summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat.h
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2018-06-13 05:39:07 -0700
committerOle Trøan <otroan@employees.org>2018-06-15 06:53:24 +0000
commita6110b6ea5a066b64005347850f61df9a2000fe9 (patch)
treee8c836dadfe7238592ef5baaabc9cf520c5e813f /src/plugins/nat/nat.h
parente43832c7e77b8b008ab452386b143bb3f7f5be40 (diff)
NAT44: endpoint dependent mode (VPP-1273)
To enable NAT plugin endpoint dependent mode add following to statrup config: nat { endpoint-dependent } Enable endpoint dependent filtering and mapping for all sessions. Move some existing functionality such as service load balancing, twice nat, out2in-only static mappings and unknown protocol dynamic translations, which use endpoint dependent lookup hash tables before. Basically split to vanilla NAT44 and extra features NAT44. Change-Id: I3925eb5ddcc8f1ec4cf6af4e2a618a7ec7aa9735 Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/nat/nat.h')
-rw-r--r--src/plugins/nat/nat.h34
1 files changed, 26 insertions, 8 deletions
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 9de65d97e03..bd00a5246dd 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -245,7 +245,7 @@ typedef struct {
u32 vrf_id;
u32 fib_index;
snat_protocol_t proto;
- u32 worker_index;
+ u32 *workers;
u8 *tag;
nat44_lb_addr_port_t *locals;
} snat_static_mapping_t;
@@ -273,6 +273,10 @@ typedef struct {
clib_bihash_8_8_t out2in;
clib_bihash_8_8_t in2out;
+ /* Endpoint dependent sessions lookup tables */
+ clib_bihash_16_8_t out2in_ed;
+ clib_bihash_16_8_t in2out_ed;
+
/* Find-a-user => src address lookup */
clib_bihash_8_8_t user_hash;
@@ -312,16 +316,11 @@ typedef int nat_alloc_out_addr_and_port_function_t (snat_address_t * addresses,
u32 snat_thread_index);
typedef struct snat_main_s {
- /* Endpoint address dependent sessions lookup tables */
- clib_bihash_16_8_t out2in_ed;
- clib_bihash_16_8_t in2out_ed;
-
snat_icmp_match_function_t * icmp_match_in2out_cb;
snat_icmp_match_function_t * icmp_match_out2in_cb;
u32 num_workers;
u32 first_worker_index;
- u32 next_worker;
u32 * workers;
snat_get_worker_function_t * worker_in2out_cb;
snat_get_worker_function_t * worker_out2in_cb;
@@ -386,6 +385,7 @@ typedef struct snat_main_s {
u8 static_mapping_connection_tracking;
u8 deterministic;
u8 out2in_dpo;
+ u8 endpoint_dependent;
u32 translation_buckets;
u32 translation_memory_size;
u32 max_translations;
@@ -430,6 +430,14 @@ extern vlib_node_registration_t snat_det_in2out_node;
extern vlib_node_registration_t snat_det_out2in_node;
extern vlib_node_registration_t snat_hairpin_dst_node;
extern vlib_node_registration_t snat_hairpin_src_node;
+extern vlib_node_registration_t nat44_ed_in2out_node;
+extern vlib_node_registration_t nat44_ed_in2out_output_node;
+extern vlib_node_registration_t nat44_ed_out2in_node;
+extern vlib_node_registration_t nat44_ed_hairpin_dst_node;
+extern vlib_node_registration_t nat44_ed_hairpin_src_node;
+extern vlib_node_registration_t nat44_ed_in2out_worker_handoff_node;
+extern vlib_node_registration_t nat44_ed_in2out_output_worker_handoff_node;
+extern vlib_node_registration_t nat44_ed_out2in_worker_handoff_node;
void snat_free_outside_address_and_port (snat_address_t * addresses,
u32 thread_index,
@@ -548,6 +556,11 @@ u32 icmp_match_in2out_det(snat_main_t *sm, vlib_node_runtime_t *node,
ip4_header_t *ip0, u8 *p_proto,
snat_session_key_t *p_value,
u8 *p_dont_translate, void *d, void *e);
+u32 icmp_match_in2out_ed(snat_main_t *sm, vlib_node_runtime_t *node,
+ u32 thread_index, vlib_buffer_t *b0,
+ ip4_header_t *ip0, u8 *p_proto,
+ snat_session_key_t *p_value,
+ u8 *p_dont_translate, void *d, void *e);
u32 icmp_match_out2in_fast(snat_main_t *sm, vlib_node_runtime_t *node,
u32 thread_index, vlib_buffer_t *b0,
ip4_header_t *ip0, u8 *p_proto,
@@ -563,9 +576,14 @@ u32 icmp_match_out2in_det(snat_main_t *sm, vlib_node_runtime_t *node,
ip4_header_t *ip0, u8 *p_proto,
snat_session_key_t *p_value,
u8 *p_dont_translate, void *d, void *e);
+u32 icmp_match_out2in_ed(snat_main_t *sm, vlib_node_runtime_t *node,
+ u32 thread_index, vlib_buffer_t *b0,
+ ip4_header_t *ip0, u8 *p_proto,
+ snat_session_key_t *p_value,
+ u8 *p_dont_translate, void *d, void *e);
void increment_v4_address(ip4_address_t * a);
-void snat_add_address(snat_main_t *sm, ip4_address_t *addr, u32 vrf_id,
- u8 twice_nat);
+int snat_add_address(snat_main_t *sm, ip4_address_t *addr, u32 vrf_id,
+ u8 twice_nat);
int snat_del_address(snat_main_t *sm, ip4_address_t addr, u8 delete_sm,
u8 twice_nat);
void nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add);