aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/snat/nat64.c
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2017-07-11 03:55:02 -0700
committerOle Trøan <otroan@employees.org>2017-08-16 08:36:43 +0000
commitf8cd5817442f3a191befb3242a2c0c9bdd927ce0 (patch)
tree5836120f7430572c122cfe15e98a948d2424202f /src/plugins/snat/nat64.c
parent6d5c4cdbcc4799a9f43df68df434d5786db44b45 (diff)
NAT64: Fallback to 3-tuple key for non TCP/UDP sessions (VPP-884)
Change-Id: I4cafc8291725feb499355092bd429433e649b5b2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins/snat/nat64.c')
-rw-r--r--src/plugins/snat/nat64.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/src/plugins/snat/nat64.c b/src/plugins/snat/nat64.c
index 47809b05d09..bd915b590d0 100644
--- a/src/plugins/snat/nat64.c
+++ b/src/plugins/snat/nat64.c
@@ -125,7 +125,9 @@ nat64_add_del_pool_addr (ip4_address_t * addr, u32 vrf_id, u8 is_add)
clib_bitmap_free (a->busy_##n##_port_bitmap);
foreach_snat_protocol
#undef _
- vec_del1 (nm->addr_pool, i);
+ /* Delete sessions using address */
+ nat64_db_free_out_addr (&nm->db, &a->addr);
+ vec_del1 (nm->addr_pool, i);
}
/* Add/del external address to FIB */
@@ -362,7 +364,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr,
addr.as_u64[1] = in_addr->as_u64[1];
bibe =
nat64_db_bib_entry_find (&nm->db, &addr, clib_host_to_net_u16 (in_port),
- p, fib_index, 1);
+ proto, fib_index, 1);
if (is_add)
{
@@ -389,8 +391,11 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr,
foreach_snat_protocol
#undef _
default:
- clib_warning ("unknown protocol");
- return VNET_API_ERROR_INVALID_VALUE_2;
+ memset (&addr, 0, sizeof (addr));
+ addr.ip4.as_u32 = out_addr->as_u32;
+ if (nat64_db_bib_entry_find
+ (&nm->db, &addr, 0, proto, fib_index, 0))
+ return VNET_API_ERROR_INVALID_VALUE;
}
break;
}
@@ -398,7 +403,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr,
nat64_db_bib_entry_create (&nm->db, in_addr, out_addr,
clib_host_to_net_u16 (in_port),
clib_host_to_net_u16 (out_port), fib_index,
- p, 1);
+ proto, 1);
if (!bibe)
return VNET_API_ERROR_UNSPECIFIED;
}
@@ -511,7 +516,7 @@ nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm)
nat64_main_t *nm = &nat64_main;
u32 now = (u32) vlib_time_now (vm);
- switch (ste->proto)
+ switch (ip_proto_to_snat_proto (ste->proto))
{
case SNAT_PROTOCOL_ICMP:
ste->expire = now + nm->icmp_timeout;
@@ -539,6 +544,7 @@ nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm)
ste->expire = now + nm->udp_timeout;
return;
default:
+ ste->expire = now + nm->udp_timeout;
return;
}
}
@@ -808,9 +814,6 @@ nat64_extract_ip4 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index)
clib_warning ("invalid prefix length");
break;
}
-
- clib_warning ("%U %U plen %u", format_ip6_address, ip6, format_ip4_address,
- ip4, plen);
}
/**