diff options
author | Matus Fabian <matfabia@cisco.com> | 2017-07-11 03:55:02 -0700 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2017-08-16 08:36:43 +0000 |
commit | f8cd5817442f3a191befb3242a2c0c9bdd927ce0 (patch) | |
tree | 5836120f7430572c122cfe15e98a948d2424202f /src/plugins/snat/nat64.c | |
parent | 6d5c4cdbcc4799a9f43df68df434d5786db44b45 (diff) |
NAT64: Fallback to 3-tuple key for non TCP/UDP sessions (VPP-884)
Change-Id: I4cafc8291725feb499355092bd429433e649b5b2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/snat/nat64.c')
-rw-r--r-- | src/plugins/snat/nat64.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/src/plugins/snat/nat64.c b/src/plugins/snat/nat64.c index 47809b05d09..bd915b590d0 100644 --- a/src/plugins/snat/nat64.c +++ b/src/plugins/snat/nat64.c @@ -125,7 +125,9 @@ nat64_add_del_pool_addr (ip4_address_t * addr, u32 vrf_id, u8 is_add) clib_bitmap_free (a->busy_##n##_port_bitmap); foreach_snat_protocol #undef _ - vec_del1 (nm->addr_pool, i); + /* Delete sessions using address */ + nat64_db_free_out_addr (&nm->db, &a->addr); + vec_del1 (nm->addr_pool, i); } /* Add/del external address to FIB */ @@ -362,7 +364,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr, addr.as_u64[1] = in_addr->as_u64[1]; bibe = nat64_db_bib_entry_find (&nm->db, &addr, clib_host_to_net_u16 (in_port), - p, fib_index, 1); + proto, fib_index, 1); if (is_add) { @@ -389,8 +391,11 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr, foreach_snat_protocol #undef _ default: - clib_warning ("unknown protocol"); - return VNET_API_ERROR_INVALID_VALUE_2; + memset (&addr, 0, sizeof (addr)); + addr.ip4.as_u32 = out_addr->as_u32; + if (nat64_db_bib_entry_find + (&nm->db, &addr, 0, proto, fib_index, 0)) + return VNET_API_ERROR_INVALID_VALUE; } break; } @@ -398,7 +403,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr, nat64_db_bib_entry_create (&nm->db, in_addr, out_addr, clib_host_to_net_u16 (in_port), clib_host_to_net_u16 (out_port), fib_index, - p, 1); + proto, 1); if (!bibe) return VNET_API_ERROR_UNSPECIFIED; } @@ -511,7 +516,7 @@ nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm) nat64_main_t *nm = &nat64_main; u32 now = (u32) vlib_time_now (vm); - switch (ste->proto) + switch (ip_proto_to_snat_proto (ste->proto)) { case SNAT_PROTOCOL_ICMP: ste->expire = now + nm->icmp_timeout; @@ -539,6 +544,7 @@ nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm) ste->expire = now + nm->udp_timeout; return; default: + ste->expire = now + nm->udp_timeout; return; } } @@ -808,9 +814,6 @@ nat64_extract_ip4 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index) clib_warning ("invalid prefix length"); break; } - - clib_warning ("%U %U plen %u", format_ip6_address, ip6, format_ip4_address, - ip4, plen); } /** |