mode_set = 1;
c.endpoint_dependent = 1;
}
- else if (unformat (input, "inside-vrf %u", &c.inside_vrf));
- else if (unformat (input, "outside-vrf %u", &c.outside_vrf));
- else if (unformat (input, "users %u", &c.users));
- else if (unformat (input, "user-memory %u", &c.user_memory));
- else if (unformat (input, "sessions %u", &c.sessions));
- else if (unformat (input, "session-memory %u", &c.session_memory));
- else if (unformat (input, "user-sessions %u", &c.user_sessions));
+ else if (unformat (line_input, "inside-vrf %u", &c.inside_vrf));
+ else if (unformat (line_input, "outside-vrf %u", &c.outside_vrf));
+ else if (unformat (line_input, "users %u", &c.users));
+ else if (unformat (line_input, "sessions %u", &c.sessions));
+ else if (unformat (line_input, "user-sessions %u", &c.user_sessions));
else
{
error = clib_error_return (0, "unknown input '%U'",
}
}
- if (!(c.sessions && c.session_memory))
+ if (!c.sessions)
{
- error =
- clib_error_return (0,
- "either number of sessions or size of the memory is required");
+ error = clib_error_return (0, "number of sessions is required");
goto done;
}
snat_main_t *sm = &snat_main;
clib_error_t *error = 0;
- if (sm->enabled)
+ if (!sm->enabled)
return clib_error_return (0, "nat44 already disabled");
if (nat44_plugin_disable () != 0)
vlib_cli_output (vm, "-------- hash table parameters --------\n");
vlib_cli_output (vm, "translation buckets: %u", sm->translation_buckets);
- vlib_cli_output (vm, "translation memory size: %U",
- format_memory_size, sm->translation_memory_size);
if (!sm->endpoint_dependent)
{
vlib_cli_output (vm, "user buckets: %u", sm->user_buckets);
- vlib_cli_output (vm, "user memory size: %U",
- format_memory_size, sm->user_memory_size);
}
return 0;
}
unformat_input_t _line_input, *line_input = &_line_input;
clib_error_t *error = 0;
u32 psid, psid_offset, psid_length, port_start, port_end;
+ snat_main_t *sm = &snat_main;
+
+ if (sm->endpoint_dependent)
+ return clib_error_return (0, UNSUPPORTED_IN_ED_MODE_STR);
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
u32 count = 0;
u64 now = vlib_time_now (vm);
- u64 sess_timeout_time;
+ u64 sess_timeout_time = 0;
u32 udp_sessions = 0;
u32 tcp_sessions = 0;
/* *INDENT-OFF* */
vec_foreach (tsm, sm->per_thread_data)
{
- pool_foreach (s, tsm->sessions,
- ({
+ pool_foreach (s, tsm->sessions)
+ {
sess_timeout_time = s->last_heard +
(f64) nat44_session_get_timeout (sm, s);
if (now >= sess_timeout_time)
udp_sessions++;
break;
}
- }));
+ }
nat44_show_lru_summary (vm, tsm, now, sess_timeout_time);
count += pool_elts (tsm->sessions);
}
{
tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
/* *INDENT-OFF* */
- pool_foreach (s, tsm->sessions,
- ({
+ pool_foreach (s, tsm->sessions)
+ {
sess_timeout_time = s->last_heard +
(f64) nat44_session_get_timeout (sm, s);
if (now >= sess_timeout_time)
udp_sessions++;
break;
}
- }));
+ }
/* *INDENT-ON* */
nat44_show_lru_summary (vm, tsm, now, sess_timeout_time);
count = pool_elts (tsm->sessions);
vlib_cli_output (vm, "NAT44 interfaces:");
/* *INDENT-OFF* */
- pool_foreach (i, sm->interfaces,
- ({
+ pool_foreach (i, sm->interfaces)
+ {
vlib_cli_output (vm, " %U %s", format_vnet_sw_if_index_name, vnm,
i->sw_if_index,
(nat_interface_is_inside(i) &&
nat_interface_is_outside(i)) ? "in out" :
(nat_interface_is_inside(i) ? "in" : "out"));
- }));
+ }
- pool_foreach (i, sm->output_feature_interfaces,
- ({
+ pool_foreach (i, sm->output_feature_interfaces)
+ {
vlib_cli_output (vm, " %U output-feature %s",
format_vnet_sw_if_index_name, vnm,
i->sw_if_index,
(nat_interface_is_inside(i) &&
nat_interface_is_outside(i)) ? "in out" :
(nat_interface_is_inside(i) ? "in" : "out"));
- }));
+ }
/* *INDENT-ON* */
return 0;
vlib_cli_output (vm, "NAT44 static mappings:");
/* *INDENT-OFF* */
- pool_foreach (m, sm->static_mappings,
- ({
+ pool_foreach (m, sm->static_mappings)
+ {
vlib_cli_output (vm, " %U", format_snat_static_mapping, m);
- }));
+ }
vec_foreach (rp, sm->to_resolve)
vlib_cli_output (vm, " %U", format_snat_static_map_to_resolve, rp);
/* *INDENT-ON* */
if (!sm->endpoint_dependent)
{
snat_user_t *u;
- pool_foreach (u, tsm->users,
- ({
+ pool_foreach (u, tsm->users)
+ {
vlib_cli_output (vm, " %U", format_snat_user, tsm, u, detail);
- }));
+ }
}
else
{
snat_session_t *s;
- pool_foreach (s, tsm->sessions,
- ({
+ pool_foreach (s, tsm->sessions)
+ {
vlib_cli_output (vm, " %U\n", format_snat_session, tsm, s);
- }));
+ }
}
}
/* *INDENT-ON* */
}
}
- rv = nat44_user_del (&addr, fib_index);
+ rv = nat44_ei_user_del (&addr, fib_index);
if (!rv)
{
- error = clib_error_return (0, "nat44_user_del returned %d", rv);
+ error = clib_error_return (0, "nat44_ei_user_del returned %d", rv);
}
done:
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
- if (unformat (line_input, "udp %u", &sm->udp_timeout));
+ if (unformat (line_input, "udp %u", &sm->timeouts.udp));
else if (unformat (line_input, "tcp-established %u",
- &sm->tcp_established_timeout));
+ &sm->timeouts.tcp.established));
else if (unformat (line_input, "tcp-transitory %u",
- &sm->tcp_transitory_timeout));
- else if (unformat (line_input, "icmp %u", &sm->icmp_timeout));
+ &sm->timeouts.tcp.transitory));
+ else if (unformat (line_input, "icmp %u", &sm->timeouts.icmp));
else if (unformat (line_input, "reset"))
- {
- sm->udp_timeout = SNAT_UDP_TIMEOUT;
- sm->tcp_established_timeout = SNAT_TCP_ESTABLISHED_TIMEOUT;
- sm->tcp_transitory_timeout = SNAT_TCP_TRANSITORY_TIMEOUT;
- sm->icmp_timeout = SNAT_ICMP_TIMEOUT;
- }
+ nat_reset_timeouts (&sm->timeouts);
else
{
error = clib_error_return (0, "unknown input '%U'",
{
snat_main_t *sm = &snat_main;
- vlib_cli_output (vm, "udp timeout: %dsec", sm->udp_timeout);
+ vlib_cli_output (vm, "udp timeout: %dsec", sm->timeouts.udp);
vlib_cli_output (vm, "tcp-established timeout: %dsec",
- sm->tcp_established_timeout);
+ sm->timeouts.tcp.established);
vlib_cli_output (vm, "tcp-transitory timeout: %dsec",
- sm->tcp_transitory_timeout);
- vlib_cli_output (vm, "icmp timeout: %dsec", sm->icmp_timeout);
+ sm->timeouts.tcp.transitory);
+ vlib_cli_output (vm, "icmp timeout: %dsec", sm->timeouts.icmp);
return 0;
}
* vpp# nat44 enable sessions <n> out2in-dpo
* To enable nat44 endpoint-dependent, use:
* vpp# nat44 enable sessions <n> endpoint-dependent
- * To overwrite user hash configuration, use:
- * vpp# nat44 enable sessions <n> user-memory <n>
- * To overwrite session hash configuration, use:
- * vpp# nat44 enable session-memory <n>
* To set inside-vrf outside-vrf, use:
* vpp# nat44 enable sessions <n> inside-vrf <id> outside-vrf <id>
* @cliexend
?*/
VLIB_CLI_COMMAND (nat44_enable_command, static) = {
.path = "nat44 enable",
- .short_help = "nat44 enable sessions <max-number> [users <max-number>] [static-mappig-only [connection-tracking]|out2in-dpo|endpoint-dependent] [inside-vrf <vrf-id>] [outside-vrf <vrf-id>] [user-memory <number>] [session-memory <number>] [user-sessions <max-number>]",
+ .short_help = "nat44 enable sessions <max-number> [users <max-number>] [static-mappig-only [connection-tracking]|out2in-dpo|endpoint-dependent] [inside-vrf <vrf-id>] [outside-vrf <vrf-id>] [user-sessions <max-number>]",
.function = nat44_enable_command_fn,
};