nat: ED: reduce number of hash tables used

Use out2in_ed hash table for port overloading tracking instead of global table. This reduces number of hash insertions in slowpath. Type: improvement Change-Id: Iad4e897d52033beb7f6d76a7ddb596eef586c6cb Signed-off-by: Klement Sekera <ksekera@cisco.com>
author: Klement Sekera <ksekera@cisco.com> 2020-04-09 13:31:27 +0200
committer: Ole Trøan <otroan@employees.org> 2020-04-24 13:51:38 +0000
commit: 69de9fadbfd2e6e256a5133513e002712705ded3 (patch)
tree: 84c17fb37b5b9b08bb99c99e63351327095f1196 /src/plugins/nat/nat.c
parent: e7f420177620868275add23ba5fcea7c7d18c91a (diff)
1 files changed, 34 insertions, 51 deletions
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 30238f9d62f..d27887e80e6 100755
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -323,17 +323,6 @@ nat_free_session_data (snat_main_t * sm, snat_session_t * s, u32 thread_index,
   if (snat_is_session_static (s))
     return;
 
-  ed_bihash_kv_t bihash_key;
-  clib_memset (&bihash_key, 0, sizeof (bihash_key));
-  bihash_key.k.dst_address = s->ext_host_addr.as_u32;
-  bihash_key.k.dst_port = s->ext_host_port;
-  bihash_key.k.src_address = s->out2in.addr.as_u32;
-  bihash_key.k.src_port = s->out2in.port;
-  bihash_key.k.protocol = s->out2in.protocol;
-  if (sm->ed_ext_ports.instantiated)
-    clib_bihash_add_del_16_8 (&sm->ed_ext_ports, &bihash_key.kv,
-			      0 /* is_add */ );
-
   snat_free_outside_address_and_port (sm->addresses, thread_index,
 				      &s->out2in);
 }
@@ -459,17 +448,6 @@ nat44_free_session_data (snat_main_t * sm, snat_session_t * s,
   if (snat_is_session_static (s))
     return;
 
-  ed_bihash_kv_t bihash_key;
-  clib_memset (&bihash_key, 0, sizeof (bihash_key));
-  bihash_key.k.dst_address = s->ext_host_addr.as_u32;
-  bihash_key.k.dst_port = s->ext_host_port;
-  bihash_key.k.src_address = s->out2in.addr.as_u32;
-  bihash_key.k.src_port = s->out2in.port;
-  bihash_key.k.protocol = s->out2in.protocol;
-  if (sm->ed_ext_ports.instantiated)
-    clib_bihash_add_del_16_8 (&sm->ed_ext_ports, &bihash_key.kv,
-			      0 /* is_add */ );
-
   // should be called for every dynamic session
   snat_free_outside_address_and_port (sm->addresses, thread_index,
 				      &s->out2in);
@@ -611,6 +589,39 @@ nat_session_alloc_or_recycle (snat_main_t * sm, snat_user_t * u,
   return s;
 }
 
+int
+nat_global_lru_free_one (snat_main_t * sm, int thread_index, f64 now)
+{
+  snat_session_t *s = NULL;
+  dlist_elt_t *oldest_elt;
+  u64 sess_timeout_time;
+  u32 oldest_index;
+  snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
+  oldest_index = clib_dlist_remove_head (tsm->global_lru_pool,
+					 tsm->global_lru_head_index);
+  if (~0 != oldest_index)
+    {
+      oldest_elt = pool_elt_at_index (tsm->global_lru_pool, oldest_index);
+      s = pool_elt_at_index (tsm->sessions, oldest_elt->value);
+
+      sess_timeout_time =
+	s->last_heard + (f64) nat44_session_get_timeout (sm, s);
+      if (now >= sess_timeout_time
+	  || (s->tcp_close_timestamp && now >= s->tcp_close_timestamp))
+	{
+	  nat_free_session_data (sm, s, thread_index, 0);
+	  nat44_ed_delete_session (sm, s, thread_index, 0);
+	  return 1;
+	}
+      else
+	{
+	  clib_dlist_addhead (tsm->global_lru_pool,
+			      tsm->global_lru_head_index, oldest_index);
+	}
+    }
+  return 0;
+}
+
 snat_session_t *
 nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u, u32 thread_index,
 		      f64 now)
@@ -663,34 +674,9 @@ nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u, u32 thread_index,
     }
 
 alloc_new:
-  /* try to free an expired session from global LRU list */
-  if (!s)
-    {
-      oldest_index = clib_dlist_remove_head (tsm->global_lru_pool,
-					     tsm->global_lru_head_index);
-      if (~0 != oldest_index)
-	{
-	  oldest_elt = pool_elt_at_index (tsm->global_lru_pool, oldest_index);
-	  s = pool_elt_at_index (tsm->sessions, oldest_elt->value);
-
-	  sess_timeout_time =
-	    s->last_heard + (f64) nat44_session_get_timeout (sm, s);
-	  if (now >= sess_timeout_time
-	      || (s->tcp_close_timestamp && now >= s->tcp_close_timestamp))
-	    {
-	      nat_free_session_data (sm, s, thread_index, 0);
-	      nat44_ed_delete_session (sm, s, thread_index, 0);
-	    }
-	  else
-	    {
-	      clib_dlist_addhead (tsm->global_lru_pool,
-				  tsm->global_lru_head_index, oldest_index);
-	    }
-	  s = NULL;
-	}
-    }
   if (!s)
     {
+      nat_global_lru_free_one (sm, thread_index, now);
       s = nat44_session_alloc_new (tsm, u, now);
       vlib_set_simple_counter (&sm->total_sessions, thread_index, 0,
 			       pool_elts (tsm->sessions));
@@ -4125,9 +4111,6 @@ snat_config (vlib_main_t * vm, unformat_input_t * input)
                                          translation_memory_size);
                   clib_bihash_set_kvp_format_fn_16_8 (&tsm->out2in_ed,
                                                       format_ed_session_kvp);
-                  clib_bihash_init_16_8
-                  (&sm->ed_ext_ports, "ed-nat-5-tuple-port-overload-hash",
-                   translation_buckets, translation_memory_size);
                 }
               else
                 {
author	Klement Sekera <ksekera@cisco.com>	2020-04-09 13:31:27 +0200
committer	Ole Trøan <otroan@employees.org>	2020-04-24 13:51:38 +0000
commit	69de9fadbfd2e6e256a5133513e002712705ded3 (patch)
tree	84c17fb37b5b9b08bb99c99e63351327095f1196 /src/plugins/nat/nat.c
parent	e7f420177620868275add23ba5fcea7c7d18c91a (diff)