aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/nat')
-rwxr-xr-xsrc/plugins/nat/in2out.c24
-rw-r--r--src/plugins/nat/in2out_ed.c5
-rwxr-xr-xsrc/plugins/nat/nat.c31
-rw-r--r--src/plugins/nat/nat.h66
-rw-r--r--src/plugins/nat/nat44_cli.c2
-rw-r--r--src/plugins/nat/nat64.c3
-rw-r--r--src/plugins/nat/nat_det_in2out.c3
-rwxr-xr-xsrc/plugins/nat/out2in.c29
-rw-r--r--src/plugins/nat/out2in_ed.c9
9 files changed, 97 insertions, 75 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c
index 3f8c4abe60f..d5bd9f5c851 100755
--- a/src/plugins/nat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -460,6 +460,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node,
snat_session_key_t * p_value,
u8 * p_dont_translate, void *d, void *e)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
u32 sw_if_index0;
u32 rx_fib_index0;
snat_session_key_t key0;
@@ -483,8 +484,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node,
kv0.key = key0.as_u64;
- if (clib_bihash_search_8_8 (&sm->per_thread_data[thread_index].in2out, &kv0,
- &value0))
+ if (clib_bihash_search_8_8 (&tsm->in2out, &kv0, &value0))
{
if (vnet_buffer (b0)->sw_if_index[VLIB_TX] != ~0)
{
@@ -521,7 +521,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node,
}
next0 = slow_path (sm, b0, ip0, rx_fib_index0, &key0, &s0, node, next0,
- thread_index, vlib_time_now (sm->vlib_main));
+ thread_index, vlib_time_now (tsm->vlib_main));
if (PREDICT_FALSE (next0 == SNAT_IN2OUT_NEXT_DROP))
goto out;
@@ -547,8 +547,7 @@ icmp_match_in2out_slow (snat_main_t * sm, vlib_node_runtime_t * node,
goto out;
}
- s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value0.value);
+ s0 = pool_elt_at_index (tsm->sessions, value0.value);
}
out:
@@ -660,6 +659,7 @@ icmp_in2out (snat_main_t * sm,
vlib_node_runtime_t * node,
u32 next0, u32 thread_index, void *d, void *e)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
snat_session_key_t sm0;
u8 protocol;
icmp_echo_header_t *echo0, *inner_echo0 = 0;
@@ -686,11 +686,12 @@ icmp_in2out (snat_main_t * sm,
if (PREDICT_TRUE (!ip4_is_fragment (ip0)))
{
- sum0 = ip_incremental_checksum_buffer (sm->vlib_main, b0, (u8 *) icmp0 -
- (u8 *)
- vlib_buffer_get_current (b0),
- ntohs (ip0->length) -
- ip4_header_bytes (ip0), 0);
+ sum0 =
+ ip_incremental_checksum_buffer (tsm->vlib_main, b0,
+ (u8 *) icmp0 -
+ (u8 *) vlib_buffer_get_current (b0),
+ ntohs (ip0->length) -
+ ip4_header_bytes (ip0), 0);
checksum0 = ~ip_csum_fold (sum0);
if (PREDICT_FALSE (checksum0 != 0 && checksum0 != 0xffff))
{
@@ -818,6 +819,7 @@ icmp_in2out_slow_path (snat_main_t * sm,
u32 next0,
f64 now, u32 thread_index, snat_session_t ** p_s0)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
next0 = icmp_in2out (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, thread_index, p_s0, 0);
snat_session_t *s0 = *p_s0;
@@ -826,7 +828,7 @@ icmp_in2out_slow_path (snat_main_t * sm,
/* Accounting */
nat44_session_update_counters (s0, now,
vlib_buffer_length_in_chain
- (sm->vlib_main, b0), thread_index);
+ (tsm->vlib_main, b0), thread_index);
/* Per-user LRU list maintenance */
nat44_session_update_lru (sm, s0, thread_index);
}
diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 21ef75c820c..6e44ddb6f76 100644
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -170,6 +170,7 @@ icmp_in2out_ed_slow_path (snat_main_t * sm, vlib_buffer_t * b0,
vlib_node_runtime_t * node, u32 next0, f64 now,
u32 thread_index, snat_session_t ** p_s0)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
next0 = icmp_in2out (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, thread_index, p_s0, 0);
snat_session_t *s0 = *p_s0;
@@ -178,7 +179,7 @@ icmp_in2out_ed_slow_path (snat_main_t * sm, vlib_buffer_t * b0,
/* Accounting */
nat44_session_update_counters (s0, now,
vlib_buffer_length_in_chain
- (sm->vlib_main, b0), thread_index);
+ (tsm->vlib_main, b0), thread_index);
/* Per-user LRU list maintenance */
nat44_session_update_lru (sm, s0, thread_index);
}
@@ -696,7 +697,7 @@ icmp_match_in2out_ed (snat_main_t * sm, vlib_node_runtime_t * node,
next =
slow_path_ed (sm, b, ip->src_address, ip->dst_address, l_port, r_port,
ip->protocol, rx_fib_index, &s, node, next,
- thread_index, vlib_time_now (sm->vlib_main));
+ thread_index, vlib_time_now (tsm->vlib_main));
if (PREDICT_FALSE (next == NAT_NEXT_DROP))
goto out;
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index c30324b7d9e..9aa5760d598 100755
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -348,7 +348,6 @@ nat44_set_session_limit (u32 session_limit, u32 vrf_id)
return 0;
}
-
void
nat44_free_session_data (snat_main_t * sm, snat_session_t * s,
u32 thread_index, u8 is_ha)
@@ -2551,9 +2550,20 @@ test_ed_make_split ()
ASSERT (value == value2);
}
+always_inline vlib_main_t *
+nat_get_vlib_main (u32 thread_index)
+{
+ vlib_main_t *vm;
+ vm = vlib_mains[thread_index];
+ ASSERT (vm);
+ return vm;
+}
+
static clib_error_t *
snat_init (vlib_main_t * vm)
{
+ snat_main_per_thread_data_t *tsm;
+
snat_main_t *sm = &snat_main;
clib_error_t *error = 0;
ip4_main_t *im = &ip4_main;
@@ -2566,7 +2576,6 @@ snat_init (vlib_main_t * vm)
ip4_add_del_interface_address_callback_t cb4;
vlib_node_t *node;
- sm->vlib_main = vm;
sm->vnet_main = vnet_get_main ();
sm->ip4_main = im;
sm->ip4_lookup_main = lm;
@@ -2663,6 +2672,7 @@ snat_init (vlib_main_t * vm)
{
for (i = 0; i < sm->num_workers; i++)
bitmap = clib_bitmap_set (bitmap, i, 1);
+ // sets thread indexes for workes
snat_set_workers (bitmap);
clib_bitmap_free (bitmap);
}
@@ -2671,6 +2681,11 @@ snat_init (vlib_main_t * vm)
sm->per_thread_data[0].snat_thread_index = 0;
}
+ vec_foreach (tsm, sm->per_thread_data)
+ {
+ tsm->vlib_main = nat_get_vlib_main (tsm->thread_index);
+ }
+
error = snat_api_init (vm, sm);
if (error)
return error;
@@ -3623,14 +3638,14 @@ nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port,
u32 fib_index, u16 flags, u32 thread_index)
{
snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
snat_session_key_t key;
snat_user_t *u;
snat_session_t *s;
clib_bihash_kv_8_8_t kv;
- f64 now = vlib_time_now (sm->vlib_main);
+ f64 now = vlib_time_now (tsm->vlib_main);
nat_outside_fib_t *outside_fib;
fib_node_index_t fei = FIB_NODE_INDEX_INVALID;
- snat_main_per_thread_data_t *tsm;
fib_prefix_t pfx = {
.fp_proto = FIB_PROTOCOL_IP4,
.fp_len = 32,
@@ -3639,8 +3654,6 @@ nat_ha_sadd_cb (ip4_address_t * in_addr, u16 in_port,
},
};
- tsm = vec_elt_at_index (sm->per_thread_data, thread_index);
-
key.addr.as_u32 = out_addr->as_u32;
key.port = out_port;
key.protocol = proto;
@@ -3773,13 +3786,13 @@ nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port,
u32 fib_index, u16 flags, u32 thread_index)
{
snat_main_t *sm = &snat_main;
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
snat_session_key_t key;
snat_session_t *s;
clib_bihash_kv_16_8_t kv;
- f64 now = vlib_time_now (sm->vlib_main);
+ f64 now = vlib_time_now (tsm->vlib_main);
nat_outside_fib_t *outside_fib;
fib_node_index_t fei = FIB_NODE_INDEX_INVALID;
- snat_main_per_thread_data_t *tsm;
fib_prefix_t pfx = {
.fp_proto = FIB_PROTOCOL_IP4,
.fp_len = 32,
@@ -3788,8 +3801,6 @@ nat_ha_sadd_ed_cb (ip4_address_t * in_addr, u16 in_port,
},
};
- tsm = vec_elt_at_index (sm->per_thread_data, thread_index);
-
key.addr.as_u32 = out_addr->as_u32;
key.port = out_port;
key.protocol = proto;
diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 4a3ae6532aa..1245b850ed0 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -489,6 +489,9 @@ typedef struct
/* real thread index */
u32 thread_index;
+ // per thread data structures
+ vlib_main_t *vlib_main;
+
} snat_main_per_thread_data_t;
struct snat_main_s;
@@ -674,7 +677,6 @@ typedef struct snat_main_s
u8 log_level;
/* convenience */
- vlib_main_t *vlib_main;
vnet_main_t *vnet_main;
ip4_main_t *ip4_main;
ip_lookup_main_t *ip4_lookup_main;
@@ -850,19 +852,19 @@ typedef enum nat_log_level_t_
#undef _
} nat_log_level_t;
-#define nat_elog(_level, _str) \
-do \
- { \
- snat_main_t *sm = &snat_main; \
- if (PREDICT_FALSE (sm->log_level >= _level)) \
- { \
- ELOG_TYPE_DECLARE (e) = \
- { \
- .format = "nat-msg " _str, \
- .format_args = "", \
- }; \
- ELOG_DATA (&sm->vlib_main->elog_main, e); \
- } \
+#define nat_elog(_level, _str) \
+do \
+ { \
+ snat_main_t *sm = &snat_main; \
+ if (PREDICT_FALSE (sm->log_level >= _level)) \
+ { \
+ ELOG_TYPE_DECLARE (e) = \
+ { \
+ .format = "nat-msg " _str, \
+ .format_args = "", \
+ }; \
+ ELOG_DATA (&vlib_global_main.elog_main, e); \
+ } \
} while (0);
#define nat_elog_addr(_level, _str, _addr) \
@@ -970,24 +972,24 @@ do \
} \
} while (0);
-#define nat_elog_X1(_level, _fmt, _arg, _val1) \
-do \
- { \
- snat_main_t *sm = &snat_main; \
- if (PREDICT_FALSE (sm->log_level >= _level)) \
- { \
- ELOG_TYPE_DECLARE (e) = \
- { \
- .format = "nat-msg " _fmt, \
- .format_args = _arg, \
- }; \
- CLIB_PACKED(struct \
- { \
- typeof (_val1) val1; \
- }) *ed; \
- ed = ELOG_DATA (&sm->vlib_main->elog_main, e); \
- ed->val1 = _val1; \
- } \
+#define nat_elog_X1(_level, _fmt, _arg, _val1) \
+do \
+ { \
+ snat_main_t *sm = &snat_main; \
+ if (PREDICT_FALSE (sm->log_level >= _level)) \
+ { \
+ ELOG_TYPE_DECLARE (e) = \
+ { \
+ .format = "nat-msg " _fmt, \
+ .format_args = _arg, \
+ }; \
+ CLIB_PACKED(struct \
+ { \
+ typeof (_val1) val1; \
+ }) *ed; \
+ ed = ELOG_DATA (&vlib_global_main.elog_main, e); \
+ ed->val1 = _val1; \
+ } \
} while (0);
#define nat_elog_notice(nat_elog_str) \
diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c
index ad4c1c8fdbd..f613af0733c 100644
--- a/src/plugins/nat/nat44_cli.c
+++ b/src/plugins/nat/nat44_cli.c
@@ -654,7 +654,7 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input,
u32 count = 0;
- u64 now = vlib_time_now (sm->vlib_main);
+ u64 now = vlib_time_now (vm);
u64 sess_timeout_time;
u32 udp_sessions = 0;
diff --git a/src/plugins/nat/nat64.c b/src/plugins/nat/nat64.c
index 3aff99ddf85..abf59a341f4 100644
--- a/src/plugins/nat/nat64.c
+++ b/src/plugins/nat/nat64.c
@@ -413,6 +413,7 @@ nat64_add_interface_address (u32 sw_if_index, int is_add)
int
nat64_add_del_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
{
+ vlib_main_t *vm = vlib_get_main ();
nat64_main_t *nm = &nat64_main;
snat_interface_t *interface = 0, *i;
snat_address_t *ap;
@@ -445,7 +446,7 @@ nat64_add_del_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
interface->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE;
nm->total_enabled_count++;
- vlib_process_signal_event (nm->sm->vlib_main,
+ vlib_process_signal_event (vm,
nm->nat64_expire_walk_node_index,
NAT64_CLEANER_RESCHEDULE, 0);
diff --git a/src/plugins/nat/nat_det_in2out.c b/src/plugins/nat/nat_det_in2out.c
index 057b26158fa..762b7b068e6 100644
--- a/src/plugins/nat/nat_det_in2out.c
+++ b/src/plugins/nat/nat_det_in2out.c
@@ -99,6 +99,7 @@ icmp_match_in2out_det (snat_main_t * sm, vlib_node_runtime_t * node,
snat_session_key_t * p_value, u8 * p_dont_translate,
void *d, void *e)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
icmp46_header_t *icmp0;
u32 sw_if_index0;
u32 rx_fib_index0;
@@ -226,7 +227,7 @@ icmp_match_in2out_det (snat_main_t * sm, vlib_node_runtime_t * node,
goto out;
}
- u32 now = (u32) vlib_time_now (sm->vlib_main);
+ u32 now = (u32) vlib_time_now (tsm->vlib_main);
ses0->state = SNAT_SESSION_ICMP_ACTIVE;
ses0->expire = now + sm->icmp_timeout;
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index e9319033332..411f193ab23 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -329,6 +329,7 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node,
snat_session_key_t * p_value,
u8 * p_dont_translate, void *d, void *e)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
u32 sw_if_index0;
u32 rx_fib_index0;
snat_session_key_t key0;
@@ -357,8 +358,7 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node,
kv0.key = key0.as_u64;
- if (clib_bihash_search_8_8 (&sm->per_thread_data[thread_index].out2in, &kv0,
- &value0))
+ if (clib_bihash_search_8_8 (&tsm->out2in, &kv0, &value0))
{
/* Try to match static mapping by external address and port,
destination address and port in packet */
@@ -404,7 +404,7 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node,
/* Create session initiated by host from external network */
s0 = create_session_for_static_mapping (sm, b0, sm0, key0,
node, thread_index,
- vlib_time_now (sm->vlib_main));
+ vlib_time_now (tsm->vlib_main));
if (!s0)
{
@@ -427,8 +427,7 @@ icmp_match_out2in_slow (snat_main_t * sm, vlib_node_runtime_t * node,
goto out;
}
- s0 = pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value0.value);
+ s0 = pool_elt_at_index (tsm->sessions, value0.value);
}
out:
@@ -531,6 +530,7 @@ icmp_out2in (snat_main_t * sm,
vlib_node_runtime_t * node,
u32 next0, u32 thread_index, void *d, void *e)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
snat_session_key_t sm0;
u8 protocol;
icmp_echo_header_t *echo0, *inner_echo0 = 0;
@@ -556,11 +556,12 @@ icmp_out2in (snat_main_t * sm,
if (PREDICT_TRUE (!ip4_is_fragment (ip0)))
{
- sum0 = ip_incremental_checksum_buffer (sm->vlib_main, b0, (u8 *) icmp0 -
- (u8 *)
- vlib_buffer_get_current (b0),
- ntohs (ip0->length) -
- ip4_header_bytes (ip0), 0);
+ sum0 =
+ ip_incremental_checksum_buffer (tsm->vlib_main, b0,
+ (u8 *) icmp0 -
+ (u8 *) vlib_buffer_get_current (b0),
+ ntohs (ip0->length) -
+ ip4_header_bytes (ip0), 0);
checksum0 = ~ip_csum_fold (sum0);
if (checksum0 != 0 && checksum0 != 0xffff)
{
@@ -669,6 +670,7 @@ icmp_out2in_slow_path (snat_main_t * sm,
u32 next0, f64 now,
u32 thread_index, snat_session_t ** p_s0)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
next0 = icmp_out2in (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, thread_index, p_s0, 0);
snat_session_t *s0 = *p_s0;
@@ -677,7 +679,7 @@ icmp_out2in_slow_path (snat_main_t * sm,
/* Accounting */
nat44_session_update_counters (s0, now,
vlib_buffer_length_in_chain
- (sm->vlib_main, b0), thread_index);
+ (tsm->vlib_main, b0), thread_index);
/* Per-user LRU list maintenance */
nat44_session_update_lru (sm, s0, thread_index);
}
@@ -725,6 +727,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
snat_main_t *sm = &snat_main;
f64 now = vlib_time_now (vm);
u32 thread_index = vm->thread_index;
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
u32 tcp_packets = 0, udp_packets = 0, icmp_packets = 0, other_packets =
0, fragments = 0;
@@ -885,9 +888,7 @@ VLIB_NODE_FN (snat_out2in_node) (vlib_main_t * vm,
}
}
else
- s0 =
- pool_elt_at_index (sm->per_thread_data[thread_index].sessions,
- value0.value);
+ s0 = pool_elt_at_index (tsm->sessions, value0.value);
old_addr0 = ip0->dst_address.as_u32;
ip0->dst_address = s0->in2out.addr;
diff --git a/src/plugins/nat/out2in_ed.c b/src/plugins/nat/out2in_ed.c
index 26a2e877a54..798df12b851 100644
--- a/src/plugins/nat/out2in_ed.c
+++ b/src/plugins/nat/out2in_ed.c
@@ -71,6 +71,7 @@ icmp_out2in_ed_slow_path (snat_main_t * sm, vlib_buffer_t * b0,
vlib_node_runtime_t * node, u32 next0, f64 now,
u32 thread_index, snat_session_t ** p_s0)
{
+ snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
next0 = icmp_out2in (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
next0, thread_index, p_s0, 0);
snat_session_t *s0 = *p_s0;
@@ -79,7 +80,7 @@ icmp_out2in_ed_slow_path (snat_main_t * sm, vlib_buffer_t * b0,
/* Accounting */
nat44_session_update_counters (s0, now,
vlib_buffer_length_in_chain
- (sm->vlib_main, b0), thread_index);
+ (tsm->vlib_main, b0), thread_index);
/* Per-user LRU list maintenance */
nat44_session_update_lru (sm, s0, thread_index);
}
@@ -327,7 +328,7 @@ create_bypass_for_fwd (snat_main_t * sm, vlib_buffer_t * b, ip4_header_t * ip,
udp_header_t *udp;
snat_session_t *s = 0;
snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
- f64 now = vlib_time_now (sm->vlib_main);
+ f64 now = vlib_time_now (vlib_mains[thread_index]);
u16 l_port, r_port;
if (ip->protocol == IP_PROTOCOL_ICMP)
@@ -509,7 +510,7 @@ icmp_match_out2in_ed (snat_main_t * sm, vlib_node_runtime_t * node,
rx_fib_index, thread_index, 0,
0,
vlib_time_now
- (sm->vlib_main));
+ (tsm->vlib_main));
if (!s)
{
@@ -916,6 +917,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm,
u32 n_left_from, *from, *to_next, pkts_processed = 0, stats_node_index;
nat_next_t next_index;
snat_main_t *sm = &snat_main;
+ // HERE
f64 now = vlib_time_now (vm);
u32 thread_index = vm->thread_index;
snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
@@ -1071,6 +1073,7 @@ nat44_ed_out2in_slow_path_node_fn_inline (vlib_main_t * vm,
next0 = NAT_NEXT_IN2OUT_ED_FAST_PATH;
goto trace0;
}
+ // TEST:
if (sm->num_workers > 1)
create_bypass_for_fwd_worker (sm, b0, ip0,
rx_fib_index0);