Age | Commit message (Collapse) | Author | Files | Lines |
|
Maintain a global session LRU allowing reuse of expired session instead
of relying on a scavenging mechanism to periodically walk sessions.
Whenever a new session is being allocated in slow path, also attempt to
free an expired session from global LRU list.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9edde9ec138de67c9a4888e915b0490ec16415fa
|
|
Wait transitory timeout seconds before moving internal state of TCP
session to CLOSED state per RFC 7857. This patch implements this
functionality for endpoint-dependent NAT.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
|
|
Patch changes the behavior of session scavenging and fixes multiple
nat issues. Allows proper session clearing and removes issue with lingering sessions
in session db. Patch also updates and fixes CLI/API calls for better readability
of session state metrics. Fixes security issue that would allow attacker to
reuse timed out session in both directions (in2out/out2in).
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I78897585a2a57291fad5db6d457941aa0a0457bd
|
|
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ia5dbfe864c18e953ff49147a9a4684d2ca14b96e
|
|
Save the next session timeout when sweeping sessions for cleanup so that
we can avoid unnecessary runs of the sweeping algorithm.
Type: fix
Change-Id: I736d00f2dfe242af10f963fbe34b11128f8b0613
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Ticket: VPP-1836
Type: feature
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I8f7fc011bac435445a8916a4948d130ca9162f67
|
|
Change-Id: Ie2a3c0f44322dd8415603b7ce51bb72d72769c95
Ticket: VPP-1815
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
|