diff options
author | Elias Rudberg <elias.rudberg@bahnhof.net> | 2020-07-02 21:21:34 +0200 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2020-07-23 12:50:57 +0000 |
commit | bf9a0c8097d47f052efea13a09d3a6c6fc68fb35 (patch) | |
tree | 968884118160c9fa831d7f501d861f9c8350fa56 /src/plugins | |
parent | 7c8644c368e19d8d34059ffa13e208f1534e23be (diff) |
nat: fix port number selection
Change the port number selection for new NAT sessions so that it
matches how the thread index is calculated from the port number for
out2in packets. Before this change there was a problem when the
largest port number in the range was used, that resulted in the wrong
thread index being selected when out2in packets arrive for that
session.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I936c389eb0d5df6168e18e5e44754de1cdad6ad1
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Diffstat (limited to 'src/plugins')
-rw-r--r-- | src/plugins/nat/in2out_ed.c | 8 | ||||
-rw-r--r-- | src/plugins/nat/nat.c | 4 |
2 files changed, 6 insertions, 6 deletions
diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index 080f37e7c15..8eafb5ba7ed 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -217,14 +217,14 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, if (a->fib_index == rx_fib_index) \ { \ /* first try port suggested by caller */ \ - u16 port = clib_net_to_host_u16 (*outside_port); \ + u16 port = clib_net_to_host_u16 (*outside_port); \ u16 port_offset = port - port_thread_offset; \ if (port <= port_thread_offset || \ port > port_thread_offset + port_per_thread) \ { \ /* need to pick a different port, suggested port doesn't fit in \ * this thread's port range */ \ - port_offset = snat_random_port (1, port_per_thread); \ + port_offset = snat_random_port (0, port_per_thread - 1); \ port = port_thread_offset + port_offset; \ } \ u16 attempts = port_per_thread; \ @@ -240,8 +240,8 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index, ++a->busy_##n##_port_refcounts[port]; \ a->busy_##n##_ports_per_thread[thread_index]++; \ a->busy_##n##_ports++; \ - *outside_addr = a->addr; \ - *outside_port = clib_host_to_net_u16 (port); \ + *outside_addr = a->addr; \ + *outside_port = clib_host_to_net_u16 (port); \ return 0; \ } \ port_offset = (port_offset + 1) % port_per_thread; \ diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index c4c5dd87c86..fa62250cb1c 100644 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -2893,7 +2893,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, { \ portnum = (port_per_thread * \ snat_thread_index) + \ - snat_random_port(1, port_per_thread) + 1024; \ + snat_random_port(0, port_per_thread - 1) + 1024; \ if (a->busy_##n##_port_refcounts[portnum]) \ continue; \ --a->busy_##n##_port_refcounts[portnum]; \ @@ -2930,7 +2930,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses, { \ portnum = (port_per_thread * \ snat_thread_index) + \ - snat_random_port(1, port_per_thread) + 1024; \ + snat_random_port(0, port_per_thread - 1) + 1024; \ if (a->busy_##n##_port_refcounts[portnum]) \ continue; \ ++a->busy_##n##_port_refcounts[portnum]; \ |