X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fnat%2Fnat64.c;h=8396bd1b76bb77d84022df45205f270eefc559ff;hb=2d24cd027275905f308f75bf45d0f9d163f2235b;hp=deeb0717b7e0e2de23de0fbfc309eba6828875b5;hpb=51e759fd0655b6089360e1ccf2f5341704549fd4;p=vpp.git

diff --git a/src/plugins/nat/nat64.c b/src/plugins/nat/nat64.c
index deeb0717b7e..8396bd1b76b 100644
--- a/src/plugins/nat/nat64.c
+++ b/src/plugins/nat/nat64.c
@@ -20,6 +20,7 @@
 #include <nat/nat64.h>
 #include <nat/nat64_db.h>
 #include <nat/nat_reass.h>
+#include <nat/nat_inlines.h>
 #include <vnet/fib/ip4_fib.h>
 #include <vppinfra/crc32.h>
 
@@ -202,7 +203,7 @@ nat64_get_worker_out2in (ip4_header_t * ip)
   /* worker by outside port  (TCP/UDP) */
   port = clib_net_to_host_u16 (port);
   if (port > 1024)
-    return (u32) ((port - 1024) / sm->port_per_thread);
+    return nm->sm->first_worker_index + ((port - 1024) / sm->port_per_thread);
 
   return vlib_get_thread_index ();
 }
@@ -230,7 +231,8 @@ nat64_init (vlib_main_t * vm)
   nm->icmp_timeout = SNAT_ICMP_TIMEOUT;
   nm->tcp_trans_timeout = SNAT_TCP_TRANSITORY_TIMEOUT;
   nm->tcp_est_timeout = SNAT_TCP_ESTABLISHED_TIMEOUT;
-  nm->tcp_incoming_syn_timeout = SNAT_TCP_INCOMING_SYN;
+
+  nm->total_enabled_count = 0;
 
   /* Set up the interface address add/del callback */
   cb4.function = nat64_ip4_add_del_interface_address_cb;
@@ -241,6 +243,10 @@ nat64_init (vlib_main_t * vm)
   return 0;
 }
 
+static void nat64_free_out_addr_and_port (struct nat64_db_s *db,
+					  ip4_address_t * addr, u16 port,
+					  u8 protocol);
+
 void
 nat64_set_hash (u32 bib_buckets, u32 bib_memory_size, u32 st_buckets,
 		u32 st_memory_size)
@@ -257,8 +263,8 @@ nat64_set_hash (u32 bib_buckets, u32 bib_memory_size, u32 st_buckets,
   vec_foreach (db, nm->db)
     {
       if (nat64_db_init (db, bib_buckets, bib_memory_size, st_buckets,
-                         st_memory_size))
-        clib_warning ("NAT64 DB init failed");
+                         st_memory_size, nat64_free_out_addr_and_port))
+	nat_log_err ("NAT64 DB init failed");
     }
   /* *INDENT-ON* */
 }
@@ -310,16 +316,16 @@ nat64_add_del_pool_addr (ip4_address_t * addr, u32 vrf_id, u8 is_add)
       if (a->fib_index != ~0)
 	fib_table_unlock (a->fib_index, FIB_PROTOCOL_IP6,
 			  FIB_SOURCE_PLUGIN_HI);
+      /* Delete sessions using address */
+        /* *INDENT-OFF* */
+        vec_foreach (db, nm->db)
+          nat64_db_free_out_addr (db, &a->addr);
 #define _(N, id, n, s) \
       clib_bitmap_free (a->busy_##n##_port_bitmap);
       foreach_snat_protocol
 #undef _
-	/* Delete sessions using address */
-        /* *INDENT-OFF* */
-        vec_foreach (db, nm->db)
-          nat64_db_free_out_addr (db, &a->addr);
         /* *INDENT-ON* */
-	vec_del1 (nm->addr_pool, i);
+      vec_del1 (nm->addr_pool, i);
     }
 
   /* Add/del external address to FIB */
@@ -426,6 +432,12 @@ nat64_add_del_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
 	interface->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
       else
 	interface->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE;
+
+      nm->total_enabled_count++;
+      vlib_process_signal_event (nm->sm->vlib_main,
+				 nm->nat64_expire_walk_node_index,
+				 NAT64_CLEANER_RESCHEDULE, 0);
+
     }
   else
     {
@@ -439,6 +451,8 @@ nat64_add_del_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
 	  ~NAT_INTERFACE_FLAG_IS_OUTSIDE;
       else
 	pool_put (nm->interfaces, interface);
+
+      nm->total_enabled_count--;
     }
 
   if (!is_inside)
@@ -492,14 +506,17 @@ nat64_alloc_out_addr_and_port (u32 fib_index, snat_protocol_t proto,
   nat64_main_t *nm = &nat64_main;
   snat_main_t *sm = nm->sm;
   snat_session_key_t k;
-  u32 ai;
+  u32 worker_index = 0;
   int rv;
 
   k.protocol = proto;
 
+  if (sm->num_workers > 1)
+    worker_index = thread_index - sm->first_worker_index;
+
   rv =
-    sm->alloc_addr_and_port (nm->addr_pool, fib_index, thread_index, &k, &ai,
-			     sm->port_per_thread, thread_index);
+    sm->alloc_addr_and_port (nm->addr_pool, fib_index, thread_index, &k,
+			     sm->port_per_thread, worker_index);
 
   if (!rv)
     {
@@ -510,13 +527,16 @@ nat64_alloc_out_addr_and_port (u32 fib_index, snat_protocol_t proto,
   return rv;
 }
 
-void
-nat64_free_out_addr_and_port (ip4_address_t * addr, u16 port,
-			      snat_protocol_t proto, u32 thread_index)
+static void
+nat64_free_out_addr_and_port (struct nat64_db_s *db, ip4_address_t * addr,
+			      u16 port, u8 protocol)
 {
   nat64_main_t *nm = &nat64_main;
   int i;
   snat_address_t *a;
+  u32 thread_index = db - nm->db;
+  snat_protocol_t proto = ip_proto_to_snat_proto (protocol);
+  u16 port_host_byte_order = clib_net_to_host_u16 (port);
 
   for (i = 0; i < vec_len (nm->addr_pool); i++)
     {
@@ -528,7 +548,7 @@ nat64_free_out_addr_and_port (ip4_address_t * addr, u16 port,
 #define _(N, j, n, s) \
         case SNAT_PROTOCOL_##N: \
           ASSERT (clib_bitmap_get_no_check (a->busy_##n##_port_bitmap, \
-                  port) == 1); \
+                  port_host_byte_order) == 1); \
           clib_bitmap_set_no_check (a->busy_##n##_port_bitmap, port, 0); \
           a->busy_##n##_ports--; \
           a->busy_##n##_ports_per_thread[thread_index]--; \
@@ -536,7 +556,7 @@ nat64_free_out_addr_and_port (ip4_address_t * addr, u16 port,
 	  foreach_snat_protocol
 #undef _
 	default:
-	  clib_warning ("unknown protocol");
+	  nat_log_notice ("unknown protocol");
 	  return;
 	}
       break;
@@ -551,7 +571,7 @@ nat64_static_bib_worker_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
 			    vlib_frame_t * f)
 {
   nat64_main_t *nm = &nat64_main;
-  u32 thread_index = vlib_get_thread_index ();
+  u32 thread_index = vm->thread_index;
   nat64_db_t *db = &nm->db[thread_index];
   nat64_static_bib_to_update_t *static_bib;
   nat64_db_bib_entry_t *bibe;
@@ -691,10 +711,7 @@ nat64_add_del_static_bib_entry (ip6_address_t * in_addr,
 	return VNET_API_ERROR_NO_SUCH_ENTRY;
 
       if (!nm->sm->num_workers)
-	{
-	  nat64_free_out_addr_and_port (out_addr, out_port, p, thread_index);
-	  nat64_db_bib_entry_free (db, bibe);
-	}
+	nat64_db_bib_entry_free (db, bibe);
     }
 
   if (nm->sm->num_workers)
@@ -738,8 +755,6 @@ nat64_set_udp_timeout (u32 timeout)
 
   if (timeout == 0)
     nm->udp_timeout = SNAT_UDP_TIMEOUT;
-  else if (timeout < SNAT_UDP_TIMEOUT_MIN)
-    return VNET_API_ERROR_INVALID_VALUE;
   else
     nm->udp_timeout = timeout;
 
@@ -776,7 +791,7 @@ nat64_get_icmp_timeout (void)
 }
 
 int
-nat64_set_tcp_timeouts (u32 trans, u32 est, u32 incoming_syn)
+nat64_set_tcp_timeouts (u32 trans, u32 est)
 {
   nat64_main_t *nm = &nat64_main;
 
@@ -790,11 +805,6 @@ nat64_set_tcp_timeouts (u32 trans, u32 est, u32 incoming_syn)
   else
     nm->tcp_est_timeout = est;
 
-  if (incoming_syn == 0)
-    nm->tcp_incoming_syn_timeout = SNAT_TCP_INCOMING_SYN;
-  else
-    nm->tcp_incoming_syn_timeout = incoming_syn;
-
   return 0;
 }
 
@@ -814,14 +824,6 @@ nat64_get_tcp_est_timeout (void)
   return nm->tcp_est_timeout;
 }
 
-u32
-nat64_get_tcp_incoming_syn_timeout (void)
-{
-  nat64_main_t *nm = &nat64_main;
-
-  return nm->tcp_incoming_syn_timeout;
-}
-
 void
 nat64_session_reset_timeout (nat64_db_st_entry_t * ste, vlib_main_t * vm)
 {
@@ -1050,7 +1052,7 @@ nat64_compose_ip6 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index)
 	  ip6->as_u32[3] = ip4->as_u32;
 	  break;
 	default:
-	  clib_warning ("invalid prefix length");
+	  nat_log_notice ("invalid prefix length");
 	  break;
 	}
     }
@@ -1123,7 +1125,7 @@ nat64_extract_ip4 (ip6_address_t * ip6, ip4_address_t * ip4, u32 fib_index)
       ip4->as_u32 = ip6->as_u32[3];
       break;
     default:
-      clib_warning ("invalid prefix length");
+      nat_log_notice ("invalid prefix length");
       break;
     }
 }
@@ -1136,7 +1138,7 @@ nat64_expire_worker_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
 			     vlib_frame_t * f)
 {
   nat64_main_t *nm = &nat64_main;
-  u32 thread_index = vlib_get_thread_index ();
+  u32 thread_index = vm->thread_index;
   nat64_db_t *db = &nm->db[thread_index];
   u32 now = (u32) vlib_time_now (vm);
 
@@ -1156,6 +1158,8 @@ VLIB_REGISTER_NODE (nat64_expire_worker_walk_node, static) = {
 };
 /* *INDENT-ON* */
 
+static vlib_node_registration_t nat64_expire_walk_node;
+
 /**
  * @brief Centralized process to drive per worker expire walk.
  */
@@ -1163,8 +1167,12 @@ static uword
 nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
 		      vlib_frame_t * f)
 {
+  nat64_main_t *nm = &nat64_main;
   vlib_main_t **worker_vms = 0, *worker_vm;
   int i;
+  uword event_type, *event_data = 0;
+
+  nm->nat64_expire_walk_node_index = nat64_expire_walk_node.index;
 
   if (vec_len (vlib_mains) == 0)
     vec_add1 (worker_vms, vm);
@@ -1180,8 +1188,28 @@ nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
 
   while (1)
     {
-      vlib_process_wait_for_event_or_clock (vm, 10.0);
-      vlib_process_get_events (vm, NULL);
+      if (nm->total_enabled_count)
+	{
+	  vlib_process_wait_for_event_or_clock (vm, 10.0);
+	  event_type = vlib_process_get_events (vm, &event_data);
+	}
+      else
+	{
+	  vlib_process_wait_for_event (vm);
+	  event_type = vlib_process_get_events (vm, &event_data);
+	}
+
+      switch (event_type)
+	{
+	case ~0:
+	  break;
+	case NAT64_CLEANER_RESCHEDULE:
+	  break;
+	default:
+	  nat_log_notice ("unknown event %u", event_type);
+	  break;
+	}
+
       for (i = 0; i < vec_len (worker_vms); i++)
 	{
 	  worker_vm = worker_vms[i];
@@ -1193,8 +1221,6 @@ nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
   return 0;
 }
 
-static vlib_node_registration_t nat64_expire_walk_node;
-
 /* *INDENT-OFF* */
 VLIB_REGISTER_NODE (nat64_expire_walk_node, static) = {
     .function = nat64_expire_walk_fn,