From 69b7599e4b061a8996205f0304232ede84cb70d4 Mon Sep 17 00:00:00 2001
From: Klement Sekera <ksekera@cisco.com>
Date: Wed, 26 May 2021 13:02:35 +0200
Subject: nat: static mappings in flow hash

Put static mappings in flow hash, drop existing hash tables used for
static mappings. Drop refcount variables and use hash table as a single
point of truth. Allow creating a static mapping conflicting with dynamic
mapping, which will take precedence after dynamic mapping is freed, so
that the existing flow can finish transferring data.

Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ieeba691d83a83887d0a0baccd5f3832f66126096
---
 src/plugins/nat/nat44-ei/nat44_ei.c         |  6 ++++--
 src/plugins/nat/nat44-ei/nat44_ei.h         |  1 +
 src/plugins/nat/nat44-ei/nat44_ei_in2out.c  | 16 +++++++---------
 src/plugins/nat/nat44-ei/nat44_ei_inlines.h | 24 ++++++++++++++++++++++++
 src/plugins/nat/nat44-ei/nat44_ei_out2in.c  | 21 ++++++++-------------
 5 files changed, 44 insertions(+), 24 deletions(-)

(limited to 'src/plugins/nat/nat44-ei')

diff --git a/src/plugins/nat/nat44-ei/nat44_ei.c b/src/plugins/nat/nat44-ei/nat44_ei.c
index 2dbef8e34df..3691af3a53e 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei.c
@@ -1102,7 +1102,8 @@ nat44_ei_free_session_data_v2 (nat44_ei_main_t *nm, nat44_ei_session_t *s,
       /* log NAT event */
       nat_ipfix_logging_nat44_ses_delete (
 	thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32,
-	s->nat_proto, s->in2out.port, s->out2in.port, s->in2out.fib_index);
+	nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port,
+	s->in2out.fib_index);
 
       nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr,
 		   s->ext_host_port, s->nat_proto, s->out2in.fib_index,
@@ -1270,7 +1271,8 @@ nat44_ei_free_session_data (nat44_ei_main_t *nm, nat44_ei_session_t *s,
 
       nat_ipfix_logging_nat44_ses_delete (
 	thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32,
-	s->nat_proto, s->in2out.port, s->out2in.port, s->in2out.fib_index);
+	nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port,
+	s->in2out.fib_index);
 
       nat_ha_sdel (&s->out2in.addr, s->out2in.port, &s->ext_host_addr,
 		   s->ext_host_port, s->nat_proto, s->out2in.fib_index,
diff --git a/src/plugins/nat/nat44-ei/nat44_ei.h b/src/plugins/nat/nat44-ei/nat44_ei.h
index 2e5d85f071a..2e95b1413ca 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei.h
+++ b/src/plugins/nat/nat44-ei/nat44_ei.h
@@ -36,6 +36,7 @@
 
 #include <nat/lib/lib.h>
 #include <nat/lib/inlines.h>
+#include <nat/lib/nat_proto.h>
 
 /* default number of worker handoff frame queue elements */
 #define NAT_FQ_NELTS_DEFAULT 64
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c
index 1e28ed6b635..a2fc5910584 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei_in2out.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei_in2out.c
@@ -271,13 +271,10 @@ nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg)
       if (clib_bihash_add_del_8_8 (&nm->out2in, &s_kv, 0))
 	nat_elog_warn (nm, "out2in key del failed");
 
-      nat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
-					  s->in2out.addr.as_u32,
-					  s->out2in.addr.as_u32,
-					  s->nat_proto,
-					  s->in2out.port,
-					  s->out2in.port,
-					  s->in2out.fib_index);
+      nat_ipfix_logging_nat44_ses_delete (
+	ctx->thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32,
+	nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port,
+	s->in2out.fib_index);
 
       nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index,
 			       &s->in2out.addr, s->in2out.port,
@@ -430,8 +427,9 @@ slow_path (nat44_ei_main_t *nm, vlib_buffer_t *b0, ip4_header_t *ip0,
 
   /* log NAT event */
   nat_ipfix_logging_nat44_ses_create (
-    thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32, s->nat_proto,
-    s->in2out.port, s->out2in.port, s->in2out.fib_index);
+    thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32,
+    nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port,
+    s->in2out.fib_index);
 
   nat_syslog_nat44_apmadd (s->user_index, s->in2out.fib_index, &s->in2out.addr,
 			   s->in2out.port, &s->out2in.addr, s->out2in.port,
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_inlines.h b/src/plugins/nat/nat44-ei/nat44_ei_inlines.h
index 672927256d1..399486c77dc 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei_inlines.h
+++ b/src/plugins/nat/nat44-ei/nat44_ei_inlines.h
@@ -20,6 +20,7 @@
 
 #include <nat/nat44-ei/nat44_ei.h>
 #include <nat/nat44-ei/nat44_ei_ha.h>
+#include <nat/lib/nat_proto.h>
 
 always_inline u64
 calc_nat_key (ip4_address_t addr, u16 port, u32 fib_index, u8 proto)
@@ -220,6 +221,29 @@ nat44_ei_session_update_counters (nat44_ei_session_t *s, f64 now, uword bytes,
 	       &s->ha_last_refreshed, now);
 }
 
+static_always_inline u32
+nat_session_get_timeout (nat_timeouts_t *timeouts, nat_protocol_t proto,
+			 u8 state)
+{
+  switch (proto)
+    {
+    case NAT_PROTOCOL_ICMP:
+      return timeouts->icmp;
+    case NAT_PROTOCOL_UDP:
+      return timeouts->udp;
+    case NAT_PROTOCOL_TCP:
+      {
+	if (state)
+	  return timeouts->tcp.transitory;
+	else
+	  return timeouts->tcp.established;
+      }
+    default:
+      return timeouts->udp;
+    }
+  return 0;
+}
+
 #endif /* __included_nat44_ei_inlines_h__ */
 
 /*
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c
index 7796b11cfd7..7858811fde5 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei_out2in.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei_out2in.c
@@ -124,13 +124,10 @@ nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t * kv, void *arg)
       if (clib_bihash_add_del_8_8 (&nm->in2out, &s_kv, 0))
 	nat_elog_warn (nm, "out2in key del failed");
 
-      nat_ipfix_logging_nat44_ses_delete (ctx->thread_index,
-					  s->in2out.addr.as_u32,
-					  s->out2in.addr.as_u32,
-					  s->nat_proto,
-					  s->in2out.port,
-					  s->out2in.port,
-					  s->in2out.fib_index);
+      nat_ipfix_logging_nat44_ses_delete (
+	ctx->thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32,
+	nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port,
+	s->in2out.fib_index);
 
       nat_syslog_nat44_apmdel (s->user_index, s->in2out.fib_index,
 			       &s->in2out.addr, s->in2out.port,
@@ -233,12 +230,10 @@ create_session_for_static_mapping (
     nat_elog_notice (nm, "out2in key add failed");
 
   /* log NAT event */
-  nat_ipfix_logging_nat44_ses_create (thread_index,
-				      s->in2out.addr.as_u32,
-				      s->out2in.addr.as_u32,
-				      s->nat_proto,
-				      s->in2out.port,
-				      s->out2in.port, s->in2out.fib_index);
+  nat_ipfix_logging_nat44_ses_create (
+    thread_index, s->in2out.addr.as_u32, s->out2in.addr.as_u32,
+    nat_proto_to_ip_proto (s->nat_proto), s->in2out.port, s->out2in.port,
+    s->in2out.fib_index);
 
   nat_syslog_nat44_apmadd (s->user_index, s->in2out.fib_index,
 			   &s->in2out.addr, s->in2out.port, &s->out2in.addr,
-- 
cgit 1.2.3-korg