aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat44-ei
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/nat/nat44-ei')
-rw-r--r--src/plugins/nat/nat44-ei/nat44_ei.c33
-rw-r--r--src/plugins/nat/nat44-ei/nat44_ei_ha.c16
-rw-r--r--src/plugins/nat/nat44-ei/nat44_ei_in2out.c60
-rw-r--r--src/plugins/nat/nat44-ei/nat44_ei_out2in.c45
4 files changed, 73 insertions, 81 deletions
diff --git a/src/plugins/nat/nat44-ei/nat44_ei.c b/src/plugins/nat/nat44-ei/nat44_ei.c
index 00aa8e1b65b..34288e14856 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei.c
@@ -194,15 +194,12 @@ nat44_ei_free_session_data (snat_main_t *sm, snat_session_t *s,
{
clib_bihash_kv_8_8_t kv;
- snat_main_per_thread_data_t *tsm =
- vec_elt_at_index (sm->per_thread_data, thread_index);
-
init_nat_i2o_k (&kv, s);
- if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 0))
+ if (clib_bihash_add_del_8_8 (&sm->in2out, &kv, 0))
nat_elog_warn ("in2out key del failed");
init_nat_o2i_k (&kv, s);
- if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 0))
+ if (clib_bihash_add_del_8_8 (&sm->out2in, &kv, 0))
nat_elog_warn ("out2in key del failed");
if (!is_ha)
@@ -709,7 +706,7 @@ nat44_ei_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port,
tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
init_nat_k (&kv, *addr, port, fib_index, proto);
- t = is_in ? &tsm->in2out : &tsm->out2in;
+ t = is_in ? &sm->in2out : &sm->out2in;
if (!clib_bihash_search_8_8 (t, &kv, &value))
{
if (pool_is_free_index (tsm->sessions, value.value))
@@ -832,7 +829,7 @@ nat44_ei_add_del_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr,
local->fib_index = fib_table_find_or_create_and_lock (
FIB_PROTOCOL_IP4, vrf_id, sm->fib_src_low);
init_nat_kv (&kv, m->local_addr, m->local_port, local->fib_index,
- m->proto, m - sm->static_mappings);
+ m->proto, 0, m - sm->static_mappings);
clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 1);
return 0;
}
@@ -956,11 +953,11 @@ nat44_ei_add_del_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr,
else
tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
- init_nat_kv (&kv, m->local_addr, m->local_port, fib_index, m->proto,
+ init_nat_kv (&kv, m->local_addr, m->local_port, fib_index, m->proto, 0,
m - sm->static_mappings);
clib_bihash_add_del_8_8 (&sm->static_mapping_by_local, &kv, 1);
- init_nat_kv (&kv, m->external_addr, m->external_port, 0, m->proto,
+ init_nat_kv (&kv, m->external_addr, m->external_port, 0, m->proto, 0,
m - sm->static_mappings);
clib_bihash_add_del_8_8 (&sm->static_mapping_by_external, &kv, 1);
@@ -1191,8 +1188,6 @@ nat44_ei_worker_db_free (snat_main_per_thread_data_t *tsm)
pool_free (tsm->sessions);
pool_free (tsm->users);
- clib_bihash_free_8_8 (&tsm->in2out);
- clib_bihash_free_8_8 (&tsm->out2in);
clib_bihash_free_8_8 (&tsm->user_hash);
}
@@ -1206,12 +1201,8 @@ nat44_ei_worker_db_init (snat_main_per_thread_data_t *tsm, u32 translations,
pool_alloc (tsm->lru_pool, translations);
pool_alloc (tsm->sessions, translations);
- clib_bihash_init_8_8 (&tsm->in2out, "in2out", translation_buckets, 0);
- clib_bihash_init_8_8 (&tsm->out2in, "out2in", translation_buckets, 0);
clib_bihash_init_8_8 (&tsm->user_hash, "users", user_buckets, 0);
- clib_bihash_set_kvp_format_fn_8_8 (&tsm->in2out, format_session_kvp);
- clib_bihash_set_kvp_format_fn_8_8 (&tsm->out2in, format_session_kvp);
clib_bihash_set_kvp_format_fn_8_8 (&tsm->user_hash, format_user_kvp);
pool_get (tsm->lru_pool, head);
@@ -1247,6 +1238,8 @@ nat44_ei_db_free ()
if (sm->pat)
{
+ clib_bihash_free_8_8 (&sm->in2out);
+ clib_bihash_free_8_8 (&sm->out2in);
vec_foreach (tsm, sm->per_thread_data)
{
nat44_ei_worker_db_free (tsm);
@@ -1276,6 +1269,10 @@ nat44_ei_db_init (u32 translations, u32 translation_buckets, u32 user_buckets)
if (sm->pat)
{
+ clib_bihash_init_8_8 (&sm->in2out, "in2out", translation_buckets, 0);
+ clib_bihash_init_8_8 (&sm->out2in, "out2in", translation_buckets, 0);
+ clib_bihash_set_kvp_format_fn_8_8 (&sm->in2out, format_session_kvp);
+ clib_bihash_set_kvp_format_fn_8_8 (&sm->out2in, format_session_kvp);
vec_foreach (tsm, sm->per_thread_data)
{
nat44_ei_worker_db_init (tsm, translations, translation_buckets,
@@ -1294,6 +1291,12 @@ nat44_ei_sessions_clear ()
if (sm->pat)
{
+ clib_bihash_free_8_8 (&sm->in2out);
+ clib_bihash_free_8_8 (&sm->out2in);
+ clib_bihash_init_8_8 (&sm->in2out, "in2out", nm->translation_buckets, 0);
+ clib_bihash_init_8_8 (&sm->out2in, "out2in", nm->translation_buckets, 0);
+ clib_bihash_set_kvp_format_fn_8_8 (&sm->in2out, format_session_kvp);
+ clib_bihash_set_kvp_format_fn_8_8 (&sm->out2in, format_session_kvp);
vec_foreach (tsm, sm->per_thread_data)
{
nat44_ei_worker_db_free (tsm);
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_ha.c b/src/plugins/nat/nat44-ei/nat44_ei_ha.c
index 0b904bf079b..aea758af2d4 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei_ha.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei_ha.c
@@ -241,15 +241,15 @@ nat44_ei_ha_sadd (ip4_address_t *in_addr, u16 in_port, ip4_address_t *out_addr,
}
break;
}
- init_nat_o2i_kv (&kv, s, s - tsm->sessions);
- if (clib_bihash_add_del_8_8 (&tsm->out2in, &kv, 1))
+ init_nat_o2i_kv (&kv, s, thread_index, s - tsm->sessions);
+ if (clib_bihash_add_del_8_8 (&sm->out2in, &kv, 1))
nat_elog_warn ("out2in key add failed");
s->in2out.addr.as_u32 = in_addr->as_u32;
s->in2out.port = in_port;
s->in2out.fib_index = fib_index;
- init_nat_i2o_kv (&kv, s, s - tsm->sessions);
- if (clib_bihash_add_del_8_8 (&tsm->in2out, &kv, 1))
+ init_nat_i2o_kv (&kv, s, thread_index, s - tsm->sessions);
+ if (clib_bihash_add_del_8_8 (&sm->in2out, &kv, 1))
nat_elog_warn ("in2out key add failed");
}
@@ -273,10 +273,10 @@ nat44_ei_ha_sdel (ip4_address_t *out_addr, u16 out_port,
tsm = vec_elt_at_index (sm->per_thread_data, thread_index);
init_nat_k (&kv, *out_addr, out_port, fib_index, proto);
- if (clib_bihash_search_8_8 (&tsm->out2in, &kv, &value))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv, &value))
return;
- s = pool_elt_at_index (tsm->sessions, value.value);
+ s = pool_elt_at_index (tsm->sessions, nat_value_get_session_index (&value));
nat_free_session_data (sm, s, thread_index, 1);
nat44_delete_session (sm, s, thread_index);
}
@@ -294,10 +294,10 @@ nat44_ei_ha_sref (ip4_address_t *out_addr, u16 out_port,
tsm = vec_elt_at_index (sm->per_thread_data, thread_index);
init_nat_k (&kv, *out_addr, out_port, fib_index, proto);
- if (clib_bihash_search_8_8 (&tsm->out2in, &kv, &value))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv, &value))
return;
- s = pool_elt_at_index (tsm->sessions, value.value);
+ s = pool_elt_at_index (tsm->sessions, nat_value_get_session_index (&value));
s->total_pkts = total_pkts;
s->total_bytes = total_bytes;
}
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c
index 303c588d34e..6a4658513d7 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c
@@ -124,8 +124,7 @@ snat_not_translate (snat_main_t * sm, vlib_node_runtime_t * node,
/* NAT packet aimed at external address if */
/* has active sessions */
- if (clib_bihash_search_8_8 (&sm->per_thread_data[thread_index].out2in, &kv0,
- &value0))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
{
/* or is static mappings */
ip4_address_t placeholder_addr;
@@ -159,15 +158,13 @@ nat_not_translate_output_feature (snat_main_t * sm, ip4_header_t * ip0,
init_nat_k (&kv0, ip0->src_address, src_port,
ip4_fib_table_get_index_for_sw_if_index (sw_if_index), proto0);
- if (!clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].out2in, &kv0, &value0))
+ if (!clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
return 1;
/* dst NAT check */
init_nat_k (&kv0, ip0->dst_address, dst_port,
ip4_fib_table_get_index_for_sw_if_index (sw_if_index), proto0);
- if (!clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].in2out, &kv0, &value0))
+ if (!clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0))
{
/* hairpinning */
/* *INDENT-OFF* */
@@ -200,7 +197,7 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg)
if (ctx->now >= sess_timeout_time)
{
init_nat_o2i_k (&s_kv, s);
- if (clib_bihash_add_del_8_8 (&tsm->out2in, &s_kv, 0))
+ if (clib_bihash_add_del_8_8 (&sm->out2in, &s_kv, 0))
nat_elog_warn ("out2in key del failed");
nat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
@@ -354,16 +351,16 @@ slow_path (snat_main_t * sm, vlib_buffer_t * b0,
/* Add to translation hashes */
ctx0.now = now;
ctx0.thread_index = thread_index;
- init_nat_i2o_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions);
- if (clib_bihash_add_or_overwrite_stale_8_8
- (&sm->per_thread_data[thread_index].in2out, &kv0,
- nat44_i2o_is_idle_session_cb, &ctx0))
+ init_nat_i2o_kv (&kv0, s, thread_index,
+ s - sm->per_thread_data[thread_index].sessions);
+ if (clib_bihash_add_or_overwrite_stale_8_8 (
+ &sm->in2out, &kv0, nat44_i2o_is_idle_session_cb, &ctx0))
nat_elog_notice ("in2out key add failed");
- init_nat_o2i_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions);
- if (clib_bihash_add_or_overwrite_stale_8_8
- (&sm->per_thread_data[thread_index].out2in, &kv0,
- nat44_o2i_is_idle_session_cb, &ctx0))
+ init_nat_o2i_kv (&kv0, s, thread_index,
+ s - sm->per_thread_data[thread_index].sessions);
+ if (clib_bihash_add_or_overwrite_stale_8_8 (
+ &sm->out2in, &kv0, nat44_o2i_is_idle_session_cb, &ctx0))
nat_elog_notice ("out2in key add failed");
/* log NAT event */
@@ -474,7 +471,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node,
}
init_nat_k (&kv0, *addr, *port, *fib_index, *proto);
- if (clib_bihash_search_8_8 (&tsm->in2out, &kv0, &value0))
+ if (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0))
{
if (vnet_buffer (b0)->sw_if_index[VLIB_TX] != ~0)
{
@@ -534,7 +531,8 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node,
goto out;
}
- s0 = pool_elt_at_index (tsm->sessions, value0.value);
+ s0 = pool_elt_at_index (tsm->sessions,
+ nat_value_get_session_index (&value0));
}
out:
@@ -988,9 +986,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
init_nat_k (&kv0, ip0->src_address,
vnet_buffer (b0)->ip.reass.l4_src_port, rx_fib_index0,
proto0);
- if (PREDICT_FALSE
- (clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].in2out, &kv0, &value0) != 0))
+ if (PREDICT_FALSE (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0) !=
+ 0))
{
if (is_slow_path)
{
@@ -1043,9 +1040,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
}
}
else
- s0 =
- pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value0.value);
+ s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
+ nat_value_get_session_index (&value0));
b0->flags |= VNET_BUFFER_F_IS_NATED;
@@ -1212,9 +1208,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
init_nat_k (&kv1, ip1->src_address,
vnet_buffer (b1)->ip.reass.l4_src_port, rx_fib_index1,
proto1);
- if (PREDICT_FALSE
- (clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].in2out, &kv1, &value1) != 0))
+ if (PREDICT_FALSE (clib_bihash_search_8_8 (&sm->in2out, &kv1, &value1) !=
+ 0))
{
if (is_slow_path)
{
@@ -1267,9 +1262,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
}
}
else
- s1 =
- pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value1.value);
+ s1 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
+ nat_value_get_session_index (&value1));
b1->flags |= VNET_BUFFER_F_IS_NATED;
@@ -1463,8 +1457,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
vnet_buffer (b0)->ip.reass.l4_src_port, rx_fib_index0,
proto0);
- if (clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].in2out, &kv0, &value0))
+ if (clib_bihash_search_8_8 (&sm->in2out, &kv0, &value0))
{
if (is_slow_path)
{
@@ -1518,9 +1511,8 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
}
}
else
- s0 =
- pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value0.value);
+ s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
+ nat_value_get_session_index (&value0));
b0->flags |= VNET_BUFFER_F_IS_NATED;
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c
index b677e9bde89..f0b6427613a 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c
@@ -116,7 +116,7 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg)
if (ctx->now >= sess_timeout_time)
{
init_nat_i2o_k (&s_kv, s);
- if (clib_bihash_add_del_8_8 (&tsm->in2out, &s_kv, 0))
+ if (clib_bihash_add_del_8_8 (&sm->in2out, &s_kv, 0))
nat_elog_warn ("out2in key del failed");
nat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
@@ -222,16 +222,16 @@ create_session_for_static_mapping (snat_main_t * sm,
/* Add to translation hashes */
ctx0.now = now;
ctx0.thread_index = thread_index;
- init_nat_i2o_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions);
- if (clib_bihash_add_or_overwrite_stale_8_8
- (&sm->per_thread_data[thread_index].in2out, &kv0,
- nat44_i2o_is_idle_session_cb, &ctx0))
+ init_nat_i2o_kv (&kv0, s, thread_index,
+ s - sm->per_thread_data[thread_index].sessions);
+ if (clib_bihash_add_or_overwrite_stale_8_8 (
+ &sm->in2out, &kv0, nat44_i2o_is_idle_session_cb, &ctx0))
nat_elog_notice ("in2out key add failed");
- init_nat_o2i_kv (&kv0, s, s - sm->per_thread_data[thread_index].sessions);
- if (clib_bihash_add_or_overwrite_stale_8_8
- (&sm->per_thread_data[thread_index].out2in, &kv0,
- nat44_o2i_is_idle_session_cb, &ctx0))
+ init_nat_o2i_kv (&kv0, s, thread_index,
+ s - sm->per_thread_data[thread_index].sessions);
+ if (clib_bihash_add_or_overwrite_stale_8_8 (
+ &sm->out2in, &kv0, nat44_o2i_is_idle_session_cb, &ctx0))
nat_elog_notice ("out2in key add failed");
/* log NAT event */
@@ -351,7 +351,7 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node,
u32 mapping_fib_index;
init_nat_k (&kv0, *addr, *port, *fib_index, *proto);
- if (clib_bihash_search_8_8 (&tsm->out2in, &kv0, &value0))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
{
/* Try to match static mapping by external address and port,
destination address and port in packet */
@@ -423,7 +423,8 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node,
goto out;
}
- s0 = pool_elt_at_index (tsm->sessions, value0.value);
+ s0 = pool_elt_at_index (tsm->sessions,
+ nat_value_get_session_index (&value0));
}
out:
@@ -823,8 +824,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
init_nat_k (&kv0, ip0->dst_address,
vnet_buffer (b0)->ip.reass.l4_dst_port, rx_fib_index0,
proto0);
- if (clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].out2in, &kv0, &value0))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
{
/* Try to match static mapping by external address and port,
destination address and port in packet */
@@ -873,7 +873,8 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
}
}
else
- s0 = pool_elt_at_index (tsm->sessions, value0.value);
+ s0 = pool_elt_at_index (tsm->sessions,
+ nat_value_get_session_index (&value0));
old_addr0 = ip0->dst_address.as_u32;
ip0->dst_address = s0->in2out.addr;
@@ -1002,8 +1003,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
init_nat_k (&kv1, ip1->dst_address,
vnet_buffer (b1)->ip.reass.l4_dst_port, rx_fib_index1,
proto1);
- if (clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].out2in, &kv1, &value1))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv1, &value1))
{
/* Try to match static mapping by external address and port,
destination address and port in packet */
@@ -1052,9 +1052,8 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
}
}
else
- s1 =
- pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value1.value);
+ s1 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
+ nat_value_get_session_index (&value1));
old_addr1 = ip1->dst_address.as_u32;
ip1->dst_address = s1->in2out.addr;
@@ -1219,8 +1218,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
vnet_buffer (b0)->ip.reass.l4_dst_port, rx_fib_index0,
proto0);
- if (clib_bihash_search_8_8
- (&sm->per_thread_data[thread_index].out2in, &kv0, &value0))
+ if (clib_bihash_search_8_8 (&sm->out2in, &kv0, &value0))
{
/* Try to match static mapping by external address and port,
destination address and port in packet */
@@ -1269,9 +1267,8 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
}
}
else
- s0 =
- pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value0.value);
+ s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
+ nat_value_get_session_index (&value0));
old_addr0 = ip0->dst_address.as_u32;
ip0->dst_address = s0->in2out.addr;