summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat44
diff options
context:
space:
mode:
authorKlement Sekera <ksekera@cisco.com>2020-03-10 12:32:54 +0100
committerOle Trøan <otroan@employees.org>2020-03-26 14:56:09 +0000
commit1c2ac860ed9a80dac539af6408d70f7dfd2c238e (patch)
tree5f418adb4fe3f43d104379179fc2885fc5b64f6a /src/plugins/nat/nat44
parent65c30ceb92dd79c7b00e8c31119db98d473dbfbb (diff)
nat: transitory timeout for TCP CLOSED state
Wait transitory timeout seconds before moving internal state of TCP session to CLOSED state per RFC 7857. This patch implements this functionality for endpoint-dependent NAT. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
Diffstat (limited to 'src/plugins/nat/nat44')
-rw-r--r--src/plugins/nat/nat44/inlines.h8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/plugins/nat/nat44/inlines.h b/src/plugins/nat/nat44/inlines.h
index 7cc24750423..fcaf57383ef 100644
--- a/src/plugins/nat/nat44/inlines.h
+++ b/src/plugins/nat/nat44/inlines.h
@@ -61,7 +61,7 @@ nat44_session_reuse_old (snat_main_t * sm, snat_user_t * u,
s->ext_host_port = 0;
s->ext_host_nat_addr.as_u32 = 0;
s->ext_host_nat_port = 0;
- //
+ s->tcp_close_timestamp = 0;
s->ha_last_refreshed = now;
return s;
}
@@ -193,6 +193,12 @@ nat44_user_session_cleanup (snat_user_t * u, u32 thread_index, f64 now)
sess_timeout_time = s->last_heard +
(f64) nat44_session_get_timeout (sm, s);
+ if (s->tcp_close_timestamp)
+ {
+ sess_timeout_time =
+ clib_min (sess_timeout_time, s->tcp_close_timestamp);
+ }
+
if (now < sess_timeout_time)
continue;