diff options
Diffstat (limited to 'src/plugins/nat/nat44-ei')
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei.c | 33 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_ha.c | 16 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_in2out.c | 60 | ||||
-rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_out2in.c | 45 |
4 files changed, 73 insertions, 81 deletions
diff --git a/src/plugins/nat/nat44-ei/nat44_ei.c b/src/plugins/nat/nat44-ei/nat44_ei.c index 00aa8e1b65b..34288e14856 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei.c +++ b/src/plugins/nat/nat44-ei/nat44_ei.c @@ -194,15 +194,12 @@ nat44_ei_free_session_data (snat_main_t *sm, snat_session_t *s, { clib_bihash_kv_8_8_t kv; - snat_main_per_thread_data_t *tsm = - vec_elt_at_index (sm->per_thread_data, thread_index); - init_nat_i2o_k (&kv, s); - if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0)) + if (clib_bihash_add_del_8_8 (&sm->in2out, &kv, 0)) nat_elog_warn ("in2out key del failed"); init_nat_o2i_k (&kv, s); - if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0)) + if (clib_bihash_add_del_8_8 (&sm->out2in, &kv, 0)) nat_elog_warn ("out2in key del failed"); if (!is_ha) @@ -709,7 +706,7 @@ nat44_ei_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port, tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers); init_nat_k (&kv, *addr, port, fib_index, proto); - t = is_in ? &tsm->in2out : &tsm->out2in; + t = is_in ? &sm->in2out : &sm->out2in; if (!clib_bihash_search_8_8 (t, &kv, &value)) { if (pool_is_free_index (tsm->sessions, value.value)) @@ -832,7 +829,7 @@ nat44_ei_add_del_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, local->fib_index = fib_table_find_or_create_and_lock ( FIB_PROTOCOL_IP4, vrf_id, sm->fib_src_low); init_nat_kv (&kv, m->local_addr, m->local_port, local->fib_index, - m->proto, m - sm->static_mappings); + m->proto, 0, m - sm->static_mappings); clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 1); return 0; } @@ -956,11 +953,11 @@ nat44_ei_add_del_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, else tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers); - init_nat_kv (&kv, m->local_addr, m->local_port, fib_index, m->proto, + init_nat_kv (&kv, m->local_addr, m->local_port, fib_index, m->proto, 0, m - sm->static_mappings); clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 1); - init_nat_kv (&kv, m->external_addr, m->external_port, 0, m->proto, + init_nat_kv (&kv, m->external_addr, m->external_port, 0, m->proto, 0, m - sm->static_mappings); clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 1); @@ -1191,8 +1188,6 @@ nat44_ei_worker_db_free (snat_main_per_thread_data_t *tsm) pool_free (tsm->sessions); pool_free (tsm->users); - clib_bihash_free_8_8 (&tsm->in2out); - clib_bihash_free_8_8 (&tsm->out2in); clib_bihash_free_8_8 (&tsm->user_hash); } @@ -1206,12 +1201,8 @@ nat44_ei_worker_db_init (snat_main_per_thread_data_t *tsm, u32 translations, pool_alloc (tsm->lru_pool, translations); pool_alloc (tsm->sessions, translations); - clib_bihash_init_8_8 (&tsm->in2out, "in2out", translation_buckets, 0); - clib_bihash_init_8_8 (&tsm->out2in, "out2in", translation_buckets, 0); clib_bihash_init_8_8 (&tsm->user_hash, "users", user_buckets, 0); - clib_bihash_set_kvp_format_fn_8_8 (&tsm->in2out, format_session_kvp); - clib_bihash_set_kvp_format_fn_8_8 (&tsm->out2in, format_session_kvp); clib_bihash_set_kvp_format_fn_8_8 (&tsm->user_hash, format_user_kvp); pool_get (tsm->lru_pool, head); @@ -1247,6 +1238,8 @@ nat44_ei_db_free () if (sm->pat) { + clib_bihash_free_8_8 (&sm->in2out); + clib_bihash_free_8_8 (&sm->out2in); vec_foreach (tsm, sm->per_thread_data) { nat44_ei_worker_db_free (tsm); @@ -1276,6 +1269,10 @@ nat44_ei_db_init (u32 translations, u32 translation_buckets, u32 user_buckets) if (sm->pat) { + clib_bihash_init_8_8 (&sm->in2out, "in2out", translation_buckets, 0); + clib_bihash_init_8_8 (&sm->out2in, "out2in", translation_buckets, 0); + clib_bihash_set_kvp_format_fn_8_8 (&sm->in2out, format_session_kvp); + clib_bihash_set_kvp_format_fn_8_8 (&sm->out2in, format_session_kvp); vec_foreach (tsm, sm->per_thread_data) { nat44_ei_worker_db_init (tsm, translations, translation_buckets, @@ -1294,6 +1291,12 @@ nat44_ei_sessions_clear () if (sm->pat) { + clib_bihash_free_8_8 (&sm->in2out); + clib_bihash_free_8_8 (&sm->out2in); + clib_bihash_init_8_8 (&sm->in2out, "in2out", nm->translation_buckets, 0); + clib_bihash_init_8_8 (&sm->out2in, "out2in", nm->translation_buckets, 0); + clib_bihash_set_kvp_format_fn_8_8 (&sm->in2out, format_session_kvp); + clib_bihash_set_kvp_format_fn_8_8 (&sm->out2in, format_session_kvp); vec_foreach (tsm, sm->per_thread_data) { nat44_ei_worker_db_free (tsm); diff --git a/src/plugins/nat/nat44-ei/nat44_ei_ha.c b/src/plugins/nat/nat44-ei/nat44_ei_ha.c index 0b904bf079b..aea758af2d4 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_ha.c +++ b/src/plugins/nat/nat44-ei/nat44_ei_ha.c @@ -241,15 +241,15 @@ nat44_ei_ha_sadd (ip4_address_t *in_addr, u16 in_port, ip4_address_t *out_addr, } break; } - init_nat_o2i_kv (&kv, s, s - tsm->sessions); - if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 1)) + init_nat_o2i_kv (&kv, s, thread_index, s - tsm->sessions); + if (clib_bihash_add_del_8_8 (&sm->out2in, &kv, 1)) nat_elog_warn ("out2in key add failed"); s->in2out.addr.as_u32 = in_addr->as_u32; s->in2out.port = in_port; s->in2out.fib_index = fib_index; - init_nat_i2o_kv (&kv, s, s - tsm->sessions); - if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 1)) + init_nat_i2o_kv (&kv, s, thread_index, s - tsm->sessions); + if (clib_bihash_add_del_8_8 (&sm->in2out, &kv, 1)) nat_elog_warn ("in2out key add failed"); } @@ -273,10 +273,10 @@ nat44_ei_ha_sdel (ip4_address_t *out_addr, u16 out_port, tsm = vec_elt_at_index (sm->per_thread_data, thread_index); init_nat_k (&kv, *out_addr, out_port, fib_index, proto); - if (clib_bihash_search_8_8 (&tsm->out2in, &kv, &value)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv, &value)) return; - s = pool_elt_at_index (tsm->sessions, value.value); + s = pool_elt_at_index (tsm->sessions, nat_value_get_session_index (&value)); nat_free_session_data (sm, s, thread_index, 1); nat44_delete_session (sm, s, thread_index); } @@ -294,10 +294,10 @@ nat44_ei_ha_sref (ip4_address_t *out_addr, u16 out_port, tsm = vec_elt_at_index (sm->per_thread_data, thread_index); init_nat_k (&kv, *out_addr, out_port, fib_index, proto); - if (clib_bihash_search_8_8 (&tsm->out2in, &kv, &value)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv, &value)) return; - s = pool_elt_at_index (tsm->sessions, value.value); + s = pool_elt_at_index (tsm->sessions, nat_value_get_session_index (&value)); s->total_pkts = total_pkts; s->total_bytes = total_bytes; } diff --git a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c index 303c588d34e..6a4658513d7 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c +++ b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c @@ -124,8 +124,7 @@ snat_not_translate (snat_main_t * sm, vlib_node_runtime_t * node, /* NAT packet aimed at external address if */ /* has active sessions */ - if (clib_bihash_search_8_8 (&sm->per_thread_data[thread_index].out2in, &kv0, - &value0)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0)) { /* or is static mappings */ ip4_address_t placeholder_addr; @@ -159,15 +158,13 @@ nat_not_translate_output_feature (snat_main_t * sm, ip4_header_t * ip0, init_nat_k (&kv0, ip0->src_address, src_port, ip4_fib_table_get_index_for_sw_if_index (sw_if_index), proto0); - if (!clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].out2in, &kv0, &value0)) + if (!clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0)) return 1; /* dst NAT check */ init_nat_k (&kv0, ip0->dst_address, dst_port, ip4_fib_table_get_index_for_sw_if_index (sw_if_index), proto0); - if (!clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].in2out, &kv0, &value0)) + if (!clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0)) { /* hairpinning */ /* *INDENT-OFF* */ @@ -200,7 +197,7 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) if (ctx->now >= sess_timeout_time) { init_nat_o2i_k (&s_kv, s); - if (clib_bihash_add_del_8_8 (&tsm->out2in, &s_kv, 0)) + if (clib_bihash_add_del_8_8 (&sm->out2in, &s_kv, 0)) nat_elog_warn ("out2in key del failed"); nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, @@ -354,16 +351,16 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0, /* Add to translation hashes */ ctx0.now = now; ctx0.thread_index = thread_index; - init_nat_i2o_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions); - if (clib_bihash_add_or_overwrite_stale_8_8 - (&sm->per_thread_data[thread_index].in2out, &kv0, - nat44_i2o_is_idle_session_cb, &ctx0)) + init_nat_i2o_kv (&kv0, s, thread_index, + s - sm->per_thread_data[thread_index].sessions); + if (clib_bihash_add_or_overwrite_stale_8_8 ( + &sm->in2out, &kv0, nat44_i2o_is_idle_session_cb, &ctx0)) nat_elog_notice ("in2out key add failed"); - init_nat_o2i_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions); - if (clib_bihash_add_or_overwrite_stale_8_8 - (&sm->per_thread_data[thread_index].out2in, &kv0, - nat44_o2i_is_idle_session_cb, &ctx0)) + init_nat_o2i_kv (&kv0, s, thread_index, + s - sm->per_thread_data[thread_index].sessions); + if (clib_bihash_add_or_overwrite_stale_8_8 ( + &sm->out2in, &kv0, nat44_o2i_is_idle_session_cb, &ctx0)) nat_elog_notice ("out2in key add failed"); /* log NAT event */ @@ -474,7 +471,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node, } init_nat_k (&kv0, *addr, *port, *fib_index, *proto); - if (clib_bihash_search_8_8 (&tsm->in2out, &kv0, &value0)) + if (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0)) { if (vnet_buffer (b0)->sw_if_index[VLIB_TX] != ~0) { @@ -534,7 +531,8 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node, goto out; } - s0 = pool_elt_at_index (tsm->sessions, value0.value); + s0 = pool_elt_at_index (tsm->sessions, + nat_value_get_session_index (&value0)); } out: @@ -988,9 +986,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, init_nat_k (&kv0, ip0->src_address, vnet_buffer (b0)->ip.reass.l4_src_port, rx_fib_index0, proto0); - if (PREDICT_FALSE - (clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].in2out, &kv0, &value0) != 0)) + if (PREDICT_FALSE (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0) != + 0)) { if (is_slow_path) { @@ -1043,9 +1040,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, } } else - s0 = - pool_elt_at_index (sm->per_thread_data[thread_index].sessions, - value0.value); + s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions, + nat_value_get_session_index (&value0)); b0->flags |= VNET_BUFFER_F_IS_NATED; @@ -1212,9 +1208,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, init_nat_k (&kv1, ip1->src_address, vnet_buffer (b1)->ip.reass.l4_src_port, rx_fib_index1, proto1); - if (PREDICT_FALSE - (clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].in2out, &kv1, &value1) != 0)) + if (PREDICT_FALSE (clib_bihash_search_8_8 (&sm->in2out, &kv1, &value1) != + 0)) { if (is_slow_path) { @@ -1267,9 +1262,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, } } else - s1 = - pool_elt_at_index (sm->per_thread_data[thread_index].sessions, - value1.value); + s1 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions, + nat_value_get_session_index (&value1)); b1->flags |= VNET_BUFFER_F_IS_NATED; @@ -1463,8 +1457,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, vnet_buffer (b0)->ip.reass.l4_src_port, rx_fib_index0, proto0); - if (clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].in2out, &kv0, &value0)) + if (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0)) { if (is_slow_path) { @@ -1518,9 +1511,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, } } else - s0 = - pool_elt_at_index (sm->per_thread_data[thread_index].sessions, - value0.value); + s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions, + nat_value_get_session_index (&value0)); b0->flags |= VNET_BUFFER_F_IS_NATED; diff --git a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c index b677e9bde89..f0b6427613a 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c +++ b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c @@ -116,7 +116,7 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg) if (ctx->now >= sess_timeout_time) { init_nat_i2o_k (&s_kv, s); - if (clib_bihash_add_del_8_8 (&tsm->in2out, &s_kv, 0)) + if (clib_bihash_add_del_8_8 (&sm->in2out, &s_kv, 0)) nat_elog_warn ("out2in key del failed"); nat_ipfix_logging_nat44_ses_delete (ctx->thread_index, @@ -222,16 +222,16 @@ create_session_for_static_mapping (snat_main_t * sm, /* Add to translation hashes */ ctx0.now = now; ctx0.thread_index = thread_index; - init_nat_i2o_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions); - if (clib_bihash_add_or_overwrite_stale_8_8 - (&sm->per_thread_data[thread_index].in2out, &kv0, - nat44_i2o_is_idle_session_cb, &ctx0)) + init_nat_i2o_kv (&kv0, s, thread_index, + s - sm->per_thread_data[thread_index].sessions); + if (clib_bihash_add_or_overwrite_stale_8_8 ( + &sm->in2out, &kv0, nat44_i2o_is_idle_session_cb, &ctx0)) nat_elog_notice ("in2out key add failed"); - init_nat_o2i_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions); - if (clib_bihash_add_or_overwrite_stale_8_8 - (&sm->per_thread_data[thread_index].out2in, &kv0, - nat44_o2i_is_idle_session_cb, &ctx0)) + init_nat_o2i_kv (&kv0, s, thread_index, + s - sm->per_thread_data[thread_index].sessions); + if (clib_bihash_add_or_overwrite_stale_8_8 ( + &sm->out2in, &kv0, nat44_o2i_is_idle_session_cb, &ctx0)) nat_elog_notice ("out2in key add failed"); /* log NAT event */ @@ -351,7 +351,7 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node, u32 mapping_fib_index; init_nat_k (&kv0, *addr, *port, *fib_index, *proto); - if (clib_bihash_search_8_8 (&tsm->out2in, &kv0, &value0)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0)) { /* Try to match static mapping by external address and port, destination address and port in packet */ @@ -423,7 +423,8 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node, goto out; } - s0 = pool_elt_at_index (tsm->sessions, value0.value); + s0 = pool_elt_at_index (tsm->sessions, + nat_value_get_session_index (&value0)); } out: @@ -823,8 +824,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, init_nat_k (&kv0, ip0->dst_address, vnet_buffer (b0)->ip.reass.l4_dst_port, rx_fib_index0, proto0); - if (clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].out2in, &kv0, &value0)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0)) { /* Try to match static mapping by external address and port, destination address and port in packet */ @@ -873,7 +873,8 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, } } else - s0 = pool_elt_at_index (tsm->sessions, value0.value); + s0 = pool_elt_at_index (tsm->sessions, + nat_value_get_session_index (&value0)); old_addr0 = ip0->dst_address.as_u32; ip0->dst_address = s0->in2out.addr; @@ -1002,8 +1003,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, init_nat_k (&kv1, ip1->dst_address, vnet_buffer (b1)->ip.reass.l4_dst_port, rx_fib_index1, proto1); - if (clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].out2in, &kv1, &value1)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv1, &value1)) { /* Try to match static mapping by external address and port, destination address and port in packet */ @@ -1052,9 +1052,8 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, } } else - s1 = - pool_elt_at_index (sm->per_thread_data[thread_index].sessions, - value1.value); + s1 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions, + nat_value_get_session_index (&value1)); old_addr1 = ip1->dst_address.as_u32; ip1->dst_address = s1->in2out.addr; @@ -1219,8 +1218,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, vnet_buffer (b0)->ip.reass.l4_dst_port, rx_fib_index0, proto0); - if (clib_bihash_search_8_8 - (&sm->per_thread_data[thread_index].out2in, &kv0, &value0)) + if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0)) { /* Try to match static mapping by external address and port, destination address and port in packet */ @@ -1269,9 +1267,8 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm, } } else - s0 = - pool_elt_at_index (sm->per_thread_data[thread_index].sessions, - value0.value); + s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions, + nat_value_get_session_index (&value0)); old_addr0 = ip0->dst_address.as_u32; ip0->dst_address = s0->in2out.addr; |