diff options
| author |   Matus Fabian <matfabia@cisco.com> | 2018-06-13 05:39:07 -0700 |
|---|---|---|
| committer |   Ole Trøan <otroan@employees.org> | 2018-06-15 06:53:24 +0000 |
| commit | a6110b6ea5a066b64005347850f61df9a2000fe9 (patch) | |
| tree | e8c836dadfe7238592ef5baaabc9cf520c5e813f /src/plugins/nat/nat.h | |
| parent | e43832c7e77b8b008ab452386b143bb3f7f5be40 (diff) | |
NAT44: endpoint dependent mode (VPP-1273)
To enable NAT plugin endpoint dependent mode add following to statrup config:
nat { endpoint-dependent }
Enable endpoint dependent filtering and mapping for all sessions.
Move some existing functionality such as service load balancing, twice nat,
out2in-only static mappings and unknown protocol dynamic translations, which
use endpoint dependent lookup hash tables before. Basically split to vanilla
NAT44 and extra features NAT44.
Change-Id: I3925eb5ddcc8f1ec4cf6af4e2a618a7ec7aa9735
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/nat/nat.h')
| -rw-r--r-- | src/plugins/nat/nat.h | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h index 9de65d97e03..bd00a5246dd 100644 --- a/src/plugins/nat/nat.h +++ b/src/plugins/nat/nat.h @@ -245,7 +245,7 @@ typedef struct { u32 vrf_id; u32 fib_index; snat_protocol_t proto; - u32 worker_index; + u32 *workers; u8 *tag; nat44_lb_addr_port_t *locals; } snat_static_mapping_t; @@ -273,6 +273,10 @@ typedef struct { clib_bihash_8_8_t out2in; clib_bihash_8_8_t in2out; + /* Endpoint dependent sessions lookup tables */ + clib_bihash_16_8_t out2in_ed; + clib_bihash_16_8_t in2out_ed; + /* Find-a-user => src address lookup */ clib_bihash_8_8_t user_hash; @@ -312,16 +316,11 @@ typedef int nat_alloc_out_addr_and_port_function_t (snat_address_t * addresses, u32 snat_thread_index); typedef struct snat_main_s { - /* Endpoint address dependent sessions lookup tables */ - clib_bihash_16_8_t out2in_ed; - clib_bihash_16_8_t in2out_ed; - snat_icmp_match_function_t * icmp_match_in2out_cb; snat_icmp_match_function_t * icmp_match_out2in_cb; u32 num_workers; u32 first_worker_index; - u32 next_worker; u32 * workers; snat_get_worker_function_t * worker_in2out_cb; snat_get_worker_function_t * worker_out2in_cb; @@ -386,6 +385,7 @@ typedef struct snat_main_s { u8 static_mapping_connection_tracking; u8 deterministic; u8 out2in_dpo; + u8 endpoint_dependent; u32 translation_buckets; u32 translation_memory_size; u32 max_translations; @@ -430,6 +430,14 @@ extern vlib_node_registration_t snat_det_in2out_node; extern vlib_node_registration_t snat_det_out2in_node; extern vlib_node_registration_t snat_hairpin_dst_node; extern vlib_node_registration_t snat_hairpin_src_node; +extern vlib_node_registration_t nat44_ed_in2out_node; +extern vlib_node_registration_t nat44_ed_in2out_output_node; +extern vlib_node_registration_t nat44_ed_out2in_node; +extern vlib_node_registration_t nat44_ed_hairpin_dst_node; +extern vlib_node_registration_t nat44_ed_hairpin_src_node; +extern vlib_node_registration_t nat44_ed_in2out_worker_handoff_node; +extern vlib_node_registration_t nat44_ed_in2out_output_worker_handoff_node; +extern vlib_node_registration_t nat44_ed_out2in_worker_handoff_node; void snat_free_outside_address_and_port (snat_address_t * addresses, u32 thread_index, @@ -548,6 +556,11 @@ u32 icmp_match_in2out_det(snat_main_t *sm, vlib_node_runtime_t *node, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e); +u32 icmp_match_in2out_ed(snat_main_t *sm, vlib_node_runtime_t *node, + u32 thread_index, vlib_buffer_t *b0, + ip4_header_t *ip0, u8 *p_proto, + snat_session_key_t *p_value, + u8 *p_dont_translate, void *d, void *e); u32 icmp_match_out2in_fast(snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, @@ -563,9 +576,14 @@ u32 icmp_match_out2in_det(snat_main_t *sm, vlib_node_runtime_t *node, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e); +u32 icmp_match_out2in_ed(snat_main_t *sm, vlib_node_runtime_t *node, + u32 thread_index, vlib_buffer_t *b0, + ip4_header_t *ip0, u8 *p_proto, + snat_session_key_t *p_value, + u8 *p_dont_translate, void *d, void *e); void increment_v4_address(ip4_address_t * a); -void snat_add_address(snat_main_t *sm, ip4_address_t *addr, u32 vrf_id, - u8 twice_nat); +int snat_add_address(snat_main_t *sm, ip4_address_t *addr, u32 vrf_id, + u8 twice_nat); int snat_del_address(snat_main_t *sm, ip4_address_t addr, u8 delete_sm, u8 twice_nat); void nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add); |