuring a invalid twice nat id in Static NAT table.",
"eStrKey": "InvalidValue"
},
"NAT_GLOBAL_WITH_VALID_VALUES": {
"desc": "Configuring a NAT Global table with valid values."
},
"NAT_GLOBAL_WITH_INVALID_UDP_TIMEOUT": {
"desc": "Configuring a NAT Global table with a invalid udp timeout.",
"eStr": "Invalid NAT UDP Timeout, valid range 120 sec to 600 sec."
},
"NAT_GLOBAL_WITH_INVALID_TIMEOUT": {
"desc": "Configuring a NAT Global table with a invalid timeout.",
"eStr": "Invalid NAT Timeout, valid range 300 sec to 432000 sec."
},
"NAT_GLOBAL_WITH_INVALID_TCP_TIMEOUT": {
"desc": "Configuring a NAT Global table with a invalid tcp timeout.",
"eStr": "Invalid NAT TCP Timeout, valid range 300 sec to 432000 sec."
},
"NAT_POOL_WITH_VALID_VALUES": {
"desc": "Configuring a NAT Pool table with valid values."
},
"NAT_POOL_WITH_INVALID_POOL_NAME": {
"desc": "Configuring a invalid pool name in NAT Pool table.",
"eStr": "Invalid length for the pool name."
},
"NAT_POOL_WITHOUT_NAT_IP": {
"desc": "Configuring a NAT Pool table without NAT ip.",
"eStrKey" : "Mandatory"
},
"NAT_POOL_WITH_INVALID_NAT_IP": {
"desc": "Configuring a invalid nat ip in NAT Pool table.",
"eStrKey": "InvalidValue",
"eStr": ["nat_ip"]
},
"NAT_POOL_WITH_INVALID_NAT_PORT": {
"desc": "Configuring a invalid nat port in NAT Pool table.",
"eStrKey" : "Pattern"
},
"NAT_BINDING_WITH_INVALID_BINDING_NAME": {
"desc": "Configuring a invalid binding name in NAT Binding table.",
"eStr": "Invalid length for the binding name."
},
"NAT_BINDING_WITHOUT_NAT_POOL": {
"desc": "Configuring a NAT Binding table without NAT Pool.",
"eStrKey" : "Mandatory"
},
"NAT_BINDING_WITH_INVALID_NAT_TYPE": {
"desc": "Configuring a invalid nat type in NAT Binding table.",
"eStrKey": "InvalidValue"
},
"NAT_BINDING_WITH_INVALID_TWICE_NAT_ID": {
"desc": "Configuring a invalid twice nat id in NAT Binding table.",
"eStrKey": "InvalidValue"
},
"NAT_BINDING_WITHOUT_ACL_TABLE": {
"desc": "Configuring a NAT Binding table without acl."
}
}
7 changes: 7 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/portchannel.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,5 +44,12 @@
"desc": "Configure a non existent Vrf in PORTCHANNEL_INTERFACE table.",
"eStrKey": "LeafRef",
"eStr": ["sonic-vrf:name"]
},
"PORTCHANNEL_INTERFACE_WRONG_NAT_ZONE_RANGE": {
"desc": "Configure wrong value for nat zone.",
"eStr" : "Invalid nat zone for the portchannel interface."
},
"PORTCHANNEL_INTERFACE_VALID_NAT_ZONE_RANGE": {
"desc": "Configure valid value for nat zone."
}
}
7 changes: 7 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/vlan.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,5 +36,12 @@
"desc": "Configure wrong value for tagging_mode.",
"eStrKey" : "InvalidValue",
"eStr": ["tagging_mode"]
},
"VLAN_INTERFACE_WRONG_NAT_ZONE_RANGE": {
"desc": "Configure wrong value for nat zone.",
"eStr" : "Invalid nat zone for the vlan interface."
},
"VLAN_INTERFACE_VALID_NAT_ZONE_RANGE": {
"desc": "Configure valid value for nat zone."
}
}
72 changes: 72 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests_config/interface.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,5 +109,77 @@
]
}
}
},
"INTERFACE_WRONG_NAT_ZONE_RANGE": {
"sonic-interface:sonic-interface": {
"sonic-interface:INTERFACE": {
"INTERFACE_IPPREFIX_LIST": [
{
"family": "IPv4",
"ip-prefix": "10.0.0.1/30",
"name": "Ethernet8",
"scope": "global"
}
],
"INTERFACE_LIST": [
{
"name": "Ethernet8",
"nat_zone": "4"
}
]
}
},
"sonic-port:sonic-port": {
"sonic-port:PORT": {
"PORT_LIST": [
{
"admin_status": "up",
"alias": "eth8",
"description": "Ethernet8",
"fec": "rs",
"lanes": "65",
"mtu": 9000,
"name": "Ethernet8",
"speed": 25000
}
]
}
}
},
"INTERFACE_VALID_NAT_ZONE_RANGE": {
"sonic-interface:sonic-interface": {
"sonic-interface:INTERFACE": {
"INTERFACE_IPPREFIX_LIST": [
{
"family": "IPv4",
"ip-prefix": "10.0.0.1/30",
"name": "Ethernet8",
"scope": "global"
}
],
"INTERFACE_LIST": [
{
"name": "Ethernet8",
"nat_zone": "2"
}
]
}
},
"sonic-port:sonic-port": {
"sonic-port:PORT": {
"PORT_LIST": [
{
"admin_status": "up",
"alias": "eth8",
"description": "Ethernet8",
"fec": "rs",
"lanes": "65",
"mtu": 9000,
"name": "Ethernet8",
"speed": 25000
}
]
}
}
}
}
40 changes: 40 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests_config/loopback.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,45 @@
]
}
}
},
"LOOPBACK_INTERFACE_WRONG_NAT_ZONE_RANGE": {
"sonic-loopback-interface:sonic-loopback-interface": {
"sonic-loopback-interface:LOOPBACK_INTERFACE": {
"LOOPBACK_INTERFACE_IPPREFIX_LIST": [
{
"family": "IPv4",
"ip-prefix": "10.0.0.1/30",
"name": "lo1",
"scope": "global"
}
],
"LOOPBACK_INTERFACE_LIST": [
{
"name": "lo1",
"nat_zone": "4"
}
]
}
}
},
"LOOPBACK_INTERFACE_VALID_NAT_ZONE_RANGE": {
"sonic-loopback-interface:sonic-loopback-interface": {
"sonic-loopback-interface:LOOPBACK_INTERFACE": {
"LOOPBACK_INTERFACE_IPPREFIX_LIST": [
{
"family": "IPv4",
"ip-prefix": "10.0.0.1/30",
"name": "lo1",
"scope": "global"
}
],
"LOOPBACK_INTERFACE_LIST": [
{
"name": "lo1",
"nat_zone": "2"
}
]
}
}
}
}
Loading

0 comments on commit 720e816

Please sign in to comment.