* @brief NAT64 DB
*/
#include <nat/nat64_db.h>
+#include <nat/nat_ipfix_logging.h>
+#include <nat/nat_inlines.h>
+#include <nat/nat_syslog.h>
+#include <vnet/fib/fib_table.h>
int
-nat64_db_init (nat64_db_t * db, u32 bib_buckets, u32 bib_memory_size,
- u32 st_buckets, u32 st_memory_size)
+nat64_db_init (nat64_db_t * db, u32 bib_buckets, uword bib_memory_size,
+ u32 st_buckets, uword st_memory_size,
+ nat64_db_free_addr_port_function_t free_addr_port_cb)
{
clib_bihash_init_24_8 (&db->bib.in2out, "bib-in2out", bib_buckets,
bib_memory_size);
clib_bihash_init_48_8 (&db->st.out2in, "st-out2in", st_buckets,
st_memory_size);
+ db->free_addr_port_cb = free_addr_port_cb;
+ db->bib.limit = 10 * bib_buckets;
+ db->bib.bib_entries_num = 0;
+ db->st.limit = 10 * st_buckets;
+ db->st.st_entries_num = 0;
+ db->addr_free = 0;
+
return 0;
}
nat64_db_bib_entry_t *
-nat64_db_bib_entry_create (nat64_db_t * db, ip6_address_t * in_addr,
+nat64_db_bib_entry_create (u32 thread_index, nat64_db_t * db,
+ ip6_address_t * in_addr,
ip4_address_t * out_addr, u16 in_port,
u16 out_port, u32 fib_index, u8 proto,
u8 is_static)
nat64_db_bib_entry_t *bibe;
nat64_db_bib_entry_key_t bibe_key;
clib_bihash_kv_24_8_t kv;
+ fib_table_t *fib;
+
+ if (db->bib.bib_entries_num >= db->bib.limit)
+ {
+ db->free_addr_port_cb (db, out_addr, out_port, proto);
+ nat_ipfix_logging_max_bibs (thread_index, db->bib.limit);
+ return 0;
+ }
/* create pool entry */
switch (ip_proto_to_snat_proto (proto))
kv.value = bibe - db->bib._unk_proto_bib;
break;
}
- memset (bibe, 0, sizeof (*bibe));
+
+ db->bib.bib_entries_num++;
+
+ clib_memset (bibe, 0, sizeof (*bibe));
bibe->in_addr.as_u64[0] = in_addr->as_u64[0];
bibe->in_addr.as_u64[1] = in_addr->as_u64[1];
bibe->in_port = in_port;
kv.key[2] = bibe_key.as_u64[2];
clib_bihash_add_del_24_8 (&db->bib.in2out, &kv, 1);
- memset (&bibe_key.addr, 0, sizeof (bibe_key.addr));
+ clib_memset (&bibe_key.addr, 0, sizeof (bibe_key.addr));
bibe_key.addr.ip4.as_u32 = bibe->out_addr.as_u32;
bibe_key.fib_index = 0;
bibe_key.port = bibe->out_port;
kv.key[2] = bibe_key.as_u64[2];
clib_bihash_add_del_24_8 (&db->bib.out2in, &kv, 1);
+ fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
+ nat_ipfix_logging_nat64_bib (thread_index, in_addr, out_addr, proto,
+ in_port, out_port, fib->ft_table_id, 1);
return bibe;
}
void
-nat64_db_bib_entry_free (nat64_db_t * db, nat64_db_bib_entry_t * bibe)
+nat64_db_bib_entry_free (u32 thread_index, nat64_db_t * db,
+ nat64_db_bib_entry_t * bibe)
{
nat64_db_bib_entry_key_t bibe_key;
clib_bihash_kv_24_8_t kv;
nat64_db_bib_entry_t *bib;
u32 *ste_to_be_free = 0, *ste_index, bibe_index;
nat64_db_st_entry_t *st, *ste;
+ fib_table_t *fib;
switch (ip_proto_to_snat_proto (bibe->proto))
{
break;
}
+ db->bib.bib_entries_num--;
+
bibe_index = bibe - bib;
/* delete ST entries for static BIB entry */
vec_add1 (ste_to_be_free, ste - st);}
));
vec_foreach (ste_index, ste_to_be_free)
- nat64_db_st_entry_free (db, pool_elt_at_index (st, ste_index[0]));
+ nat64_db_st_entry_free (thread_index, db,
+ pool_elt_at_index (st, ste_index[0]));
vec_free (ste_to_be_free);
}
kv.key[2] = bibe_key.as_u64[2];
clib_bihash_add_del_24_8 (&db->bib.in2out, &kv, 0);
- memset (&bibe_key.addr, 0, sizeof (bibe_key.addr));
+ clib_memset (&bibe_key.addr, 0, sizeof (bibe_key.addr));
bibe_key.addr.ip4.as_u32 = bibe->out_addr.as_u32;
bibe_key.fib_index = 0;
bibe_key.port = bibe->out_port;
kv.key[2] = bibe_key.as_u64[2];
clib_bihash_add_del_24_8 (&db->bib.out2in, &kv, 0);
+ if (!db->addr_free)
+ db->free_addr_port_cb (db, &bibe->out_addr, bibe->out_port, bibe->proto);
+
+ fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
+ nat_ipfix_logging_nat64_bib (thread_index, &bibe->in_addr, &bibe->out_addr,
+ bibe->proto, bibe->in_port, bibe->out_port,
+ fib->ft_table_id, 0);
+
/* delete from pool */
pool_put (bib, bibe);
}
nat64_db_st_entry_t *
-nat64_db_st_entry_create (nat64_db_t * db, nat64_db_bib_entry_t * bibe,
+nat64_db_st_entry_create (u32 thread_index, nat64_db_t * db,
+ nat64_db_bib_entry_t * bibe,
ip6_address_t * in_r_addr,
ip4_address_t * out_r_addr, u16 r_port)
{
nat64_db_bib_entry_t *bib;
nat64_db_st_entry_key_t ste_key;
clib_bihash_kv_48_8_t kv;
+ fib_table_t *fib;
+
+ if (db->st.st_entries_num >= db->st.limit)
+ {
+ nat_ipfix_logging_max_sessions (thread_index, db->st.limit);
+ return 0;
+ }
/* create pool entry */
switch (ip_proto_to_snat_proto (bibe->proto))
bib = db->bib._unk_proto_bib;
break;
}
- memset (ste, 0, sizeof (*ste));
+
+ db->st.st_entries_num++;
+
+ clib_memset (ste, 0, sizeof (*ste));
ste->in_r_addr.as_u64[0] = in_r_addr->as_u64[0];
ste->in_r_addr.as_u64[1] = in_r_addr->as_u64[1];
ste->out_r_addr.as_u32 = out_r_addr->as_u32;
bibe->ses_num++;
/* create hash lookup */
- memset (&ste_key, 0, sizeof (ste_key));
+ clib_memset (&ste_key, 0, sizeof (ste_key));
ste_key.l_addr.as_u64[0] = bibe->in_addr.as_u64[0];
ste_key.l_addr.as_u64[1] = bibe->in_addr.as_u64[1];
ste_key.r_addr.as_u64[0] = ste->in_r_addr.as_u64[0];
kv.key[5] = ste_key.as_u64[5];
clib_bihash_add_del_48_8 (&db->st.in2out, &kv, 1);
- memset (&ste_key, 0, sizeof (ste_key));
+ clib_memset (&ste_key, 0, sizeof (ste_key));
ste_key.l_addr.ip4.as_u32 = bibe->out_addr.as_u32;
ste_key.r_addr.ip4.as_u32 = ste->out_r_addr.as_u32;
ste_key.l_port = bibe->out_port;
kv.key[5] = ste_key.as_u64[5];
clib_bihash_add_del_48_8 (&db->st.out2in, &kv, 1);
+ fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
+ nat_ipfix_logging_nat64_session (thread_index, &bibe->in_addr,
+ &bibe->out_addr, bibe->proto,
+ bibe->in_port, bibe->out_port,
+ &ste->in_r_addr, &ste->out_r_addr,
+ ste->r_port, ste->r_port, fib->ft_table_id,
+ 1);
+ nat_syslog_nat64_sadd (bibe->fib_index, &bibe->in_addr, bibe->in_port,
+ &bibe->out_addr, bibe->out_port, &ste->out_r_addr,
+ ste->r_port, bibe->proto);
return ste;
}
void
-nat64_db_st_entry_free (nat64_db_t * db, nat64_db_st_entry_t * ste)
+nat64_db_st_entry_free (u32 thread_index,
+ nat64_db_t * db, nat64_db_st_entry_t * ste)
{
nat64_db_st_entry_t *st;
nat64_db_bib_entry_t *bib, *bibe;
nat64_db_st_entry_key_t ste_key;
clib_bihash_kv_48_8_t kv;
+ fib_table_t *fib;
switch (ip_proto_to_snat_proto (ste->proto))
{
bibe = pool_elt_at_index (bib, ste->bibe_index);
+ db->st.st_entries_num--;
+
/* delete hash lookup */
- memset (&ste_key, 0, sizeof (ste_key));
+ clib_memset (&ste_key, 0, sizeof (ste_key));
ste_key.l_addr.as_u64[0] = bibe->in_addr.as_u64[0];
ste_key.l_addr.as_u64[1] = bibe->in_addr.as_u64[1];
ste_key.r_addr.as_u64[0] = ste->in_r_addr.as_u64[0];
kv.key[5] = ste_key.as_u64[5];
clib_bihash_add_del_48_8 (&db->st.in2out, &kv, 0);
- memset (&ste_key, 0, sizeof (ste_key));
+ clib_memset (&ste_key, 0, sizeof (ste_key));
ste_key.l_addr.ip4.as_u32 = bibe->out_addr.as_u32;
ste_key.r_addr.ip4.as_u32 = ste->out_r_addr.as_u32;
ste_key.l_port = bibe->out_port;
kv.key[5] = ste_key.as_u64[5];
clib_bihash_add_del_48_8 (&db->st.out2in, &kv, 0);
+ fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
+ nat_ipfix_logging_nat64_session (thread_index, &bibe->in_addr,
+ &bibe->out_addr, bibe->proto,
+ bibe->in_port, bibe->out_port,
+ &ste->in_r_addr, &ste->out_r_addr,
+ ste->r_port, ste->r_port, fib->ft_table_id,
+ 0);
+ nat_syslog_nat64_sdel (bibe->fib_index, &bibe->in_addr, bibe->in_port,
+ &bibe->out_addr, bibe->out_port, &ste->out_r_addr,
+ ste->r_port, bibe->proto);
+
/* delete from pool */
pool_put (st, ste);
/* delete BIB entry if last session and dynamic */
if (!bibe->is_static && !bibe->ses_num)
- nat64_db_bib_entry_free (db, bibe);
+ nat64_db_bib_entry_free (thread_index, db, bibe);
}
nat64_db_st_entry_t *
break;
}
- memset (&ste_key, 0, sizeof (ste_key));
+ clib_memset (&ste_key, 0, sizeof (ste_key));
ste_key.l_addr.as_u64[0] = l_addr->as_u64[0];
ste_key.l_addr.as_u64[1] = l_addr->as_u64[1];
ste_key.r_addr.as_u64[0] = r_addr->as_u64[0];
}
void
-nad64_db_st_free_expired (nat64_db_t * db, u32 now)
+nad64_db_st_free_expired (u32 thread_index, nat64_db_t * db, u32 now)
{
u32 *ste_to_be_free = 0, *ste_index;
nat64_db_st_entry_t *st, *ste;
vec_add1 (ste_to_be_free, ste - st); \
})); \
vec_foreach (ste_index, ste_to_be_free) \
- nat64_db_st_entry_free (db, pool_elt_at_index(st, ste_index[0])); \
+ nat64_db_st_entry_free (thread_index, db, \
+ pool_elt_at_index(st, ste_index[0])); \
vec_free (ste_to_be_free); \
ste_to_be_free = 0;
foreach_snat_protocol
vec_add1 (ste_to_be_free, ste - st);
}));
vec_foreach (ste_index, ste_to_be_free)
- nat64_db_st_entry_free (db, pool_elt_at_index(st, ste_index[0]));
+ nat64_db_st_entry_free (thread_index, db,
+ pool_elt_at_index(st, ste_index[0]));
vec_free (ste_to_be_free);
/* *INDENT-ON* */
}
void
-nat64_db_free_out_addr (nat64_db_t * db, ip4_address_t * out_addr)
+nat64_db_free_out_addr (u32 thread_index,
+ nat64_db_t * db, ip4_address_t * out_addr)
{
u32 *ste_to_be_free = 0, *ste_index;
nat64_db_st_entry_t *st, *ste;
nat64_db_bib_entry_t *bibe;
+ db->addr_free = 1;
/* *INDENT-OFF* */
#define _(N, i, n, s) \
st = db->st._##n##_st; \
vec_add1 (ste_to_be_free, ste - st); \
})); \
vec_foreach (ste_index, ste_to_be_free) \
- nat64_db_st_entry_free (db, pool_elt_at_index(st, ste_index[0])); \
+ nat64_db_st_entry_free (thread_index, db, \
+ pool_elt_at_index(st, ste_index[0])); \
vec_free (ste_to_be_free); \
ste_to_be_free = 0;
foreach_snat_protocol
vec_add1 (ste_to_be_free, ste - st);
}));
vec_foreach (ste_index, ste_to_be_free)
- nat64_db_st_entry_free (db, pool_elt_at_index(st, ste_index[0]));
+ nat64_db_st_entry_free (thread_index, db,
+ pool_elt_at_index(st, ste_index[0]));
vec_free (ste_to_be_free);
+ db->addr_free = 0;
/* *INDENT-ON* */
}
Code Review / vpp.git / blobdiff