diff options
| author |   Klement Sekera <ksekera@cisco.com> | 2020-03-10 12:32:54 +0100 |
|---|---|---|
| committer |   Ole Trøan <otroan@employees.org> | 2020-03-26 14:56:09 +0000 |
| commit | 1c2ac860ed9a80dac539af6408d70f7dfd2c238e (patch) | |
| tree | 5f418adb4fe3f43d104379179fc2885fc5b64f6a /src/plugins/nat/nat44_cli.c | |
| parent | 65c30ceb92dd79c7b00e8c31119db98d473dbfbb (diff) | |
nat: transitory timeout for TCP CLOSED state
Wait transitory timeout seconds before moving internal state of TCP
session to CLOSED state per RFC 7857. This patch implements this
functionality for endpoint-dependent NAT.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
Diffstat (limited to 'src/plugins/nat/nat44_cli.c')
| -rw-r--r-- | src/plugins/nat/nat44_cli.c | 42 |
1 files changed, 40 insertions, 2 deletions
diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c index 45e00693676..cdf94a8dc9d 100644 --- a/src/plugins/nat/nat44_cli.c +++ b/src/plugins/nat/nat44_cli.c @@ -664,6 +664,8 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, u32 timed_out = 0; u32 transitory = 0; + u32 transitory_wait_closed = 0; + u32 transitory_closed = 0; u32 established = 0; if (sm->num_workers > 1) @@ -686,7 +688,23 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, case SNAT_PROTOCOL_TCP: tcp_sessions++; if (s->state) - transitory++; + { + if (s->tcp_close_timestamp) + { + if (now >= s->tcp_close_timestamp) + { + ++transitory_closed; + } + else + { + ++transitory_wait_closed; + } + } + else + { + transitory++; + } + } else established++; break; @@ -731,7 +749,23 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, case SNAT_PROTOCOL_TCP: tcp_sessions++; if (s->state) - transitory++; + { + if (s->tcp_close_timestamp) + { + if (now >= s->tcp_close_timestamp) + { + ++transitory_closed; + } + else + { + ++transitory_wait_closed; + } + } + else + { + transitory++; + } + } else established++; break; @@ -761,6 +795,10 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input, vlib_cli_output (vm, "total tcp sessions: %u", tcp_sessions); vlib_cli_output (vm, "total tcp established sessions: %u", established); vlib_cli_output (vm, "total tcp transitory sessions: %u", transitory); + vlib_cli_output (vm, "total tcp transitory (WAIT-CLOSED) sessions: %u", + transitory_wait_closed); + vlib_cli_output (vm, "total tcp transitory (CLOSED) sessions: %u", + transitory_closed); vlib_cli_output (vm, "total udp sessions: %u", udp_sessions); vlib_cli_output (vm, "total icmp sessions: %u", icmp_sessions); return 0; |