API: Enabling Network Address Translation (NAT)

Link-Inline™ Software User Guide
Platform
Napatech SmartNIC
Content Type
User Guide
Capture Software Version
Link-Inline™ Software 3.2

Network address translation (NAT) is enabled using the RTE_FLOW_ACTION_TYPE_MODIFY_FIELD action type. Use this DPDK API example to configure the SmartNIC for NAT.

Modifying the source IP address and UDP port fields

This example creates a flow rule to modify the source IP address to a new value and modifies the source UDP port to a new value of received frames matching specific IP addresses and UDP port numbers.
/* Create group 1 exact match 5-tuple to retransmit and NAT offloaded IPv4 UDP packets. */
struct rte_flow_attr attr = { .group = 1, .ingress = 1 };

struct rte_flow_item_ipv4 ipv4 = { .hdr = {
  .src_addr = RTE_BE32(RTE_IPV4(20, 10, 10, 2)), .dst_addr = RTE_BE32(RTE_IPV4(20, 10, 11, 23)) }};
struct rte_flow_item_udp udp = { .hdr = {
  .src_port = RTE_BE16(0x1000), .dst_port = RTE_BE16(0x1001) }};
struct rte_flow_item pattern[] = {
  [0] = { .type = RTE_FLOW_ITEM_TYPE_IPV4, .spec = &ipv4, .mask = &rte_flow_item_ipv4_mask },
  [1] = { .type = RTE_FLOW_ITEM_TYPE_UDP, .spec = &udp, .mask = &rte_flow_item_udp_mask }};

struct rte_flow_action_modify_field modify_field_ipv4_src = {
  .operation = RTE_FLOW_MODIFY_SET,
  .dst = { .field = RTE_FLOW_FIELD_IPV4_SRC },
  .src = { .field = RTE_FLOW_FIELD_VALUE, .value = "\x10\x10\x10\x30" },
  .width = 4 };
struct rte_flow_action_modify_field modify_field_udp_src = {
  .operation = RTE_FLOW_MODIFY_SET,
  .dst = { .field = RTE_FLOW_FIELD_UDP_PORT_SRC },
  .src = { .field = RTE_FLOW_FIELD_VALUE, .value = "\x12\x34" },
  .width = 2 };
struct rte_flow_action_port_id port_id = { .id = 1 };
struct rte_flow_action action[] = {
  [0] = { .type = RTE_FLOW_ACTION_TYPE_MODIFY_FIELD, .conf = &modify_field_ipv4_src },
  [1] = { .type = RTE_FLOW_ACTION_TYPE_MODIFY_FIELD, .conf = &modify_field_udp_src },
  [2] = { .type = RTE_FLOW_ACTION_TYPE_PORT_ID, .conf = &port_id },
  [3] = { .type = RTE_FLOW_ACTION_TYPE_END }};

struct rte_flow_error error;
struct rte_flow *flow = rte_flow_create(PORT_ID, &attr, pattern, action, &error);
if (!flow) {
  /* Error handling */
}

The flow rule consists of two pattern items, an IPv4 header and a UDP header, to match frames with specific IP addresses and UDP port numbers. The flow rule also consists of four actions, two modify field actions to modify the source IP address and source UDP port, a port ID action to direct matched packets to a specific TX port, and an end action to indicate the end of the action list.

Note: A flow rule with group 0 must be created before the flow rule in this API example is created. This step has been omitted in this example for brevity.

Related links

rte_flow_action_modify_field Struct Reference

rte_flow_action_modify_data Struct Reference

Field IDs for MODIFY_FIELD action

Network Address Translation (NAT) in DN-1355