Age | Commit message (Collapse) | Author | Files | Lines |
|
By storing thread and session index in hash table we are able to skip
multiple hash lookups in multi-worker scenario, which were used for
handoff before. Also, by storing sesion index in vnet_buffer2, we can
avoid repeating the lookup after handoff.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I406fb12f4e2dd8f4a5ca5d83d59dbc37e1af9abf
|
|
This fixes a situation where long-lived inactive session blocks LRU
list. Solution is to have multiple LRU lists based on session type.
This helps because session timeout is same for all sessions of same
type.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I5e54b2aab73b23911d6518d42e8c3f166c69a38c
|
|
Force session cleanup drops NAT db.
Also fixing user specific cli/api calls.
Type: improvement
Change-Id: Ia3e25fcf07fe5fb9a83d55c03fe90aca727b41ac
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I33b2b38961b200dc3297b82124a7107b9ecbd0de
|
|
Type: improvement
Change-Id: I170256ab47978db34fb0ff6808d9cd54ab872410
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
With port overloading, port is no longer a scarce resource and there
is no need to limit connections per internal IP. This saves one hash
insert in slow path.
Type: improvement
Change-Id: I8a7a9713ac855fa99fa1617ec684f757cf6e09ae
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: refactor
Change-Id: I9f743ba2818e1b1c5004c3575925cc7b479948d8
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Maintain a global session LRU allowing reuse of expired session instead
of relying on a scavenging mechanism to periodically walk sessions.
Whenever a new session is being allocated in slow path, also attempt to
free an expired session from global LRU list.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9edde9ec138de67c9a4888e915b0490ec16415fa
|
|
Wait transitory timeout seconds before moving internal state of TCP
session to CLOSED state per RFC 7857. This patch implements this
functionality for endpoint-dependent NAT.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
|
|
Patch changes the behavior of session scavenging and fixes multiple
nat issues. Allows proper session clearing and removes issue with lingering sessions
in session db. Patch also updates and fixes CLI/API calls for better readability
of session state metrics. Fixes security issue that would allow attacker to
reuse timed out session in both directions (in2out/out2in).
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I78897585a2a57291fad5db6d457941aa0a0457bd
|
|
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ia5dbfe864c18e953ff49147a9a4684d2ca14b96e
|
|
Save the next session timeout when sweeping sessions for cleanup so that
we can avoid unnecessary runs of the sweeping algorithm.
Type: fix
Change-Id: I736d00f2dfe242af10f963fbe34b11128f8b0613
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Ticket: VPP-1836
Type: feature
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I8f7fc011bac435445a8916a4948d130ca9162f67
|
|
Change-Id: Ie2a3c0f44322dd8415603b7ce51bb72d72769c95
Ticket: VPP-1815
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
|