From f840880c2fd8fbd6acfa79948224aafe6e4a62d1 Mon Sep 17 00:00:00 2001
From: Florin Coras <fcoras@cisco.com>
Date: Tue, 9 Nov 2021 18:29:03 -0800
Subject: [PATCH] ip nat: use ip rx sw_if_index in ip-local arc start

This also changes the behavior of the nat44-ei hairpinning feature.
Rather then enabling the feature on every nat interface, it is enabled
only on local0.

Type: improvement

Signed-off-by: Filip Varga <fivarga@cisco.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4e16a83c9e328aa75fc61df508b620ef743ca775
---
 src/plugins/nat/nat44-ei/nat44_ei.c | 38 ++++++++++++++++++++++++++++++-------
 src/vnet/ip/ip4_forward.c           |  5 ++---
 src/vnet/ip/ip6_forward.c           | 12 ++++++------
 3 files changed, 39 insertions(+), 16 deletions(-)

diff --git a/src/plugins/nat/nat44-ei/nat44_ei.c b/src/plugins/nat/nat44-ei/nat44_ei.c
index 10b04ce6d71..7692816a2ee 100644
--- a/src/plugins/nat/nat44-ei/nat44_ei.c
+++ b/src/plugins/nat/nat44-ei/nat44_ei.c
@@ -576,10 +576,34 @@ nat44_ei_get_interface (nat44_ei_interface_t *interfaces, u32 sw_if_index)
 }
 
 static_always_inline int
-nat44_ei_hairpinning_enable (u32 sw_if_index, u8 is_enable)
+nat44_ei_hairpinning_enable (u8 is_enable)
 {
-  return vnet_feature_enable_disable ("ip4-local", "nat44-ei-hairpinning",
-				      sw_if_index, is_enable, 0, 0);
+  nat44_ei_main_t *nm = &nat44_ei_main;
+  u32 sw_if_index = 0; // local0
+
+  if (is_enable)
+    {
+      nm->hairpin_reg += 1;
+      if (1 == nm->hairpin_reg)
+	{
+	  return vnet_feature_enable_disable (
+	    "ip4-local", "nat44-ei-hairpinning", sw_if_index, is_enable, 0, 0);
+	}
+    }
+  else
+    {
+      if (0 == nm->hairpin_reg)
+	return 1;
+
+      nm->hairpin_reg -= 1;
+      if (0 == nm->hairpin_reg)
+	{
+	  return vnet_feature_enable_disable (
+	    "ip4-local", "nat44-ei-hairpinning", sw_if_index, is_enable, 0, 0);
+	}
+    }
+
+  return 0;
 }
 
 int
@@ -648,7 +672,7 @@ nat44_ei_add_interface (u32 sw_if_index, u8 is_inside)
 	}
       if (!is_inside)
 	{
-	  rv = nat44_ei_hairpinning_enable (sw_if_index, 0);
+	  rv = nat44_ei_hairpinning_enable (0);
 	  if (rv)
 	    {
 	      return rv;
@@ -681,7 +705,7 @@ nat44_ei_add_interface (u32 sw_if_index, u8 is_inside)
 	}
       if (is_inside && !nm->out2in_dpo)
 	{
-	  rv = nat44_ei_hairpinning_enable (sw_if_index, 1);
+	  rv = nat44_ei_hairpinning_enable (1);
 	  if (rv)
 	    {
 	      return rv;
@@ -786,7 +810,7 @@ nat44_ei_del_interface (u32 sw_if_index, u8 is_inside)
 	}
       else
 	{
-	  rv = nat44_ei_hairpinning_enable (sw_if_index, 1);
+	  rv = nat44_ei_hairpinning_enable (1);
 	  if (rv)
 	    {
 	      return rv;
@@ -819,7 +843,7 @@ nat44_ei_del_interface (u32 sw_if_index, u8 is_inside)
 	}
       if (is_inside)
 	{
-	  rv = nat44_ei_hairpinning_enable (sw_if_index, 0);
+	  rv = nat44_ei_hairpinning_enable (0);
 	  if (rv)
 	    {
 	      return rv;
diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c
index 4d0638209e5..3c67bb3d4e7 100644
--- a/src/vnet/ip/ip4_forward.c
+++ b/src/vnet/ip/ip4_forward.c
@@ -1508,9 +1508,8 @@ ip4_local_set_next_and_error (vlib_node_runtime_t * error_node,
       next_index = *next;
       if (PREDICT_TRUE (error == (u8) IP4_ERROR_UNKNOWN_PROTOCOL))
 	{
-	  vnet_feature_arc_start (arc_index,
-				  vnet_buffer (b)->sw_if_index[VLIB_RX],
-				  &next_index, b);
+	  vnet_feature_arc_start (
+	    arc_index, vnet_buffer (b)->ip.rx_sw_if_index, &next_index, b);
 	  *next = next_index;
 	}
     }
diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c
index b876b6f2a78..5951de45908 100644
--- a/src/vnet/ip/ip6_forward.c
+++ b/src/vnet/ip/ip6_forward.c
@@ -1513,16 +1513,16 @@ ip6_local_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
 	    {
 	      u32 next32 = next[0];
 	      vnet_feature_arc_start (arc_index,
-				      vnet_buffer (b[0])->sw_if_index
-				      [VLIB_RX], &next32, b[0]);
+				      vnet_buffer (b[0])->ip.rx_sw_if_index,
+				      &next32, b[0]);
 	      next[0] = next32;
 	    }
 	  if (PREDICT_TRUE (ip6_unknown[1]))
 	    {
 	      u32 next32 = next[1];
 	      vnet_feature_arc_start (arc_index,
-				      vnet_buffer (b[1])->sw_if_index
-				      [VLIB_RX], &next32, b[1]);
+				      vnet_buffer (b[1])->ip.rx_sw_if_index,
+				      &next32, b[1]);
 	      next[1] = next32;
 	    }
 	}
@@ -1642,8 +1642,8 @@ ip6_local_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
 	    {
 	      u32 next32 = next[0];
 	      vnet_feature_arc_start (arc_index,
-				      vnet_buffer (b[0])->sw_if_index
-				      [VLIB_RX], &next32, b[0]);
+				      vnet_buffer (b[0])->ip.rx_sw_if_index,
+				      &next32, b[0]);
 	      next[0] = next32;
 	    }
 	}
-- 
2.16.6