Skip to content
/ natasha Public

Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor

License

GPL-3.0 license
137 stars 14 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

scaleway/natasha

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

294 Commits
docs
docs
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
COPYING
COPYING
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

NATASHA

Introduction

Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor. It can achieve 100Gbits/s translation with 64bytes packets.

Natasha is in production at Scaleway with more than 1.2Tbits/s capacity.

Features

  • NAT IPv4/TCP/UDP/UDPLite traffic.
  • Handle fragmented packets.
  • Handle inner IPv4 packet inside various ICMP messages.
  • Reply to ICMP Echo requests in both the public and private interface.
  • VLAN offload (Tx/Rx and filtering).
  • L3/L4 Rx checksum offload for stats purpose.
  • L3/L4 Tx checksum using hardware offload or software incremental update (RFC1624) depending on the case.
  • Various stats, Software and Hardware stats and per core.
  • Dumping release version with the commit id.
  • Test directory test with a bench of functional and performance tests.

TODO list

  • Replace AST lookup with LPM.
  • Rewrite configuration data structures.
  • Write a proper L2 stack with ARP handling.
  • Return ICMP response if TTL is exceeded.

Configuration

At startup, NATASHA reads a configuration file that defines rules. These rules are processed for each packet received.

A configuration file looks like:

if (ipv4.dst_addr in 10.0.0.0/8
    or vlan 64
    or ipv4.dst_addr in 192.168.0.0/16) {

    drop ;

} else {
    out port 0 mac de:ad:be:ef:ff:ff;
}

More concrete examples are given in the documentation.

Installation

Natasha supports DPDK v18.02 stable:

  • Get DPDK stable sources and checkout on v18.02 version:
git clone git://dpdk.org/dpdk-stable && cd $PATH_TO_DPDK_SOURCES
git checkout v18.02
  • Configure and build DPDK (see Documentation).
  • Then make sure that your RTE_SDK path is defined.
  • Finally build Natasha:
cd NATASHA_SOURCES_PATH
make

Run Natasha like any DPDK app and add application specific param -f with the right configuration file:

$(NATASHA_SOURCES_PATH)/build/nat -l 0,2 --master-lcore=0 -n 4 -w 0000:04:00.0 -- \
                            -f $NATASHA_CONFIG_FILE

You can check the configuration files in the CI for more examples.

Tests

Natasha has a small CI process with a functional and performance tests, checkout functional and performance documentation for more informations.

Contributing and Bugs report

Any contribution or bug report are more than welcome ❤️, please make sure to details the bug/feature request.

Changelog

See the Changelog file

License

Natasha is Free Software (learn more: http://www.gnu.org/philosophy/free-sw.html).

Natasha is released under the GPLv3 License. Please read the COPYING file for details.

About

Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor

Topics

dpdk nat pktgen

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

137 stars

Watchers

20 watching

Forks

14 forks
Report repository

Releases

5 tags

Packages

No packages published

Contributors 6

Languages