Pre requirements
-
VM or a server with 3 NICs (in, out, management)
-
4G of RAM
-
2 CPU cores
Installation on Ubuntu Linux
-
Packages located at https://packagecloud.io/fdio/release
-
Not-so-secure method to activate the repository
curl -s https://packagecloud.io/install/repositories/fdio/release/script.deb.sh | sudo bash -
sudo apt-get updatethensudo apt-get install vpp vpp-plugin-core vpp-plugin-dpdk -
Disable service until it’s configured
systemctl stop vpp.servicesystemctl disable vpp.service
Configuration
-
Identify NICs to be used as
inandoutlspci | grep 'Ethernet controller'
00:03.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:04.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:05.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:06.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:07.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:08.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:09.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:0a.0 Ethernet controller: Red Hat, Inc. Virtio network device
We will use NIC 00:09.0 as in and NIC 00:0a.0 as out
-
Create a configuration file
/etc/vpp/startup.confwith content matching those PCI addresses.
unix {
nodaemon
full-coredump
cli-listen /run/vpp/cli.sock
startup-config /etc/vpp/startup.commands
gid vpp
}
api-segment { prefix vpp-nat }
plugins {
plugin default { enable }
plugin dpdk_plugin.so { enable }
plugin nat_plugin.so { enable }
}
dpdk {
dev 0000:00:09.0
dev 0000:00:0a.0
}
-
Create a startup configuration file
/etc/vpp/startup.commandswith the content:
set interface ip address GigabitEthernet0/9/0 100.64.88.1/31 set interface ip address GigabitEthernet0/a/0 192.168.122.20/24 set interface state GigabitEthernet0/a/0 up set interface state GigabitEthernet0/9/0 up nat44 plugin enable set interface nat44 in GigabitEthernet0/9/0 out GigabitEthernet0/a/0 ip route add 0.0.0.0/0 via 192.168.122.1 # always nat, no forwarding # nat44 forwarding enable ( if routing is needed ) nat44 forwarding disable #SNAT to interface IP nat44 add interface address GigabitEthernet0/a/0 set nat44 session limit 80000
GigabitEthernet0/9/0 matches 0000:00:09.0, GigabitEthernet0/a/0 matches 0000:00:0a.0
Enable VPP service
-
systemctl enable vpp.service -
systemctl restart vpp.service
Check commands
-
Connect to the VPP instance
vppctl -s /run/vpp/cli.sock -
Check interfaces
show interface
vpp# show interface
Name Idx State MTU (L3/IP4/IP6/MPLS) Counter Count
GigabitEthernet0/9/0 1 up 9000/0/0/0 tx packets 1
tx bytes 42
GigabitEthernet0/a/0 2 up 9000/0/0/0 rx packets 53
rx bytes 2764
tx packets 1
tx bytes 42
drops 53
ip6 1
local0 0 down 0/0/0/0
-
Check NAT
show nat44 sessions
NAT44 ED sessions:
-------- thread 0 vpp_main: 25 sessions --------
i2o 192.168.15.33 proto UDP port 44905 fib 0
o2i 192.168.122.20 proto UDP port 44905 fib 0
external host 9.9.9.9:33453
i2o flow: match: saddr 192.168.15.33 sport 44905 daddr 9.9.9.9 dport 33453 proto UDP fib_idx 0 rewrite: saddr 192.168.122.20 sport 44905 daddr 9.9.9.9 dport 33453 txfib 0
o2i flow: match: saddr 9.9.9.9 sport 33453 daddr 192.168.122.20 dport 44905 proto UDP fib_idx 0 rewrite: daddr 192.168.15.33 dport 44905 txfib 0
index 0
last heard 823.63
timeout in -200.25
total pkts 2, total bytes 102
dynamic translation