natasha icon indicating copy to clipboard operation
natasha copied to clipboard

Published 20 hours ago verified publisher icon scaleway

Metadata

Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor

NATASHA

Introduction

Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor. It can achieve 100Gbits/s translation with 64bytes packets.

Natasha is in production at Scaleway with more than 1.2Tbits/s capacity.

Features

  • NAT IPv4/TCP/UDP/UDPLite traffic.
  • Handle fragmented packets.
  • Handle inner IPv4 packet inside various ICMP messages.
  • Reply to ICMP Echo requests in both the public and private interface.
  • VLAN offload (Tx/Rx and filtering).
  • L3/L4 Rx checksum offload for stats purpose.
  • L3/L4 Tx checksum using hardware offload or software incremental update (RFC1624) depending on the case.
  • Various stats, Software and Hardware stats and per core.
  • Dumping release version with the commit id.
  • Test directory test with a bench of functional and performance tests.

TODO list

  • Replace AST lookup with LPM.
  • Rewrite configuration data structures.
  • Write a proper L2 stack with ARP handling.
  • Return ICMP response if TTL is exceeded.

Configuration

At startup, NATASHA reads a configuration file that defines rules. These rules are processed for each packet received.

A configuration file looks like:

if (ipv4.dst_addr in 10.0.0.0/8
    or vlan 64
    or ipv4.dst_addr in 192.168.0.0/16) {

    drop ;

} else {
    out port 0 mac de:ad:be:ef:ff:ff;
}

More concrete examples are given in the documentation.

Installation

Natasha supports DPDK v18.02 stable:

  • Get DPDK stable sources and checkout on v18.02 version:
git clone git://dpdk.org/dpdk-stable && cd $PATH_TO_DPDK_SOURCES
git checkout v18.02
  • Configure and build DPDK (see Documentation).
  • Then make sure that your RTE_SDK path is defined.
  • Finally build Natasha:
cd NATASHA_SOURCES_PATH
make

Run Natasha like any DPDK app and add application specific param -f with the right configuration file:

$(NATASHA_SOURCES_PATH)/build/nat -l 0,2 --master-lcore=0 -n 4 -w 0000:04:00.0 -- \
                            -f $NATASHA_CONFIG_FILE

You can check the configuration files in the CI for more examples.

Tests

Natasha has a small CI process with a functional and performance tests, checkout functional and performance documentation for more informations.

Contributing and Bugs report

Any contribution or bug report are more than welcome :heart:, please make sure to details the bug/feature request.

Changelog

See the Changelog file

License

Natasha is Free Software (learn more: http://www.gnu.org/philosophy/free-sw.html).

Natasha is released under the GPLv3 License. Please read the COPYING file for details.

Metadata

134
Stars
16
Forks
Watchers

Owner

verified publisher icon scaleway

Metadata

Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor

Back