summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat44-ei/nat44_ei.h
AgeCommit message (Collapse)AuthorFilesLines
2022-08-19nat: simplify per-protocol code by using an arrayJon Loeliger1-6/+3
rather than using obfuscated macro hacery, simplify the per-protocol data management by directly using an array of NAT protocol types. Type: refactor Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I6fe987556ac9f402f8d490da0740e2b91440304c
2022-08-18nat: Replace port refcounts with simple bitvectorsJon Loeliger1-1/+1
Previously, each address maintained an array of 32-bit reference counts for each of 65K possible ports for each of 4 NAT protocols. Totalling 1MB per address. Wow. A close read of the code shows that an "is used" check precedes each attempted reference count increment. That means the refcount never actually gets above 1. That in turn means algorithmically, a bit vector is sufficient. And one need not be allocated for more than the highest validated port referenced. These changes introduce a dynamically sized bit vector replacing the reference counts, for a maximum of 32K if all 4 protocols use port 65535. In fact, protocol OTHER is never used, so at most 24K will be used, and none of it will be "statically" allocated per address. Type: fix Fixes: 85bee7548bc5a360851d92807dae6d4159b68314 Change-Id: I7fd70050e7bf4871692a862231f8f38cf0158132 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2022-02-01nat: nat44-ei hairpinning code cleanupFilip Varga1-16/+3
Removing obsolete unused nat44-ei nodes and functions. Type: refactor Change-Id: I1e03e283091c3c0d92908d04037cba00a348351a Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-11-11nat: nat44-ei/ed nat objects cleanup improvementsFilip Varga1-2/+9
Improvements: * Changed plugin disable call behavior from freeing data types to calling appropriate nat plugin object delete calls for pool addresses, mappings and interfaces. * Added wrapper nat44_ei/ed_add_del_static_mapping function to handle switch bound static mappings. This would also fix ip assignment callback add/del bound static mapping issue preventing creation of the mapping. Fixes: * Fixed lingering object issue: some nat intertwined objects would not free each other if not correctly deleted in proper order. * Fixed incorect order of FIB unlocks for pool addresses causing syslog messages to use deleted FIBs in multiple VRF configuration. * Fixed incorrect value testing of flags instead of vrf_id for multiple vrf configuration static mapping. Type: improvement Change-Id: I2743f7b1104b627bcc5ef937e3a50655313a26ea Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-11-10nat: api autoendian fixFilip Varga1-3/+4
Fixed bad use of macros for autoendian API calls and updated tests for the new API. Removed sw_if_index check macro because of ntol conversion. Changed REPLY_MACRO to REPLY_MACRO_END to fix ntohl conversions. Type: fix Change-Id: I878a07b3f80fe03179feab60f0abc662f408a2c8 Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-10-20nat: nat44-ei configuration improvementsFilip Varga1-55/+52
nat44-ed core configuration improvements & fixes [0-5] adjusted for nat44-ei plugin. Improvements: * repeating code converted to functions * simplified functions used for pool address, static mapping and interface configuration. Clean up: * remove obsolete code and logic persisted after plugin separation from old SNAT plugin. Fixes: * [0] return correct API behavior changed in [5] Type: improvement [0] https://gerrit.fd.io/r/c/vpp/+/33622 [1] https://gerrit.fd.io/r/c/vpp/+/33431 [2] https://gerrit.fd.io/r/c/vpp/+/33337 [3] https://gerrit.fd.io/r/c/vpp/+/33249 [4] https://gerrit.fd.io/r/c/vpp/+/32796 [5] https://gerrit.fd.io/r/c/vpp/+/32951 Signed-off-by: Filip Varga <fivarga@cisco.com> Change-Id: Ie197faa576cb49acb3d218f14e00cb7d13ad9342
2021-10-14nat: static mappings in flow hashKlement Sekera1-0/+1
Put static mappings in flow hash, drop existing hash tables used for static mappings. Drop refcount variables and use hash table as a single point of truth. Allow creating a static mapping conflicting with dynamic mapping, which will take precedence after dynamic mapping is freed, so that the existing flow can finish transferring data. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Idfde8efabc09971be38921d4b0ca5ccf4e9fe412
2021-10-12Revert "nat: static mappings in flow hash"Ole Troan1-1/+0
This reverts commit 69b7599e4b061a8996205f0304232ede84cb70d4. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: If531b122ae5a9f91c2fe6eaa0da69922a91f16d3
2021-10-12nat: static mappings in flow hashKlement Sekera1-0/+1
Put static mappings in flow hash, drop existing hash tables used for static mappings. Drop refcount variables and use hash table as a single point of truth. Allow creating a static mapping conflicting with dynamic mapping, which will take precedence after dynamic mapping is freed, so that the existing flow can finish transferring data. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ieeba691d83a83887d0a0baccd5f3832f66126096
2021-09-30nat: doc nitfixesNathan Skrzypczak1-1/+1
Type: improvement Change-Id: I9a4303030b9657c28bbd73168def72c7daa13483 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-06-16nat: test all intf addrs in is_interface_addr()Alexander Chernavin1-1/+2
Type: fix Currently, is_interface_addr() tests if a given IPv4 address belongs to an interface by a given sw_if_index. However, there are several issues: * only the first found address on the interface is actually tested, * sw_if_index is always cached even if the interface hasn't been assigned any addresses yet. With this change, is_interface_addr() tests all IPv4 addresses on an interface by a given sw_if_index and caches sw_if_index only if there are addresses present. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: If1acc4a534647a5f0ce8e9b565b867c92a016dc3
2021-03-25nat: allocate enough space for full port usageKlement Sekera1-1/+1
Type: fix Change-Id: I068bfeaf22b9e6cce967c27acdd46d4b8541bdf8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-03-15nat: get rid of worker selection callbacksKlement Sekera1-12/+0
Make code easier to read and debug. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ib52a4cdd3bcdcc475053aa32af3964c00859e1cd
2021-03-01nat: pick outside addr based on local addrKlement Sekera1-2/+2
Use outside addresses more evenly by using local address to pick from pool of addresses. This ensures stability from POV of remote host - an internal host always gets translated using the same outside address, so it doesn't appear to be "hopping". Also, this avoids all hosts being translated using the first address, which helps avoid needless recaptchas and the like. Exact assignment depends on internal ordering of addresses - local address is used to pick an offset into internal vector. If that address cannot be used, a linear search is performed as a fallback mechanism to find a possible translation. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I7ccb1da1dda5537f5d30d2f4cb48024f4b51c1a4
2021-02-24nat: Final NAT44 EI/ED split patchFilip Varga1-6/+543
This patch achieves complete separation of endpoint-dependent and endpoint-independent IPv4 NAT features. Some common stuff is also moved to NAT library. Type: refactor Change-Id: I52468b7e2b5ac28958a2baf8e2ea01787322e801 Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-01-11nat: refactor and split fo EI/ED features p.2Filip Varga1-2/+96
Patch n. 2 aimed at moving EI features out of NAT44 plugin & split of EI/ED functions. Type: refactor Change-Id: Ida20c1c084449b146344b6c3d8442f49efb6f3fa Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-01-05nat: refactor and split fo EI/ED featuresFilip Varga1-0/+81
This patch is aimed at moving EI features out of NAT44 plugin & split of EI/ED functions. Type: refactor Change-Id: I63cf70a264ed2512708fe92665d64f04690783d0 Signed-off-by: Filip Varga <fivarga@cisco.com>