aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xsrc/plugins/nat/nat.c1
-rw-r--r--src/plugins/nat/nat.h3
-rw-r--r--src/plugins/nat/nat44/inlines.h40
3 files changed, 33 insertions, 11 deletions
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 9f516586877..07147083e52 100755
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -3935,6 +3935,7 @@ snat_config (vlib_main_t * vm, unformat_input_t * input)
/* *INDENT-OFF* */
vec_foreach (tsm, sm->per_thread_data)
{
+ tsm->min_session_timeout = 0;
if (sm->endpoint_dependent)
{
clib_bihash_init_16_8 (&tsm->in2out_ed, "in2out-ed",
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 9cde96840f8..fd7ec3b1434 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -516,6 +516,9 @@ typedef struct
/* real thread index */
u32 thread_index;
+
+ /* discovered minimum session timeout time */
+ u64 min_session_timeout;
} snat_main_per_thread_data_t;
struct snat_main_s;
diff --git a/src/plugins/nat/nat44/inlines.h b/src/plugins/nat/nat44/inlines.h
index d7c355490cc..52dd37c9321 100644
--- a/src/plugins/nat/nat44/inlines.h
+++ b/src/plugins/nat/nat44/inlines.h
@@ -65,7 +65,11 @@ nat44_user_try_cleanup (snat_user_t * u, u32 thread_index, f64 now)
(f64) nat44_session_get_timeout (sm, s);
if (now < sess_timeout_time)
- continue;
+ {
+ tsm->min_session_timeout =
+ clib_min (sess_timeout_time, tsm->min_session_timeout);
+ continue;
+ }
nat44_session_cleanup (s, thread_index);
}
@@ -93,19 +97,33 @@ nat44_session_try_cleanup (ip4_address_t * addr,
if (PREDICT_TRUE (pool_elts (tsm->sessions) < sm->max_translations))
return;
- // there is no place so we try to cleanup all users in this thread
- /* *INDENT-OFF* */
- pool_foreach (u, tsm->users,
- ({
- nat44_user_try_cleanup (u, thread_index, now);
- }));
- /* *INDENT-ON* */
+ if (now >= tsm->min_session_timeout)
+ {
+ tsm->min_session_timeout = ~0;
+ // there is no place so we try to cleanup all users in this thread
+ /* *INDENT-OFF* */
+ pool_foreach (u, tsm->users,
+ ({ nat44_user_try_cleanup (u, thread_index, now); }));
+ /* *INDENT-ON* */
+ if (~0 == tsm->min_session_timeout)
+ {
+ tsm->min_session_timeout = 0;
+ }
+ }
return;
}
- // each time user creates a new session we try to cleanup expired sessions
- nat44_user_try_cleanup (pool_elt_at_index (tsm->users, value.value),
- thread_index, now);
+ if (now >= tsm->min_session_timeout)
+ {
+ tsm->min_session_timeout = ~0;
+ // each time user creates a new session we try to cleanup expired sessions
+ nat44_user_try_cleanup (pool_elt_at_index (tsm->users, value.value),
+ thread_index, now);
+ if (~0 == tsm->min_session_timeout)
+ {
+ tsm->min_session_timeout = 0;
+ }
+ }
}
static_always_inline void