diff options
author | Klement Sekera <ksekera@cisco.com> | 2021-05-26 13:02:35 +0200 |
---|---|---|
committer | Klement Sekera <ksekera@cisco.com> | 2021-10-14 14:12:26 +0200 |
commit | ff334db797c9cede308367ef1c27bd8dfce0baf4 (patch) | |
tree | 1c3cf1db09b25f6a4f0c01a3ad369abe66a8bd1f /src/plugins/nat/nat44-ei | |
parent | 4450b03ba2a69a9e8194c7054dac2c8c19d372cd (diff) |
nat: static mappings in flow hash
Put static mappings in flow hash, drop existing hash tables used for
static mappings. Drop refcount variables and use hash table as a single
point of truth. Allow creating a static mapping conflicting with dynamic
mapping, which will take precedence after dynamic mapping is freed, so
that the existing flow can finish transferring data.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Idfde8efabc09971be38921d4b0ca5ccf4e9fe412
Diffstat (limited to 'src/plugins/nat/nat44-ei')
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei.c | 6 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei.h | 1 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_in2out.c | 16 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_inlines.h | 24 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_out2in.c | 21 |
5 files changed, 44 insertions, 24 deletions
diff --git a/src/plugins/nat/nat44-ei/nat44_ei.c b/src/plugins/nat/nat44-ei/nat44_ei.c index 2dbef8e34df..3691af3a53e 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei.c +++ b/src/plugins/nat/nat44-ei/nat44_ei.c @@ -1102,7 +1102,8 @@ nat44_ei_free_session_data_v2 (nat44_ei_main_t *nm, nat44_ei_session_t *s, /* log NAT event */ nat_ipfix_logging_nat44_ses_delete ( thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, - s->nat_proto, s->in2out.port, s->out2in.port, s->in2out.fib_index); + nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port, + s->in2out.fib_index); nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr, s->ext_host_port, s->nat_proto, s->out2in.fib_index, @@ -1270,7 +1271,8 @@ nat44_ei_free_session_data (nat44_ei_main_t *nm, nat44_ei_session_t *s, nat_ipfix_logging_nat44_ses_delete ( thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, - s->nat_proto, s->in2out.port, s->out2in.port, s->in2out.fib_index); + nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port, + s->in2out.fib_index); nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr, s->ext_host_port, s->nat_proto, s->out2in.fib_index, diff --git a/src/plugins/nat/nat44-ei/nat44_ei.h b/src/plugins/nat/nat44-ei/nat44_ei.h index 2e5d85f071a..2e95b1413ca 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei.h +++ b/src/plugins/nat/nat44-ei/nat44_ei.h @@ -36,6 +36,7 @@ #include <nat/lib/lib.h> #include <nat/lib/inlines.h> +#include <nat/lib/nat_proto.h> /* default number of worker handoff frame queue elements */ #define NAT_FQ_NELTS_DEFAULT 64 diff --git a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c index 1e28ed6b635..a2fc5910584 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c +++ b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c @@ -271,13 +271,10 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) if (clib_bihash_add_del_8_8 (&nm->out2in, &s_kv, 0)) nat_elog_warn (nm, "out2in key del failed"); - nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete ( + ctx->thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, + nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, @@ -430,8 +427,9 @@ slow_path (nat44_ei_main_t *nm, vlib_buffer_t *b0, ip4_header_t *ip0, /* log NAT event */ nat_ipfix_logging_nat44_ses_create ( - thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, s->nat_proto, - s->in2out.port, s->out2in.port, s->in2out.fib_index); + thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, + nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_apmadd (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, &s->out2in.addr, s->out2in.port, diff --git a/src/plugins/nat/nat44-ei/nat44_ei_inlines.h b/src/plugins/nat/nat44-ei/nat44_ei_inlines.h index 672927256d1..399486c77dc 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_inlines.h +++ b/src/plugins/nat/nat44-ei/nat44_ei_inlines.h @@ -20,6 +20,7 @@ #include <nat/nat44-ei/nat44_ei.h> #include <nat/nat44-ei/nat44_ei_ha.h> +#include <nat/lib/nat_proto.h> always_inline u64 calc_nat_key (ip4_address_t addr, u16 port, u32 fib_index, u8 proto) @@ -220,6 +221,29 @@ nat44_ei_session_update_counters (nat44_ei_session_t *s, f64 now, uword bytes, &s->ha_last_refreshed, now); } +static_always_inline u32 +nat_session_get_timeout (nat_timeouts_t *timeouts, nat_protocol_t proto, + u8 state) +{ + switch (proto) + { + case NAT_PROTOCOL_ICMP: + return timeouts->icmp; + case NAT_PROTOCOL_UDP: + return timeouts->udp; + case NAT_PROTOCOL_TCP: + { + if (state) + return timeouts->tcp.transitory; + else + return timeouts->tcp.established; + } + default: + return timeouts->udp; + } + return 0; +} + #endif /* __included_nat44_ei_inlines_h__ */ /* diff --git a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c index 7796b11cfd7..7858811fde5 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c +++ b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c @@ -124,13 +124,10 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) if (clib_bihash_add_del_8_8 (&nm->in2out, &s_kv, 0)) nat_elog_warn (nm, "out2in key del failed"); - nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, - s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_delete ( + ctx->thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, + nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, @@ -233,12 +230,10 @@ create_session_for_static_mapping ( nat_elog_notice (nm, "out2in key add failed"); /* log NAT event */ - nat_ipfix_logging_nat44_ses_create (thread_index, - s->in2out.addr.as_u32, - s->out2in.addr.as_u32, - s->nat_proto, - s->in2out.port, - s->out2in.port, s->in2out.fib_index); + nat_ipfix_logging_nat44_ses_create ( + thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, + nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port, + s->in2out.fib_index); nat_syslog_nat44_apmadd (s->user_index, s->in2out.fib_index, &s->in2out.addr, s->in2out.port, &s->out2in.addr, |