aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat44-ei
AgeCommit message (Collapse)AuthorFilesLines
2021-03-07nat: fix worker selectionKlement Sekera1-1/+1
Use correct ports from SVR. Perform lookup of existing session for all cases to pick any created bypasses and derive correct thread indexes. Type: fix Change-Id: I1e3814c9e13cd4d9b8d65f514f7e9ab42df3c22e Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-03-01nat: pick outside addr based on local addrKlement Sekera3-36/+40
Use outside addresses more evenly by using local address to pick from pool of addresses. This ensures stability from POV of remote host - an internal host always gets translated using the same outside address, so it doesn't appear to be "hopping". Also, this avoids all hosts being translated using the first address, which helps avoid needless recaptchas and the like. Exact assignment depends on internal ordering of addresses - local address is used to pick an offset into internal vector. If that address cannot be used, a linear search is performed as a fallback mechanism to find a possible translation. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I7ccb1da1dda5537f5d30d2f4cb48024f4b51c1a4
2021-02-24nat: Final NAT44 EI/ED split patchFilip Varga15-1337/+9111
This patch achieves complete separation of endpoint-dependent and endpoint-independent IPv4 NAT features. Some common stuff is also moved to NAT library. Type: refactor Change-Id: I52468b7e2b5ac28958a2baf8e2ea01787322e801 Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-02-10nat: fix EI hairpinning thread safetyKlement Sekera1-24/+242
Avoid doing inter-thread reads without locks by doing a handoff before destination address rewrite. Destination address is read from a session which is possibly owned by a different thread. By splitting the work in two parts with a handoff in the middle, we can do both in a thread safe way. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I1c50d188393a610f5564fa230c75771a8065f273
2021-02-09nat: improve type safety and remove unused paramKlement Sekera2-51/+51
Type: improvement Change-Id: I456f9b14e6a4eb46c9c49f6e09acccae530e4ebc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-02-05nat: configurable handoff frame queue sizeElias Rudberg1-0/+3
Make number of worker handoff frame queue elements configurable as a set nat frame-queue-nelts command. The default value is 64 which is the same value that was previously hard-coded. The idea is that allowing larger values can be useful in some cases, to avoid congestion drops. Also add nat_set_fq_options API support and a corresponding test case. Type: improvement Change-Id: I5c321eb2d7997f76fac2703d9c4a5b2516375db3 Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
2021-02-04nat: reduce number of hash tables for EI NATKlement Sekera4-81/+73
Making code more simple and storing thread index along with session index as a preparation step for fixing thread safety patches. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ib0c531e9f1f64b1f1ee912d4a83279200638e931
2021-01-18nat: deal with flows instead of sessionsKlement Sekera2-5/+5
This change introduces flow concept to endpoint-dependent NAT. Instead of having a session and a plethora of special cases in code for e.g. hairpinning, twice-nat and others, figure all this out and store it in flow logic. Every flow has a match and a rewrite part. This unifies all the NAT packet processing cases into one - match a flow and rewrite the packet based on that flow. It also provides a cure for hairpinning dilemma where one part of the flow is on one worker and another on a different one. These cases are also sped up by not requiring destination adress lookup every single time to be able to rewrite source nat as this is now part of flow rewrite logic. Type: improvement Change-Id: Ib60c992e16792ea4d4129bc10202ebb99a73b5be Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-01-11nat: refactor and split fo EI/ED features p.2Filip Varga4-43/+917
Patch n. 2 aimed at moving EI features out of NAT44 plugin & split of EI/ED functions. Type: refactor Change-Id: Ida20c1c084449b146344b6c3d8442f49efb6f3fa Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-01-05nat: refactor and split fo EI/ED featuresFilip Varga8-0/+5783
This patch is aimed at moving EI features out of NAT44 plugin & split of EI/ED functions. Type: refactor Change-Id: I63cf70a264ed2512708fe92665d64f04690783d0 Signed-off-by: Filip Varga <fivarga@cisco.com>