diff options
Diffstat (limited to 'src/plugins/nat/nat44-ei')
| -rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei.c | 68 | ||||
| -rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei.h | 4 | ||||
| -rw-r--r-- | src/plugins/nat/nat44-ei/nat44_ei_in2out.c | 4 |
3 files changed, 40 insertions, 36 deletions
diff --git a/src/plugins/nat/nat44-ei/nat44_ei.c b/src/plugins/nat/nat44-ei/nat44_ei.c index fdf90708a09..d361060a42e 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei.c +++ b/src/plugins/nat/nat44-ei/nat44_ei.c @@ -1468,7 +1468,8 @@ nat44_ei_get_out2in_worker_index (vlib_buffer_t *b, ip4_header_t *ip0, static int nat44_ei_alloc_default_cb (nat44_ei_address_t *addresses, u32 fib_index, u32 thread_index, nat_protocol_t proto, - ip4_address_t *addr, u16 *port, u16 port_per_thread, + ip4_address_t s_addr, ip4_address_t *addr, + u16 *port, u16 port_per_thread, u32 snat_thread_index) { nat44_ei_main_t *nm = &nat44_ei_main; @@ -1476,11 +1477,16 @@ nat44_ei_alloc_default_cb (nat44_ei_address_t *addresses, u32 fib_index, u32 portnum; int i; - for (i = 0; i < vec_len (addresses); i++) + if (vec_len (addresses) > 0) { - a = addresses + i; - switch (proto) + + int s_addr_offset = s_addr.as_u32 % vec_len (addresses); + + for (i = s_addr_offset; i < vec_len (addresses); ++i) { + a = addresses + i; + switch (proto) + { #define _(N, j, n, s) \ case NAT_PROTOCOL_##N: \ if (a->busy_##n##_ports_per_thread[thread_index] < port_per_thread) \ @@ -1509,41 +1515,39 @@ nat44_ei_alloc_default_cb (nat44_ei_address_t *addresses, u32 fib_index, } \ } \ break; - foreach_nat_protocol -#undef _ - default : nat_elog_info (nm, "unknown protocol"); - return 1; + foreach_nat_protocol; + default: + nat_elog_info (nm, "unknown protocol"); + return 1; + } } - } + for (i = 0; i < s_addr_offset; ++i) + { + a = addresses + i; + switch (proto) + { + foreach_nat_protocol; + default: + nat_elog_info (nm, "unknown protocol"); + return 1; + } + } if (ga) { a = ga; + // fake fib index to reuse macro + fib_index = ~0; switch (proto) { -#define _(N, j, n, s) \ - case NAT_PROTOCOL_##N: \ - while (1) \ - { \ - portnum = \ - (port_per_thread * snat_thread_index) + \ - nat_random_port (&nm->random_seed, 0, port_per_thread - 1) + 1024; \ - if (a->busy_##n##_port_refcounts[portnum]) \ - continue; \ - ++a->busy_##n##_port_refcounts[portnum]; \ - a->busy_##n##_ports_per_thread[thread_index]++; \ - a->busy_##n##_ports++; \ - *addr = a->addr; \ - *port = clib_host_to_net_u16 (portnum); \ - return 0; \ - } - break; - foreach_nat_protocol -#undef _ + foreach_nat_protocol; default : nat_elog_info (nm, "unknown protocol"); return 1; } } + } + +#undef _ /* Totally out of translations to use... */ nat_ipfix_logging_addresses_exhausted (thread_index, 0); @@ -1553,8 +1557,8 @@ nat44_ei_alloc_default_cb (nat44_ei_address_t *addresses, u32 fib_index, static int nat44_ei_alloc_range_cb (nat44_ei_address_t *addresses, u32 fib_index, u32 thread_index, nat_protocol_t proto, - ip4_address_t *addr, u16 *port, u16 port_per_thread, - u32 snat_thread_index) + ip4_address_t s_addr, ip4_address_t *addr, u16 *port, + u16 port_per_thread, u32 snat_thread_index) { nat44_ei_main_t *nm = &nat44_ei_main; nat44_ei_address_t *a = addresses; @@ -1600,8 +1604,8 @@ exhausted: static int nat44_ei_alloc_mape_cb (nat44_ei_address_t *addresses, u32 fib_index, u32 thread_index, nat_protocol_t proto, - ip4_address_t *addr, u16 *port, u16 port_per_thread, - u32 snat_thread_index) + ip4_address_t s_addr, ip4_address_t *addr, u16 *port, + u16 port_per_thread, u32 snat_thread_index) { nat44_ei_main_t *nm = &nat44_ei_main; nat44_ei_address_t *a = addresses; diff --git a/src/plugins/nat/nat44-ei/nat44_ei.h b/src/plugins/nat/nat44-ei/nat44_ei.h index b9212df44bd..7bc1b304fb3 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei.h +++ b/src/plugins/nat/nat44-ei/nat44_ei.h @@ -81,8 +81,8 @@ clib_error_t *nat44_ei_api_hookup (vlib_main_t *vm); /* NAT address and port allocation function */ typedef int (nat44_ei_alloc_out_addr_and_port_function_t) ( nat44_ei_address_t *addresses, u32 fib_index, u32 thread_index, - nat_protocol_t proto, ip4_address_t *addr, u16 *port, u16 port_per_thread, - u32 snat_thread_index); + nat_protocol_t proto, ip4_address_t s_addr, ip4_address_t *addr, u16 *port, + u16 port_per_thread, u32 snat_thread_index); typedef struct { diff --git a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c index 80beb7a49eb..d1a962f5222 100644 --- a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c +++ b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c @@ -336,8 +336,8 @@ slow_path (nat44_ei_main_t *nm, vlib_buffer_t *b0, ip4_header_t *ip0, { /* Try to create dynamic translation */ if (nm->alloc_addr_and_port ( - nm->addresses, rx_fib_index0, thread_index, nat_proto, &sm_addr, - &sm_port, nm->port_per_thread, + nm->addresses, rx_fib_index0, thread_index, nat_proto, + ip0->src_address, &sm_addr, &sm_port, nm->port_per_thread, nm->per_thread_data[thread_index].snat_thread_index)) { b0->error = node->errors[NAT44_EI_IN2OUT_ERROR_OUT_OF_PORTS]; |