diff options
| author |   Nathan Skrzypczak <nathan.skrzypczak@gmail.com> | 2022-02-02 19:31:43 +0100 |
|---|---|---|
| committer |   Beno�t Ganne <bganne@cisco.com> | 2022-03-18 11:33:51 +0000 |
| commit | 762cfd408b16b6ab43ade3ab491292b93bdeb9b3 (patch) | |
| tree | 3b303cb9db68a8003aca57820174b03902f3c714 /src/plugins/cnat/cnat_session.h | |
| parent | 6798e9ec34a49df008ecb7f84559e531f6c0d651 (diff) | |
cnat: Fix conflicting rsession
When dNAT-ing to a VIP, it can happen
that the return session conflicts with
another forward session than the one
we own.
This patchs adds a rsession_flags
CNAT_SESSION_RETRY_SNAT that makes cnat_session_create
search for a free src port to use for the
resulting return session.
It also makes forward & return session
share their fate in the session scanner.
Type: fix
Change-Id: Id0edf59abf8e5bc0c0d8941ba289c4563c77dee0
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Diffstat (limited to 'src/plugins/cnat/cnat_session.h')
| -rw-r--r-- | src/plugins/cnat/cnat_session.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/plugins/cnat/cnat_session.h b/src/plugins/cnat/cnat_session.h index 072bb10f96f..a0a28c9a818 100644 --- a/src/plugins/cnat/cnat_session.h +++ b/src/plugins/cnat/cnat_session.h @@ -129,6 +129,11 @@ typedef enum cnat_session_flag_t_ /* Debug flag marking return sessions */ CNAT_SESSION_IS_RETURN = (1 << 4), + + /** On conflicts when adding the return session, try to sNAT the + * forward session, and dNAT the return session with a random port */ + CNAT_SESSION_RETRY_SNAT = (1 << 5), + } cnat_session_flag_t; typedef enum cnat_session_location_t_ |