From 579a6fb89baf325d96fe49bc52e9fec5f98a780c Mon Sep 17 00:00:00 2001 From: Vladislav Grishenko Date: Thu, 16 Mar 2023 19:31:00 +0500 Subject: nat: improve nat44-ed outside address distribution Use client address hash to pick the first outside address instead of just address high octet, becasue it may denegerate into stable 10/172/192, depending on nat address count. Fix outside address distribution test to acually test the distribution, not the algo, so previous distribution will fail with 65 nat addresses and 100 clients: FAIL: Outside address distribution based on source address Traceback (most recent call last): File ".../test/test_nat44_ed.py", line 2048, in test_outside_address_distribution msg="Bad outside address distribution") AssertionError: 156.25 not less than 0.33 : Bad outside address distribution Type: improvement Change-Id: I604b1294422f20d211db5614c47559557a78a193 Signed-off-by: Vladislav Grishenko --- src/plugins/nat/nat44-ed/nat44_ed_in2out.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/plugins/nat') diff --git a/src/plugins/nat/nat44-ed/nat44_ed_in2out.c b/src/plugins/nat/nat44-ed/nat44_ed_in2out.c index deec0099933..4ba51bcaea6 100644 --- a/src/plugins/nat/nat44-ed/nat44_ed_in2out.c +++ b/src/plugins/nat/nat44-ed/nat44_ed_in2out.c @@ -155,7 +155,9 @@ nat_ed_alloc_addr_and_port (snat_main_t *sm, u32 rx_fib_index, { if (vec_len (sm->addresses) > 0) { - u32 s_addr_offset = s_addr.as_u32 % vec_len (sm->addresses); + u32 s_addr_offset = (s_addr.as_u32 + (s_addr.as_u32 >> 8) + + (s_addr.as_u32 >> 16) + (s_addr.as_u32 >> 24)) % + vec_len (sm->addresses); snat_address_t *a, *ja = 0, *ra = 0, *ba = 0; int i; -- cgit 1.2.3-korg