src/plugins/nat/nat44/inlines.h

   1 /*
   2  * Copyright (c) 2020 Cisco and/or its affiliates.
   3  * Licensed under the Apache License, Version 2.0 (the "License");
   4  * you may not use this file except in compliance with the License.
   5  * You may obtain a copy of the License at:
   6  *
   7  *     http://www.apache.org/licenses/LICENSE-2.0
   8  *
   9  * Unless required by applicable law or agreed to in writing, software
  10  * distributed under the License is distributed on an "AS IS" BASIS,
  11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12  * See the License for the specific language governing permissions and
  13  * limitations under the License.
  14  */
  15 /**
  16  * @brief The NAT44 inline functions
  17  */
  18
  19 #ifndef included_nat44_inlines_h__
  20 #define included_nat44_inlines_h__
  21
  22 #include <vnet/fib/ip4_fib.h>
  23 #include <nat/nat.h>
  24
  25 static_always_inline u8
  26 nat44_maximum_sessions_exceeded (snat_main_t * sm, u32 thread_index)
  27 {
  28   if (pool_elts (sm->per_thread_data[thread_index].sessions) >=
  29       sm->max_translations)
  30     return 1;
  31   return 0;
  32 }
  33
  34 static_always_inline f64
  35 nat44_minimal_timeout (snat_main_t * sm)
  36 {
  37   f64 min_timeout;
  38
  39   min_timeout = clib_min (sm->udp_timeout, sm->icmp_timeout);
  40   min_timeout = clib_min (min_timeout, sm->icmp_timeout);
  41   min_timeout = clib_min (min_timeout, sm->tcp_transitory_timeout);
  42   min_timeout = clib_min (min_timeout, sm->tcp_established_timeout);
  43
  44   return min_timeout;
  45 }
  46
  47 static_always_inline snat_session_t *
  48 nat44_session_reuse_old (snat_main_t * sm, snat_user_t * u,
  49                          snat_session_t * s, u32 thread_index, f64 now)
  50 {
  51   nat44_free_session_data (sm, s, thread_index, 0);
  52   if (snat_is_session_static (s))
  53     u->nstaticsessions--;
  54   else
  55     u->nsessions--;
  56   s->flags = 0;
  57   s->total_bytes = 0;
  58   s->total_pkts = 0;
  59   s->state = 0;
  60   s->ext_host_addr.as_u32 = 0;
  61   s->ext_host_port = 0;
  62   s->ext_host_nat_addr.as_u32 = 0;
  63   s->ext_host_nat_port = 0;
  64   s->tcp_close_timestamp = 0;
  65   s->ha_last_refreshed = now;
  66   return s;
  67 }
  68
  69
  70 static_always_inline snat_session_t *
  71 nat44_session_alloc_new (snat_main_per_thread_data_t * tsm, snat_user_t * u,
  72                          f64 now)
  73 {
  74   snat_session_t *s;
  75   dlist_elt_t *per_user_translation_list_elt;
  76
  77   pool_get (tsm->sessions, s);
  78   clib_memset (s, 0, sizeof (*s));
  79   /* Create list elts */
  80   pool_get (tsm->list_pool, per_user_translation_list_elt);
  81   clib_dlist_init (tsm->list_pool,
  82                    per_user_translation_list_elt - tsm->list_pool);
  83
  84   per_user_translation_list_elt->value = s - tsm->sessions;
  85   s->per_user_index = per_user_translation_list_elt - tsm->list_pool;
  86   s->per_user_list_head_index = u->sessions_per_user_list_head_index;
  87
  88   clib_dlist_addtail (tsm->list_pool,
  89                       s->per_user_list_head_index,
  90                       per_user_translation_list_elt - tsm->list_pool);
  91
  92   dlist_elt_t *lru_list_elt;
  93   pool_get (tsm->global_lru_pool, lru_list_elt);
  94   s->global_lru_index = lru_list_elt - tsm->global_lru_pool;
  95   clib_dlist_addtail (tsm->global_lru_pool, tsm->global_lru_head_index,
  96                       s->global_lru_index);
  97   lru_list_elt->value = s - tsm->sessions;
  98   s->last_lru_update = now;
  99
 100   s->ha_last_refreshed = now;
 101   return s;
 102 }
 103
 104 static_always_inline void
 105 nat44_user_del_sessions (snat_user_t * u, u32 thread_index)
 106 {
 107   dlist_elt_t *elt;
 108   snat_session_t *s;
 109
 110   snat_main_t *sm = &snat_main;
 111   snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
 112
 113   // get head
 114   elt = pool_elt_at_index (tsm->list_pool,
 115                            u->sessions_per_user_list_head_index);
 116   // get first element
 117   elt = pool_elt_at_index (tsm->list_pool, elt->next);
 118
 119   while (elt->value != ~0)
 120     {
 121       s = pool_elt_at_index (tsm->sessions, elt->value);
 122       elt = pool_elt_at_index (tsm->list_pool, elt->next);
 123
 124       nat44_free_session_data (sm, s, thread_index, 0);
 125       // TODO: needs refactoring as in nat44_user_session_cleanup
 126       nat44_delete_session (sm, s, thread_index);
 127     }
 128 }
 129
 130 static_always_inline int
 131 nat44_user_del (ip4_address_t * addr, u32 fib_index)
 132 {
 133   int rv = 1;
 134
 135   snat_main_t *sm = &snat_main;
 136   snat_main_per_thread_data_t *tsm;
 137
 138   snat_user_key_t user_key;
 139   clib_bihash_kv_8_8_t kv, value;
 140
 141   user_key.addr.as_u32 = addr->as_u32;
 142   user_key.fib_index = fib_index;
 143   kv.key = user_key.as_u64;
 144
 145   if (sm->num_workers > 1)
 146     {
 147       /* *INDENT-OFF* */
 148       vec_foreach (tsm, sm->per_thread_data)
 149         {
 150           if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value))
 151             {
 152               nat44_user_del_sessions (
 153                   pool_elt_at_index (tsm->users, value.value),
 154                   tsm->thread_index);
 155               rv = 0;
 156               break;
 157             }
 158         }
 159       /* *INDENT-ON* */
 160     }
 161   else
 162     {
 163       tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
 164       if (!clib_bihash_search_8_8 (&tsm->user_hash, &kv, &value))
 165         {
 166           nat44_user_del_sessions (pool_elt_at_index
 167                                    (tsm->users, value.value),
 168                                    tsm->thread_index);
 169           rv = 0;
 170         }
 171     }
 172   return rv;
 173 }
 174
 175 static_always_inline u32
 176 nat44_user_session_cleanup (snat_user_t * u, u32 thread_index, f64 now)
 177 {
 178   u32 cleared = 0;
 179   dlist_elt_t *elt;
 180   snat_session_t *s;
 181   u64 sess_timeout_time;
 182
 183   snat_main_t *sm = &snat_main;
 184   snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
 185
 186   if (now < u->min_session_timeout)
 187     goto done;
 188   u->min_session_timeout = now + sm->min_timeout;
 189
 190   // get head
 191   elt = pool_elt_at_index (tsm->list_pool,
 192                            u->sessions_per_user_list_head_index);
 193   // get first element
 194   elt = pool_elt_at_index (tsm->list_pool, elt->next);
 195
 196   while (elt->value != ~0)
 197     {
 198       s = pool_elt_at_index (tsm->sessions, elt->value);
 199       elt = pool_elt_at_index (tsm->list_pool, elt->next);
 200
 201       sess_timeout_time = s->last_heard +
 202         (f64) nat44_session_get_timeout (sm, s);
 203
 204       if (s->tcp_close_timestamp)
 205         {
 206           sess_timeout_time =
 207             clib_min (sess_timeout_time, s->tcp_close_timestamp);
 208         }
 209
 210       if (now < sess_timeout_time)
 211         continue;
 212
 213       // do cleanup of this call (refactor for ED NAT44 only)
 214       nat44_free_session_data (sm, s, thread_index, 0);
 215
 216       clib_dlist_remove (tsm->list_pool, s->per_user_index);
 217       pool_put_index (tsm->list_pool, s->per_user_index);
 218       clib_dlist_remove (tsm->global_lru_pool, s->global_lru_index);
 219       pool_put_index (tsm->global_lru_pool, s->global_lru_index);
 220       pool_put (tsm->sessions, s);
 221       vlib_set_simple_counter (&sm->total_sessions, thread_index, 0,
 222                                pool_elts (tsm->sessions));
 223
 224       if (snat_is_session_static (s))
 225         u->nstaticsessions--;
 226       else
 227         u->nsessions--;
 228
 229       cleared++;
 230     }
 231 done:
 232   return cleared;
 233 }
 234
 235 static_always_inline u32
 236 nat44_users_cleanup (u32 thread_index, f64 now)
 237 {
 238   snat_main_t *sm = &snat_main;
 239   snat_main_per_thread_data_t *tsm;
 240
 241   u32 cleared = 0;
 242
 243   snat_user_key_t u_key;
 244   clib_bihash_kv_8_8_t kv;
 245
 246   snat_user_t *u = 0;
 247   u32 pool_index;
 248
 249   tsm = vec_elt_at_index (sm->per_thread_data, thread_index);
 250
 251   if (now < tsm->min_session_timeout)
 252     goto done;
 253   tsm->min_session_timeout = now + sm->min_timeout;
 254   // consider
 255   tsm->cleanup_timeout = tsm->min_session_timeout;
 256
 257   pool_index = ~0;
 258   do
 259     {
 260       pool_index = pool_next_index (tsm->users, pool_index);
 261       if (pool_index == ~0)
 262         break;
 263       u = pool_elt_at_index (tsm->users, pool_index);
 264
 265       cleared += nat44_user_session_cleanup (u, thread_index, now);
 266
 267       if (u->nstaticsessions == 0 && u->nsessions == 0)
 268         {
 269           u_key.addr.as_u32 = u->addr.as_u32;
 270           u_key.fib_index = u->fib_index;
 271           kv.key = u_key.as_u64;
 272
 273           // delete user
 274           pool_put_index (tsm->list_pool,
 275                           u->sessions_per_user_list_head_index);
 276           pool_put (tsm->users, u);
 277           clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 0);
 278
 279           // update total users counter
 280           vlib_set_simple_counter (&sm->total_users, thread_index, 0,
 281                                    pool_elts (tsm->users));
 282         }
 283     }
 284   while (1);
 285   tsm->cleared += cleared;
 286   tsm->cleanup_runs++;
 287 done:
 288   return cleared;
 289 }
 290
 291 static_always_inline u32
 292 nat44_out_of_ports_cleanup (u32 thread_index, f64 now)
 293 {
 294   return nat44_users_cleanup (thread_index, now);
 295 }
 296
 297 static_always_inline u32
 298 nat44_max_translations_per_user_cleanup (snat_user_t * u, u32 thread_index,
 299                                          f64 now)
 300 {
 301   return nat44_user_session_cleanup (u, thread_index, now);
 302 }
 303
 304 static_always_inline u32
 305 nat44_force_users_cleanup (void)
 306 {
 307   snat_main_t *sm = &snat_main;
 308   snat_main_per_thread_data_t *tsm;
 309
 310   f64 now = vlib_time_now (vlib_get_main ());
 311   u32 cleared = 0;
 312
 313   if (sm->num_workers > 1)
 314     {
 315       /* *INDENT-OFF* */
 316       vec_foreach (tsm, sm->per_thread_data)
 317         {
 318           cleared += nat44_users_cleanup (tsm->thread_index, now);
 319         }
 320       /* *INDENT-ON* */
 321     }
 322   else
 323     {
 324       tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
 325       cleared += nat44_users_cleanup (tsm->thread_index, now);
 326     }
 327   return cleared;
 328 }
 329
 330 #endif /* included_nat44_inlines_h__ */
 331
 332 /*
 333  * fd.io coding-style-patch-verification: ON
 334  *
 335  * Local Variables:
 336  * eval: (c-set-style "gnu")
 337  * End:
 338  */