aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat.c
diff options
context:
space:
mode:
authorFilip Varga <fivarga@cisco.com>2020-04-16 13:20:25 +0200
committerFilip Varga <fivarga@cisco.com>2020-05-04 12:15:02 +0200
commit6bb080f1e54391b161cf211a9cfa3f488f2fd331 (patch)
tree8af5f6df9baaacb2a6f10af8ff51e48f7de0846a /src/plugins/nat/nat.c
parent2f1563129ad8d34d365f5ef8620ff76ff7b08e70 (diff)
nat: per vrf session limits
Type: improvement Change-Id: I170256ab47978db34fb0ff6808d9cd54ab872410 Signed-off-by: Filip Varga <fivarga@cisco.com>
Diffstat (limited to 'src/plugins/nat/nat.c')
-rwxr-xr-xsrc/plugins/nat/nat.c23
1 files changed, 22 insertions, 1 deletions
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index ba682f9325b..7cb0b53368c 100755
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -329,6 +329,26 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index,
&s->out2in);
}
+int
+nat44_set_session_limit (u32 session_limit, u32 vrf_id)
+{
+ snat_main_t *sm = &snat_main;
+ u32 fib_index = fib_table_find (FIB_PROTOCOL_IP4, vrf_id);
+ u32 len = vec_len (sm->max_translations_per_fib);
+
+ if (len <= fib_index)
+ {
+ vec_validate (sm->max_translations_per_fib, fib_index + 1);
+
+ for (; len < vec_len (sm->max_translations_per_fib); len++)
+ sm->max_translations_per_fib[len] = sm->max_translations;
+ }
+
+ sm->max_translations_per_fib[fib_index] = session_limit;
+ return 0;
+}
+
+
void
nat44_free_session_data (snat_main_t * sm, snat_session_t * s,
u32 thread_index, u8 is_ha)
@@ -4025,9 +4045,10 @@ snat_config (vlib_main_t * vm, unformat_input_t * input)
sm->translation_buckets = translation_buckets;
sm->translation_memory_size = translation_memory_size;
-
/* do not exceed load factor 10 */
sm->max_translations = 10 * translation_buckets;
+ vec_add1 (sm->max_translations_per_fib, sm->max_translations);
+
sm->max_translations_per_user = max_translations_per_user == ~0 ?
sm->max_translations : max_translations_per_user;