diff options
| author |   Klement Sekera <ksekera@cisco.com> | 2020-03-10 12:32:54 +0100 |
|---|---|---|
| committer |   Ole Trøan <otroan@employees.org> | 2020-03-26 14:56:09 +0000 |
| commit | 1c2ac860ed9a80dac539af6408d70f7dfd2c238e (patch) | |
| tree | 5f418adb4fe3f43d104379179fc2885fc5b64f6a /src/plugins/nat/nat.h | |
| parent | 65c30ceb92dd79c7b00e8c31119db98d473dbfbb (diff) | |
nat: transitory timeout for TCP CLOSED state
Wait transitory timeout seconds before moving internal state of TCP
session to CLOSED state per RFC 7857. This patch implements this
functionality for endpoint-dependent NAT.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
Diffstat (limited to 'src/plugins/nat/nat.h')
| -rw-r--r-- | src/plugins/nat/nat.h | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h index 8df3b9a9cd3..83611016e34 100644 --- a/src/plugins/nat/nat.h +++ b/src/plugins/nat/nat.h @@ -228,6 +228,7 @@ _(MAX_FRAG, "maximum fragments per reassembly exceeded")\ _(CANNOT_CREATE_USER, "cannot create NAT user") \ _(NON_SYN, "non-SYN packet try to create session") \ _(TCP_PACKETS, "TCP packets") \ +_(TCP_CLOSED, "drops due to TCP in transitory timeout") \ _(UDP_PACKETS, "UDP packets") \ _(ICMP_PACKETS, "ICMP packets") \ _(OTHER_PACKETS, "other protocol packets") \ @@ -258,6 +259,7 @@ _(MAX_FRAG, "maximum fragments per reassembly exceeded")\ _(CANNOT_CREATE_USER, "cannot create NAT user") \ _(NON_SYN, "non-SYN packet try to create session") \ _(TCP_PACKETS, "TCP packets") \ +_(TCP_CLOSED, "drops due to TCP in transitory timeout") \ _(UDP_PACKETS, "UDP packets") \ _(ICMP_PACKETS, "ICMP packets") \ _(OTHER_PACKETS, "other protocol packets") \ @@ -341,6 +343,7 @@ typedef CLIB_PACKED(struct u8 state; u32 i2o_fin_seq; u32 o2i_fin_seq; + u32 tcp_close_timestamp; /* user index */ u32 user_index; @@ -746,23 +749,14 @@ extern vlib_node_registration_t nat_pre_out2in_node; extern vlib_node_registration_t snat_in2out_node; extern vlib_node_registration_t snat_in2out_output_node; extern vlib_node_registration_t snat_out2in_node; -extern vlib_node_registration_t snat_in2out_fast_node; -extern vlib_node_registration_t snat_out2in_fast_node; extern vlib_node_registration_t snat_in2out_worker_handoff_node; extern vlib_node_registration_t snat_in2out_output_worker_handoff_node; extern vlib_node_registration_t snat_out2in_worker_handoff_node; extern vlib_node_registration_t snat_det_in2out_node; extern vlib_node_registration_t snat_det_out2in_node; -extern vlib_node_registration_t snat_hairpin_dst_node; -extern vlib_node_registration_t snat_hairpin_src_node; extern vlib_node_registration_t nat44_ed_in2out_node; extern vlib_node_registration_t nat44_ed_in2out_output_node; extern vlib_node_registration_t nat44_ed_out2in_node; -extern vlib_node_registration_t nat44_ed_hairpin_dst_node; -extern vlib_node_registration_t nat44_ed_hairpin_src_node; -extern vlib_node_registration_t nat44_ed_in2out_worker_handoff_node; -extern vlib_node_registration_t nat44_ed_in2out_output_worker_handoff_node; -extern vlib_node_registration_t nat44_ed_out2in_worker_handoff_node; extern fib_source_t nat_fib_src_hi; extern fib_source_t nat_fib_src_low; |