Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IOS NAT rules with interface instead of pool #6528

Merged
merged 2 commits into from
Dec 30, 2020
Merged

IOS NAT rules with interface instead of pool #6528

merged 2 commits into from
Dec 30, 2020

Conversation

corinaminer
Copy link
Contributor

We support dynamic NAT rules of this form:
ip nat inside source list 1 pool pool1

But it is possible to use an interface in place of a pool. This causes the interface's address to be the sole member of the pool (IOS console automatically adds overload to this line to allow for more than one NAT entry):
ip nat inside source list 1 interface Ethernet1/1

Still to do: This PR does not support NAT rules of the above form where the interface is inactive or has no address; such rules will be ignored. However, on real IOS devices, these rules still match traffic, and matched traffic is dropped.

After #6524 and #6527 (which impacts test).

@batfish-bot
Copy link

This change is Reviewable

@codecov
Copy link

codecov bot commented Dec 26, 2020
edited

Codecov Report

Merging #6528 (650a83d) into master (2cb76db) will decrease coverage by 0.00%.
The diff coverage is 84.31%.

@@             Coverage Diff              @@
##             master    #6528      +/-   ##
============================================
- Coverage     73.36%   73.35%   -0.01%     
- Complexity    35610    35612       +2     
============================================
  Files          2830     2830              
  Lines        143783   143817      +34     
  Branches      17372    17377       +5     
============================================
+ Hits         105488   105500      +12     
- Misses        29942    29958      +16     
- Partials       8353     8359       +6
Impacted Files Coverage Δ Complexity Δ
.../org/batfish/representation/cisco/CiscoIosNat.java 86.36% <ø> (ø) 6.00 <0.00> (ø)
...tfish/representation/cisco/CiscoIosDynamicNat.java 74.31% <65.21%> (-0.43%) 35.00 <4.00> (+7.00) ⬇️
...fish/grammar/cisco/CiscoControlPlaneExtractor.java 66.67% <100.00%> (+0.11%) 1278.00 <2.00> (+2.00)
...tfish/representation/cisco/CiscoConfiguration.java 86.16% <100.00%> (-0.14%) 498.00 <0.00> (-1.00)
...atfish/representation/cisco/CiscoIosStaticNat.java 60.52% <100.00%> (+1.55%) 9.00 <0.00> (ø)
...rg/batfish/identifiers/StorageBasedIdResolver.java 85.29% <0.00%> (-5.89%) 22.00% <0.00%> (ø%)
.../org/batfish/dataplane/rib/RouteAdvertisement.java 83.67% <0.00%> (-4.09%) 18.00% <0.00%> (-1.00%)
...col/src/main/java/org/batfish/role/InferRoles.java 89.54% <0.00%> (-1.37%) 50.00% <0.00%> (-1.00%)
...java/org/batfish/dataplane/ibdp/VirtualRouter.java 90.90% <0.00%> (-0.34%) 208.00% <0.00%> (-1.00%)
...a/org/batfish/representation/aws/LoadBalancer.java 82.18% <0.00%> (-0.32%) 70.00% <0.00%> (-1.00%)
... and 3 more

dhalperi
dhalperi reviewed Dec 29, 2020
View reviewed changes
Copy link
Member

@dhalperi dhalperi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 10 of 10 files at r1.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@corinaminer corinaminer merged commit 6a5939f into master Dec 30, 2020
@corinaminer corinaminer deleted the ios-nat-interface branch December 30, 2020 01:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhalperi dhalperi dhalperi left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@corinaminer @batfish-bot @dhalperi