X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fnat%2Fnat.h;h=bc998da99820b3b7b4dedba700da2a33209d6389;hb=c611f36bbc75a7157bbec26a78178872ddc5441f;hp=d2b114afbbecda7d3f8d960a6d166f111d284861;hpb=ba5f9bc7534bcf58225b0658993728b1f4d47a67;p=vpp.git

diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index d2b114afbbe..bc998da9982 100644
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -45,11 +45,6 @@
 /* NAT buffer flags */
 #define SNAT_FLAG_HAIRPINNING (1 << 0)
 
-typedef struct
-{
-  u32 arc_next;
-} nat_buffer_opaque_t;
-
 typedef enum
 {
   NAT_NEXT_DROP,
@@ -69,18 +64,6 @@ typedef struct
   u32 next_index;
 } nat_pre_trace_t;
 
-#define nat_buffer_opaque(b) \
-  ((nat_buffer_opaque_t *)((vnet_buffer_opaque2_t *)b->opaque2)->__unused2)
-
-/*
-STATIC_ASSERT (sizeof (nat_buffer_opaque_t) <=
-               STRUCT_SIZE_OF (vnet_buffer_opaque_t, unused),
-               "Custom meta-data too large for vnet_buffer_opaque_t");
-
-#define nat_buffer_opaque(b) \
-  ((nat_buffer_opaque_t *)((u8 *)((b)->opaque) + \
-    STRUCT_OFFSET_OF (vnet_buffer_opaque_t, unused)))*/
-
 /* session key (4-tuple) */
 typedef struct
 {
@@ -96,23 +79,6 @@ typedef struct
   };
 } snat_session_key_t;
 
-/* endpoint-dependent session key (6-tuple) */
-typedef struct
-{
-  union
-  {
-    struct
-    {
-      ip4_address_t l_addr;
-      ip4_address_t r_addr;
-      u32 proto:8, fib_index:24;
-      u16 l_port;
-      u16 r_port;
-    };
-    u64 as_u64[2];
-  };
-} nat_ed_ses_key_t;
-
 /* deterministic session outside key */
 typedef struct
 {
@@ -142,13 +108,6 @@ typedef struct
   };
 } snat_user_key_t;
 
-typedef struct
-{
-  u32 sw_if_index;
-  u32 next_index;
-  u8 cached;
-} nat44_reass_trace_t;
-
 /* NAT API Configuration flags */
 #define foreach_nat_config_flag \
   _(0x01, IS_TWICE_NAT)         \
@@ -223,8 +182,6 @@ _(BAD_ICMP_TYPE, "unsupported ICMP type")               \
 _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded")   \
 _(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \
 _(DROP_FRAGMENT, "drop fragment")                       \
-_(MAX_REASS, "maximum reassemblies exceeded")           \
-_(MAX_FRAG, "maximum fragments per reassembly exceeded")\
 _(CANNOT_CREATE_USER, "cannot create NAT user")         \
 _(NON_SYN, "non-SYN packet try to create session")      \
 _(TCP_PACKETS, "TCP packets")                           \
@@ -253,8 +210,6 @@ _(NO_TRANSLATION, "no translation")                     \
 _(MAX_SESSIONS_EXCEEDED, "maximum sessions exceeded")   \
 _(MAX_USER_SESS_EXCEEDED, "max user sessions exceeded") \
 _(DROP_FRAGMENT, "drop fragment")                       \
-_(MAX_REASS, "maximum reassemblies exceeded")           \
-_(MAX_FRAG, "maximum fragments per reassembly exceeded")\
 _(CANNOT_CREATE_USER, "cannot create NAT user")         \
 _(NON_SYN, "non-SYN packet try to create session")      \
 _(TCP_PACKETS, "TCP packets")                           \
@@ -361,8 +316,6 @@ typedef struct
   u32 sessions_per_user_list_head_index;
   u32 nsessions;
   u32 nstaticsessions;
-  /* discovered minimum session timeout time */
-  u64 min_session_timeout;
 } snat_user_t;
 
 typedef struct
@@ -535,14 +488,6 @@ typedef struct
   /* real thread index */
   u32 thread_index;
 
-  /* discovered minimum session timeout time */
-  u64 min_session_timeout;
-
-  /* session scavenging */
-  u32 cleared;
-  u32 cleanup_runs;
-  f64 cleanup_timeout;
-
 } snat_main_per_thread_data_t;
 
 struct snat_main_s;
@@ -576,27 +521,6 @@ typedef int (nat_alloc_out_addr_and_port_function_t) (snat_address_t *
 						      u16 port_per_thread,
 						      u32 snat_thread_index);
 
-typedef struct ed_bihash_key_s
-{
-  u32 src_address;
-  u32 dst_address;
-  u16 src_port;
-  u16 dst_port;
-  u8 protocol;
-} ed_bihash_key_t;
-
-typedef struct ed_bihash_kv_s
-{
-  union
-  {
-    ed_bihash_key_t k;
-    clib_bihash_kv_16_8_t kv;
-  };
-} ed_bihash_kv_t;
-
-STATIC_ASSERT (STRUCT_SIZE_OF (ed_bihash_kv_t, k) <=
-	       STRUCT_SIZE_OF (ed_bihash_kv_t, kv.key),
-	       "ed key needs to fit in bihash key");
 
 typedef struct snat_main_s
 {
@@ -710,21 +634,22 @@ typedef struct snat_main_s
   u8 deterministic;
   u8 out2in_dpo;
   u8 endpoint_dependent;
+
   u32 translation_buckets;
-  u32 translation_memory_size;
+  uword translation_memory_size;
   u32 max_translations;
+  u32 *max_translations_per_fib;
+
   u32 user_buckets;
-  u32 user_memory_size;
+  uword user_memory_size;
   u32 max_translations_per_user;
+
   u32 outside_vrf_id;
   u32 outside_fib_index;
   u32 inside_vrf_id;
   u32 inside_fib_index;
 
   /* values of various timeouts */
-
-  // min timeout of all proto timeouts
-  u32 min_timeout;
   // proto timeouts
   u32 udp_timeout;
   u32 tcp_transitory_timeout;
@@ -753,8 +678,6 @@ typedef struct snat_main_s
   ip4_main_t *ip4_main;
   ip_lookup_main_t *ip4_lookup_main;
   api_main_t *api_main;
-
-  clib_bihash_16_8_t ed_ext_ports;
 } snat_main_t;
 
 typedef struct
@@ -793,7 +716,6 @@ extern fib_source_t nat_fib_src_low;
 
 /* format functions */
 format_function_t format_snat_user;
-format_function_t format_snat_user_v2;
 format_function_t format_snat_static_mapping;
 format_function_t format_snat_static_map_to_resolve;
 format_function_t format_snat_session;
@@ -1156,9 +1078,6 @@ void nat44_ed_hairpinning_unknown_proto (snat_main_t * sm, vlib_buffer_t * b,
 int snat_hairpinning (snat_main_t * sm, vlib_buffer_t * b0,
 		      ip4_header_t * ip0, udp_header_t * udp0,
 		      tcp_header_t * tcp0, u32 proto0, int is_ed);
-void nat44_reass_hairpinning (snat_main_t * sm, vlib_buffer_t * b0,
-			      ip4_header_t * ip0, u16 sport, u16 dport,
-			      u32 proto0, int is_ed);
 
 /* Call back functions for clib_bihash_add_or_overwrite_stale */
 int nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t * kv, void *arg);
@@ -1337,6 +1256,15 @@ int nat44_del_ed_session (snat_main_t * sm, ip4_address_t * addr, u16 port,
 void nat_free_session_data (snat_main_t * sm, snat_session_t * s,
 			    u32 thread_index, u8 is_ha);
 
+/**
+ * @brief Set NAT44 session limit (session limit, vrf id)
+ *
+ * @param session_limit Session limit
+ * @param vrf_id        VRF id
+ * @return 0 on success, non-zero value otherwise
+ */
+int nat44_set_session_limit (u32 session_limit, u32 vrf_id);
+
 /**
  * @brief Free NAT44 ED session data (lookup keys, external addrres port)
  *
@@ -1347,6 +1275,21 @@ void nat_free_session_data (snat_main_t * sm, snat_session_t * s,
 void
 nat44_free_session_data (snat_main_t * sm, snat_session_t * s,
 			 u32 thread_index, u8 is_ha);
+
+/**
+ * @brief Initialize NAT44 data
+ *
+ * @param tsm          per thread data
+ */
+void nat44_db_init (snat_main_per_thread_data_t * tsm);
+
+/**
+ * @brief Free NAT44 data
+ *
+ * @param tsm          per thread data
+ */
+void nat44_db_free (snat_main_per_thread_data_t * tsm);
+
 /**
  * @brief Find or create NAT user
  *
@@ -1375,13 +1318,12 @@ snat_session_t *nat_session_alloc_or_recycle (snat_main_t * sm,
 /**
  * @brief Allocate NAT endpoint-dependent session
  *
- * @param u            NAT user
  * @param thread_index thread index
  *
  * @return session data structure on success otherwise zero value
  */
-snat_session_t *nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u,
-				      u32 thread_index, f64 now);
+snat_session_t *nat_ed_session_alloc (snat_main_t * sm, u32 thread_index,
+				      f64 now);
 
 /**
  * @brief Set address and port assignment algorithm for MAP-E CE
@@ -1492,6 +1434,8 @@ typedef struct
   u16 src_port, dst_port;
 } tcp_udp_header_t;
 
+int nat_global_lru_free_one (snat_main_t * sm, int thread_index, f64 now);
+
 #endif /* __included_nat_h__ */
 /*
  * fd.io coding-style-patch-verification: ON