WIP: feat: gRPC <-> external for nat config

mvachhar · mvachhar · commit e94febe99bcf · 2025-10-09T16:30:37.000-06:00
Signed-off-by: Manish Vachharajani &lt;manish@githedgehog.com&gt;
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -42,7 +42,7 @@ dpdk-sysroot-helper = { path = "./dpdk-sysroot-helper", package = "dataplane-dpd
 dplane-rpc = { git = "https://github.com/githedgehog/dplane-rpc.git", version = "1.1.2" }
 errno = { path = "./errno", package = "dataplane-errno" }
 flow-info = { path = "./flow-info", package = "dataplane-flow-info" }
-gateway_config = { git = "https://github.com/githedgehog/gateway-proto", tag = "v0.14.0", version = "0.14.0"}
+gateway_config = { git = "https://github.com/githedgehog/gateway-proto", version ="0.14.0", branch = "pr/mvachhar/nat-config" }
 hardware = { path = "./hardware", package = "dataplane-hardware" }
 id = { path = "./id", package = "dataplane-id" }
 interface-manager = { path = "./interface-manager", package = "dataplane-interface-manager" }
diff --git a/config/src/converters/grpc/expose.rs b/config/src/converters/grpc/expose.rs
@@ -1,10 +1,14 @@
 // SPDX-License-Identifier: Apache-2.0
 // Copyright Open Network Fabric Authors
 
+use ::gateway_config::google;
 use gateway_config::config as gateway_config;
+
 use std::convert::TryFrom;
 
-use crate::external::overlay::vpcpeering::VpcExpose;
+use crate::external::overlay::vpcpeering::{
+    VpcExpose, VpcExposeNatConfig, VpcExposeStatefulNat, VpcExposeStatelessNat,
+};
 use lpm::prefix::{Prefix, PrefixString};
 
 impl TryFrom<&gateway_config::Expose> for VpcExpose {
@@ -54,6 +58,34 @@ impl TryFrom<&gateway_config::Expose> for VpcExpose {
             }
         }
 
+        if !expose.r#as.is_empty() {
+            vpc_expose = vpc_expose.make_nat();
+            if let (Some(grpc_nat), Some(nat)) = (expose.nat.as_ref(), vpc_expose.nat.as_mut()) {
+                #[allow(clippy::default_constructed_unit_structs)]
+                match grpc_nat {
+                    gateway_config::expose::Nat::Stateless(_) => {
+                        nat.config =
+                            VpcExposeNatConfig::Stateless(VpcExposeStatelessNat::default());
+                    }
+                    gateway_config::expose::Nat::Stateful(grpc_s) => {
+                        if let Some(nat) = vpc_expose.nat.as_mut() {
+                            nat.config = VpcExposeNatConfig::Stateful(VpcExposeStatefulNat {
+                                idle_timeout: grpc_s
+                                    .idle_timeout
+                                    .ok_or(
+                                        "stateful nat requires idle_timeout, got None".to_string(),
+                                    )
+                                    .and_then(|t| {
+                                        std::time::Duration::try_from(t)
+                                            .map_err(|e| format!("Invalid duration: {e}"))
+                                    })?,
+                            });
+                        }
+                    }
+                }
+            }
+        }
+
         Ok(vpc_expose)
     }
 }
@@ -77,7 +109,7 @@ impl TryFrom<&VpcExpose> for gateway_config::Expose {
             ips.push(gateway_config::PeeringIPs { rule: Some(rule) });
         }
 
-        if let Some(nat) = expose.nat.as_ref() {
+        let nat = if let Some(nat) = expose.nat.as_ref() {
             // Convert AS inclusion rules
             for prefix in &nat.as_range {
                 let rule = gateway_config::peering_as::Rule::Cidr(prefix.to_string());
@@ -89,10 +121,28 @@ impl TryFrom<&VpcExpose> for gateway_config::Expose {
                 let rule = gateway_config::peering_as::Rule::Not(prefix.to_string());
                 as_rules.push(gateway_config::PeeringAs { rule: Some(rule) });
             }
-        }
+
+            match &nat.config {
+                VpcExposeNatConfig::Stateful(config) => {
+                    let idle_timeout = google::protobuf::Duration::try_from(config.idle_timeout)
+                        .map_err(|e| format!("Unable to convert stateful nat idle timeout: {e}"))?;
+                    Some(gateway_config::expose::Nat::Stateful(
+                        gateway_config::PeeringStatefulNat {
+                            idle_timeout: Some(idle_timeout),
+                        },
+                    ))
+                }
+                VpcExposeNatConfig::Stateless(_) => Some(gateway_config::expose::Nat::Stateless(
+                    gateway_config::PeeringStatelessNat {},
+                )),
+            }
+        } else {
+            None
+        };
         Ok(gateway_config::Expose {
             ips,
             r#as: as_rules,
+            nat,
         })
     }
 }
diff --git a/config/src/converters/grpc/mod.rs b/config/src/converters/grpc/mod.rs
@@ -266,11 +266,17 @@ mod test {
         let vpc1_expose = gateway_config::Expose {
             ips: vec![include_ip],
             r#as: vec![include_as],
+            nat: Some(gateway_config::config::expose::Nat::Stateless(
+                gateway_config::config::PeeringStatelessNat {},
+            )),
         };
 
         let vpc2_expose = gateway_config::Expose {
             ips: vec![exclude_ip],
             r#as: vec![exclude_as],
+            nat: Some(gateway_config::config::expose::Nat::Stateless(
+                gateway_config::config::PeeringStatelessNat {},
+            )),
         };
 
         // Create PeeringEntryFor
