#define CNAT_DEFAULT_SESSION_BUCKETS 1024
#define CNAT_DEFAULT_TRANSLATION_BUCKETS 1024
+#define CNAT_DEFAULT_CLIENT_BUCKETS 1024
#define CNAT_DEFAULT_SNAT_BUCKETS 1024
+#define CNAT_DEFAULT_SNAT_IF_MAP_LEN 4096
#define CNAT_DEFAULT_SESSION_MEMORY (1 << 20)
#define CNAT_DEFAULT_TRANSLATION_MEMORY (256 << 10)
-#define CNAT_DEFAULT_SNAT_MEMORY (64 << 20)
+#define CNAT_DEFAULT_CLIENT_MEMORY (256 << 10)
+#define CNAT_DEFAULT_SNAT_MEMORY (64 << 10)
/* Should be prime >~ 100 * numBackends */
#define CNAT_DEFAULT_MAGLEV_LEN 1009
* from fib_source.h */
#define CNAT_FIB_SOURCE_PRIORITY 0x02
-/* Initial refcnt for timestamps (2 : session & rsession) */
-#define CNAT_TIMESTAMP_INIT_REFCNT 2
+/* Initial number of timestamps for a session
+ * this will be incremented when adding the reverse
+ * session in cnat_rsession_create */
+#define CNAT_TIMESTAMP_INIT_REFCNT 1
#define MIN_SRC_PORT ((u16) 0xC000)
+typedef struct
+{
+ /* Source and destination port. */
+ u16 src_port, dst_port;
+
+ /* Random value to distinguish connections. */
+ u32 verification_tag;
+
+ u32 checksum;
+} sctp_header_t;
+
+typedef enum cnat_trk_flag_t_
+{
+ /* Endpoint is active (static or dhcp resolved) */
+ CNAT_TRK_ACTIVE = (1 << 0),
+ /* Don't translate this endpoint, but still
+ * forward. Used by maglev for DSR */
+ CNAT_TRK_FLAG_NO_NAT = (1 << 1),
+ /* */
+ CNAT_TRK_FLAG_TEST_DISABLED = (1 << 7),
+} cnat_trk_flag_t;
+
typedef enum
{
/* Endpoint addr has been resolved */
u16 sequence;
} cnat_echo_header_t;
-typedef struct
-{
- u32 dst_address_length_refcounts[129];
- u16 *prefix_lengths_in_search_order;
- uword *non_empty_dst_address_length_bitmap;
-} cnat_snat_pfx_table_meta_t;
-
-typedef struct
-{
- /* Stores (ip family, prefix & mask) */
- clib_bihash_24_8_t ip_hash;
- /* family dependant cache */
- cnat_snat_pfx_table_meta_t meta[2];
- /* Precomputed ip masks (ip4 & ip6) */
- ip6_address_t ip_masks[129];
-} cnat_snat_pfx_table_t;
-
typedef struct cnat_main_
{
/* Memory size of the session bihash */
/* Number of buckets of the translation bihash */
u32 translation_hash_buckets;
+ /* Memory size of the client bihash */
+ uword client_hash_memory;
+
+ /* Number of buckets of the client bihash */
+ u32 client_hash_buckets;
+
/* Memory size of the source NAT prefix bihash */
uword snat_hash_memory;
/* Number of buckets of the source NAT prefix bihash */
u32 snat_hash_buckets;
+ /* Bit map for include / exclude sw_if_index
+ * so max number of expected interfaces */
+ u32 snat_if_map_length;
+
/* Timeout after which to clear sessions (in seconds) */
u32 session_max_age;
/* delay in seconds between two scans of session/clients tables */
f64 scanner_timeout;
- /* Lock for the timestamp pool */
- clib_rwlock_t ts_lock;
-
- /* Ip4 Address to use for source NATing */
- cnat_endpoint_t snat_ip4;
-
- /* Ip6 Address to use for source NATing */
- cnat_endpoint_t snat_ip6;
-
- /* Longest prefix Match table for source NATing */
- cnat_snat_pfx_table_t snat_pfx_table;
-
/* Index of the scanner process node */
uword scanner_node_index;
u16 refcnt;
} cnat_timestamp_t;
+/* Create the first pool with 1 << CNAT_TS_BASE_SIZE elts */
+#define CNAT_TS_BASE_SIZE (8)
+/* reserve the top CNAT_TS_MPOOL_BITS bits for finding the pool */
+#define CNAT_TS_MPOOL_BITS (6)
+
+typedef struct cnat_timestamp_mpool_t_
+{
+ /* Increasing fixed size pools of timestamps */
+ cnat_timestamp_t *ts_pools[1 << CNAT_TS_MPOOL_BITS];
+ /* Bitmap of pools with free space */
+ uword *ts_free;
+ /* Index of next pool to init */
+ u8 next_empty_pool_idx;
+ /* ts creation lock */
+ clib_spinlock_t ts_lock;
+} cnat_timestamp_mpool_t;
+
typedef struct cnat_node_ctx_
{
f64 now;
extern uword unformat_cnat_ep_tuple (unformat_input_t * input,
va_list * args);
extern uword unformat_cnat_ep (unformat_input_t * input, va_list * args);
-extern cnat_timestamp_t *cnat_timestamps;
-extern fib_source_t cnat_fib_source;
+extern cnat_timestamp_mpool_t cnat_timestamps;
extern cnat_main_t cnat_main;
extern char *cnat_error_strings[];