Created
February 1, 2018 14:42
-
-
Save dangtrinhnt/cd131f0bef6abf3e8f1ada97dbf1c3b1 to your computer and use it in GitHub Desktop.
NAT VNF for Tacker using OpenWRT
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0 | |
| description: OpenWRT with services | |
| metadata: | |
| template_name: OpenWRT | |
| topology_template: | |
| node_templates: | |
| VDU1: | |
| type: tosca.nodes.nfv.VDU.Tacker | |
| capabilities: | |
| nfv_compute: | |
| properties: | |
| num_cpus: 1 | |
| mem_size: 512 MB | |
| disk_size: 1 GB | |
| properties: | |
| image: OpenWRT | |
| config: | |
| firewall: | | |
| package firewall | |
| config defaults | |
| option syn_flood '1' | |
| option input 'ACCEPT' | |
| option output 'ACCEPT' | |
| option forward 'REJECT' | |
| config zone | |
| option name 'lan' | |
| list network 'lan' | |
| option input 'ACCEPT' | |
| option output 'ACCEPT' | |
| option forward 'ACCEPT' | |
| config zone | |
| option name 'wan' | |
| list network 'wan' | |
| list network 'wan6' | |
| option input 'REJECT' | |
| option output 'ACCEPT' | |
| option forward 'REJECT' | |
| option masq '1' | |
| option mtu_fix '1' | |
| config forwarding | |
| option src 'lan' | |
| option dest 'wan' | |
| config rule | |
| option name 'Allow-DHCP-Renew' | |
| option src 'wan' | |
| option proto 'udp' | |
| option dest_port '68' | |
| option target 'ACCEPT' | |
| option family 'ipv4' | |
| config rule | |
| option name 'Allow-Ping' | |
| option src 'wan' | |
| option proto 'icmp' | |
| option icmp_type 'echo-request' | |
| option family 'ipv4' | |
| option target 'ACCEPT' | |
| # NAT | |
| # port redirect port coming in on wan to lan | |
| config redirect | |
| option src wan | |
| option src_dport 80 | |
| option dest lan | |
| option dest_ip 192.168.16.235 | |
| option dest_port 80 | |
| option proto tcp | |
| # port redirect of remapped ssh port (22001) on wan | |
| config redirect | |
| option src wan | |
| option src_dport 22001 | |
| option dest lan | |
| option dest_port 22 | |
| option proto tcp | |
| mgmt_driver: openwrt | |
| monitoring_policy: | |
| name: ping | |
| parameters: | |
| count: 3 | |
| interval: 10 | |
| actions: | |
| failure: respawn | |
| CP1: | |
| type: tosca.nodes.nfv.CP.Tacker | |
| properties: | |
| management: true | |
| anti_spoofing_protection: false | |
| requirements: | |
| - virtualLink: | |
| node: VL1 | |
| - virtualBinding: | |
| node: VDU1 | |
| VL1: | |
| type: tosca.nodes.nfv.VL | |
| properties: | |
| network_name: net_mgmt | |
| vendor: Tacker |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment