diff options
author | Filip Varga <fivarga@cisco.com> | 2020-04-16 13:20:25 +0200 |
---|---|---|
committer | Filip Varga <fivarga@cisco.com> | 2020-05-04 12:15:02 +0200 |
commit | 6bb080f1e54391b161cf211a9cfa3f488f2fd331 (patch) | |
tree | 8af5f6df9baaacb2a6f10af8ff51e48f7de0846a /src/plugins/nat/out2in_ed.c | |
parent | 2f1563129ad8d34d365f5ef8620ff76ff7b08e70 (diff) |
nat: per vrf session limits
Type: improvement
Change-Id: I170256ab47978db34fb0ff6808d9cd54ab872410
Signed-off-by: Filip Varga <fivarga@cisco.com>
Diffstat (limited to 'src/plugins/nat/out2in_ed.c')
-rw-r--r-- | src/plugins/nat/out2in_ed.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c index 1382125dcf7..26a2e877a54 100644 --- a/src/plugins/nat/out2in_ed.c +++ b/src/plugins/nat/out2in_ed.c @@ -193,6 +193,7 @@ create_session_for_static_mapping_ed (snat_main_t * sm, snat_session_key_t l_key, snat_session_key_t e_key, vlib_node_runtime_t * node, + u32 rx_fib_index, u32 thread_index, twice_nat_type_t twice_nat, lb_nat_type_t lb_nat, f64 now) @@ -205,7 +206,8 @@ create_session_for_static_mapping_ed (snat_main_t * sm, snat_session_key_t eh_key; nat44_is_idle_session_ctx_t ctx; - if (PREDICT_FALSE (nat44_maximum_sessions_exceeded (sm, thread_index))) + if (PREDICT_FALSE + (nat44_ed_maximum_sessions_exceeded (sm, rx_fib_index, thread_index))) { b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED]; nat_elog_notice ("maximum sessions exceeded"); @@ -359,7 +361,9 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip, { u32 proto; - if (PREDICT_FALSE (nat44_maximum_sessions_exceeded (sm, thread_index))) + if (PREDICT_FALSE + (nat44_ed_maximum_sessions_exceeded + (sm, rx_fib_index, thread_index))) return; s = nat_ed_session_alloc (sm, thread_index, now); @@ -502,7 +506,8 @@ icmp_match_out2in_ed (snat_main_t * sm, vlib_node_runtime_t * node, /* Create session initiated by host from external network */ s = create_session_for_static_mapping_ed (sm, b, l_key, e_key, node, - thread_index, 0, 0, + rx_fib_index, thread_index, 0, + 0, vlib_time_now (sm->vlib_main)); @@ -568,7 +573,9 @@ nat44_ed_out2in_unknown_proto (snat_main_t * sm, } else { - if (PREDICT_FALSE (nat44_maximum_sessions_exceeded (sm, thread_index))) + if (PREDICT_FALSE + (nat44_ed_maximum_sessions_exceeded + (sm, rx_fib_index, thread_index))) { b->error = node->errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED]; nat_elog_notice ("maximum sessions exceeded"); @@ -1089,6 +1096,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm, /* Create session initiated by host from external network */ s0 = create_session_for_static_mapping_ed (sm, b0, l_key0, e_key0, node, + rx_fib_index0, thread_index, twice_nat0, lb_nat0, now); |