nat: scavenging functionality removed

Type: refactor

Change-Id: I9f743ba2818e1b1c5004c3575925cc7b479948d8
Signed-off-by: Filip Varga <fivarga@cisco.com>

diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 807a716..a70369a 100644 (file)
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -309,18 +309,12 @@ slow_path_ed (snat_main_t * sm,
   };
   nat44_is_idle_session_ctx_t ctx;
 
-  u32 cleared = 0;
-
   if (PREDICT_FALSE (nat44_maximum_sessions_exceeded (sm, thread_index)))
     {
-      if (PREDICT_FALSE
-         (!(cleared = nat44_users_cleanup (thread_index, now))))
-       {
-         b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED];
-         nat_ipfix_logging_max_sessions (thread_index, sm->max_translations);
-         nat_elog_notice ("maximum sessions exceeded");
-         return NAT_NEXT_DROP;
-       }
+      b->error = node->errors[NAT_IN2OUT_ED_ERROR_MAX_SESSIONS_EXCEEDED];
+      nat_ipfix_logging_max_sessions (thread_index, sm->max_translations);
+      nat_elog_notice ("maximum sessions exceeded");
+      return NAT_NEXT_DROP;
     }
 
   key0.addr = key->l_addr;
@@ -339,16 +333,9 @@ slow_path_ed (snat_main_t * sm,
                                      sm->port_per_thread,
                                      tsm->snat_thread_index))
        {
-         if (cleared || !nat44_out_of_ports_cleanup (thread_index, now) ||
-             nat_alloc_addr_and_port_ed (sm->addresses, rx_fib_index,
-                                         thread_index, key, &key1,
-                                         sm->port_per_thread,
-                                         tsm->snat_thread_index))
-           {
-             nat_elog_notice ("addresses exhausted");
-             b->error = node->errors[NAT_IN2OUT_ED_ERROR_OUT_OF_PORTS];
-             return NAT_NEXT_DROP;
-           }
+         nat_elog_notice ("addresses exhausted");
+         b->error = node->errors[NAT_IN2OUT_ED_ERROR_OUT_OF_PORTS];
+         return NAT_NEXT_DROP;
        }
     }
   else

diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index 8e20df4..8ba276b 100755 (executable)
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -495,8 +495,6 @@ nat_user_get_or_create (snat_main_t * sm, ip4_address_t * addr, u32 fib_index,
       pool_get (tsm->users, u);
       clib_memset (u, 0, sizeof (*u));
 
-      u->min_session_timeout = 0;
-
       u->addr.as_u32 = addr->as_u32;
       u->fib_index = fib_index;
 
@@ -630,9 +628,6 @@ nat_ed_session_alloc (snat_main_t * sm, snat_user_t * u, u32 thread_index,
   if (PREDICT_FALSE
       ((u->nsessions + u->nstaticsessions) >= sm->max_translations_per_user))
     {
-      if (nat44_max_translations_per_user_cleanup (u, thread_index, now))
-       goto alloc_new;
-
       nat_elog_addr (SNAT_LOG_WARNING, "[warn] max translations per user",
                     clib_net_to_host_u32 (u->addr.as_u32));
       snat_ipfix_logging_max_entries_per_user (thread_index,
@@ -4025,8 +4020,6 @@ snat_config (vlib_main_t * vm, unformat_input_t * input)
   sm->tcp_established_timeout = tcp_established_timeout;
   sm->icmp_timeout = icmp_timeout;
 
-  sm->min_timeout = nat44_minimal_timeout (sm);
-
   sm->user_buckets = user_buckets;
   sm->user_memory_size = user_memory_size;
 
@@ -4107,12 +4100,6 @@ snat_config (vlib_main_t * vm, unformat_input_t * input)
           /* *INDENT-OFF* */
           vec_foreach (tsm, sm->per_thread_data)
             {
-             tsm->min_session_timeout = 0;
-
-              tsm->cleared = 0;
-              tsm->cleanup_runs = 0;
-              tsm->cleanup_timeout = 0;
-
               pool_alloc (tsm->sessions, sm->max_translations);
               pool_alloc (tsm->list_pool, sm->max_translations);
               pool_alloc (tsm->global_lru_pool, sm->max_translations);

diff --git a/src/plugins/nat/nat.h b/src/plugins/nat/nat.h
index 187e351..46f8b44 100644 (file)
--- a/src/plugins/nat/nat.h
+++ b/src/plugins/nat/nat.h
@@ -361,8 +361,6 @@ typedef struct
   u32 sessions_per_user_list_head_index;
   u32 nsessions;
   u32 nstaticsessions;
-  /* discovered minimum session timeout time */
-  u64 min_session_timeout;
 } snat_user_t;
 
 typedef struct
@@ -535,14 +533,6 @@ typedef struct
   /* real thread index */
   u32 thread_index;
 
-  /* discovered minimum session timeout time */
-  u64 min_session_timeout;
-
-  /* session scavenging */
-  u32 cleared;
-  u32 cleanup_runs;
-  f64 cleanup_timeout;
-
 } snat_main_per_thread_data_t;
 
 struct snat_main_s;
@@ -722,9 +712,6 @@ typedef struct snat_main_s
   u32 inside_fib_index;
 
   /* values of various timeouts */
-
-  // min timeout of all proto timeouts
-  u32 min_timeout;
   // proto timeouts
   u32 udp_timeout;
   u32 tcp_transitory_timeout;

diff --git a/src/plugins/nat/nat44/inlines.h b/src/plugins/nat/nat44/inlines.h
index 631c4cd..541770a 100644 (file)
--- a/src/plugins/nat/nat44/inlines.h
+++ b/src/plugins/nat/nat44/inlines.h
@@ -31,19 +31,6 @@ nat44_maximum_sessions_exceeded (snat_main_t * sm, u32 thread_index)
   return 0;
 }
 
-static_always_inline f64
-nat44_minimal_timeout (snat_main_t * sm)
-{
-  f64 min_timeout;
-
-  min_timeout = clib_min (sm->udp_timeout, sm->icmp_timeout);
-  min_timeout = clib_min (min_timeout, sm->icmp_timeout);
-  min_timeout = clib_min (min_timeout, sm->tcp_transitory_timeout);
-  min_timeout = clib_min (min_timeout, sm->tcp_established_timeout);
-
-  return min_timeout;
-}
-
 static_always_inline snat_session_t *
 nat44_session_reuse_old (snat_main_t * sm, snat_user_t * u,
                         snat_session_t * s, u32 thread_index, f64 now)
@@ -66,7 +53,6 @@ nat44_session_reuse_old (snat_main_t * sm, snat_user_t * u,
   return s;
 }
 
-
 static_always_inline snat_session_t *
 nat44_session_alloc_new (snat_main_per_thread_data_t * tsm, snat_user_t * u,
                         f64 now)
@@ -122,7 +108,6 @@ nat44_user_del_sessions (snat_user_t * u, u32 thread_index)
       elt = pool_elt_at_index (tsm->list_pool, elt->next);
 
       nat44_free_session_data (sm, s, thread_index, 0);
-      // TODO: needs refactoring as in nat44_user_session_cleanup
       nat44_delete_session (sm, s, thread_index);
     }
 }
@@ -172,161 +157,6 @@ nat44_user_del (ip4_address_t * addr, u32 fib_index)
   return rv;
 }
 
-static_always_inline u32
-nat44_user_session_cleanup (snat_user_t * u, u32 thread_index, f64 now)
-{
-  u32 cleared = 0;
-  dlist_elt_t *elt;
-  snat_session_t *s;
-  u64 sess_timeout_time;
-
-  snat_main_t *sm = &snat_main;
-  snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index];
-
-  if (now < u->min_session_timeout)
-    goto done;
-  u->min_session_timeout = now + sm->min_timeout;
-
-  // get head
-  elt = pool_elt_at_index (tsm->list_pool,
-                          u->sessions_per_user_list_head_index);
-  // get first element
-  elt = pool_elt_at_index (tsm->list_pool, elt->next);
-
-  while (elt->value != ~0)
-    {
-      s = pool_elt_at_index (tsm->sessions, elt->value);
-      elt = pool_elt_at_index (tsm->list_pool, elt->next);
-
-      sess_timeout_time = s->last_heard +
-       (f64) nat44_session_get_timeout (sm, s);
-
-      if (s->tcp_close_timestamp)
-       {
-         sess_timeout_time =
-           clib_min (sess_timeout_time, s->tcp_close_timestamp);
-       }
-
-      if (now < sess_timeout_time)
-       continue;
-
-      // do cleanup of this call (refactor for ED NAT44 only)
-      nat44_free_session_data (sm, s, thread_index, 0);
-
-      clib_dlist_remove (tsm->list_pool, s->per_user_index);
-      pool_put_index (tsm->list_pool, s->per_user_index);
-      clib_dlist_remove (tsm->global_lru_pool, s->global_lru_index);
-      pool_put_index (tsm->global_lru_pool, s->global_lru_index);
-      pool_put (tsm->sessions, s);
-      vlib_set_simple_counter (&sm->total_sessions, thread_index, 0,
-                              pool_elts (tsm->sessions));
-
-      if (snat_is_session_static (s))
-       u->nstaticsessions--;
-      else
-       u->nsessions--;
-
-      cleared++;
-    }
-done:
-  return cleared;
-}
-
-static_always_inline u32
-nat44_users_cleanup (u32 thread_index, f64 now)
-{
-  snat_main_t *sm = &snat_main;
-  snat_main_per_thread_data_t *tsm;
-
-  u32 cleared = 0;
-
-  snat_user_key_t u_key;
-  clib_bihash_kv_8_8_t kv;
-
-  snat_user_t *u = 0;
-  u32 pool_index;
-
-  tsm = vec_elt_at_index (sm->per_thread_data, thread_index);
-
-  if (now < tsm->min_session_timeout)
-    goto done;
-  tsm->min_session_timeout = now + sm->min_timeout;
-  // consider
-  tsm->cleanup_timeout = tsm->min_session_timeout;
-
-  pool_index = ~0;
-  do
-    {
-      pool_index = pool_next_index (tsm->users, pool_index);
-      if (pool_index == ~0)
-       break;
-      u = pool_elt_at_index (tsm->users, pool_index);
-
-      cleared += nat44_user_session_cleanup (u, thread_index, now);
-
-      if (u->nstaticsessions == 0 && u->nsessions == 0)
-       {
-         u_key.addr.as_u32 = u->addr.as_u32;
-         u_key.fib_index = u->fib_index;
-         kv.key = u_key.as_u64;
-
-         // delete user
-         pool_put_index (tsm->list_pool,
-                         u->sessions_per_user_list_head_index);
-         pool_put (tsm->users, u);
-         clib_bihash_add_del_8_8 (&tsm->user_hash, &kv, 0);
-
-         // update total users counter
-         vlib_set_simple_counter (&sm->total_users, thread_index, 0,
-                                  pool_elts (tsm->users));
-       }
-    }
-  while (1);
-  tsm->cleared += cleared;
-  tsm->cleanup_runs++;
-done:
-  return cleared;
-}
-
-static_always_inline u32
-nat44_out_of_ports_cleanup (u32 thread_index, f64 now)
-{
-  return nat44_users_cleanup (thread_index, now);
-}
-
-static_always_inline u32
-nat44_max_translations_per_user_cleanup (snat_user_t * u, u32 thread_index,
-                                        f64 now)
-{
-  return nat44_user_session_cleanup (u, thread_index, now);
-}
-
-static_always_inline u32
-nat44_force_users_cleanup (void)
-{
-  snat_main_t *sm = &snat_main;
-  snat_main_per_thread_data_t *tsm;
-
-  f64 now = vlib_time_now (vlib_get_main ());
-  u32 cleared = 0;
-
-  if (sm->num_workers > 1)
-    {
-      /* *INDENT-OFF* */
-      vec_foreach (tsm, sm->per_thread_data)
-        {
-          cleared += nat44_users_cleanup (tsm->thread_index, now);
-        }
-      /* *INDENT-ON* */
-    }
-  else
-    {
-      tsm = vec_elt_at_index (sm->per_thread_data, sm->num_workers);
-      cleared += nat44_users_cleanup (tsm->thread_index, now);
-    }
-  return cleared;
-}
-
 #endif /* included_nat44_inlines_h__ */
 
 /*

diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c
index 6712b8b..82c0433 100644 (file)
--- a/src/plugins/nat/nat44_cli.c
+++ b/src/plugins/nat/nat44_cli.c
@@ -116,16 +116,6 @@ nat_show_workers_commnad_fn (vlib_main_t * vm, unformat_input_t * input,
   return 0;
 }
 
-static clib_error_t *
-nat44_session_cleanup_command_fn (vlib_main_t * vm,
-                                 unformat_input_t * input,
-                                 vlib_cli_command_t * cmd)
-{
-  clib_error_t *error = 0;
-  nat44_force_users_cleanup ();
-  return error;
-}
-
 static clib_error_t *
 snat_set_log_level_command_fn (vlib_main_t * vm,
                               unformat_input_t * input,
@@ -703,10 +693,7 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input,
                             ++transitory_wait_closed;
                           }
                       }
-                    else
-                      {
-                        transitory++;
-                      }
+                    transitory++;
                   }
                 else
                   established++;
@@ -718,18 +705,6 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input,
               }
           }));
           count += pool_elts (tsm->sessions);
-
-          vlib_cli_output (vm, "tid[%u] session scavenging cleared: %u",
-              tsm->thread_index, tsm->cleared);
-          vlib_cli_output (vm, "tid[%u] session scavenging cleanup runs: %u",
-              tsm->thread_index, tsm->cleanup_runs);
-
-          if (now < tsm->cleanup_timeout)
-            vlib_cli_output (vm, "tid[%u] session scavenging next run in: %f",
-              tsm->thread_index, tsm->cleanup_timeout - now);
-          else
-            vlib_cli_output (vm, "tid[%u] session scavenging next run in: 0",
-              tsm->thread_index);
         }
       /* *INDENT-ON* */
     }
@@ -764,10 +739,7 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input,
                         ++transitory_wait_closed;
                       }
                   }
-                else
-                  {
-                    transitory++;
-                  }
+                transitory++;
               }
             else
               established++;
@@ -780,17 +752,6 @@ nat44_show_summary_command_fn (vlib_main_t * vm, unformat_input_t * input,
       }));
       /* *INDENT-ON* */
       count = pool_elts (tsm->sessions);
-
-      vlib_cli_output (vm, "tid[0] session scavenging cleared: %u",
-                      tsm->cleared);
-      vlib_cli_output (vm, "tid[0] session scavenging cleanup runs: %u",
-                      tsm->cleanup_runs);
-
-      if (now < tsm->cleanup_timeout)
-       vlib_cli_output (vm, "tid[0] session scavenging next run in: %f",
-                        tsm->cleanup_timeout - now);
-      else
-       vlib_cli_output (vm, "tid[0] session scavenging next run in: 0");
     }
 
   vlib_cli_output (vm, "total timed out sessions: %u", timed_out);
@@ -1999,7 +1960,6 @@ set_timeout_command_fn (vlib_main_t * vm,
     }
 done:
   unformat_free (line_input);
-  sm->min_timeout = nat44_minimal_timeout (sm);
   return error;
 }
 
@@ -2010,8 +1970,6 @@ nat_show_timeouts_command_fn (vlib_main_t * vm,
 {
   snat_main_t *sm = &snat_main;
 
-  // fix text
-  vlib_cli_output (vm, "min session cleanup timeout: %dsec", sm->min_timeout);
   vlib_cli_output (vm, "udp timeout: %dsec", sm->udp_timeout);
   vlib_cli_output (vm, "tcp-established timeout: %dsec",
                   sm->tcp_established_timeout);
@@ -2231,19 +2189,6 @@ VLIB_CLI_COMMAND (nat_show_timeouts_command, static) = {
   .function = nat_show_timeouts_command_fn,
 };
 
-/*?
- * @cliexpar
- * @cliexstart{nat set logging level}
- * To force garbage collection of nat sessions
- *  vpp# nat44 session cleanup
- * @cliexend
-?*/
-VLIB_CLI_COMMAND (nat44_session_cleanup_command, static) = {
-  .path = "nat44 session cleanup",
-  .function = nat44_session_cleanup_command_fn,
-  .short_help = "nat44 session cleanup",
-};
-
 /*?
  * @cliexpar
  * @cliexstart{nat set logging level}

diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c
index 5db375c..863f2cb 100644 (file)
--- a/src/plugins/nat/nat_api.c
+++ b/src/plugins/nat/nat_api.c
@@ -241,28 +241,6 @@ vl_api_nat_worker_dump_t_print (vl_api_nat_worker_dump_t * mp, void *handle)
   FINISH;
 }
 
-static void
-vl_api_nat44_session_cleanup_t_handler (vl_api_nat44_session_cleanup_t * mp)
-{
-  snat_main_t *sm = &snat_main;
-  vl_api_nat44_session_cleanup_reply_t *rmp;
-  int rv = 0;
-  nat44_force_users_cleanup ();
-  REPLY_MACRO (VL_API_NAT44_SESSION_CLEANUP_REPLY);
-}
-
-static void *
-vl_api_nat44_session_cleanup_t_print (vl_api_nat44_session_cleanup_t * mp,
-                                     void *handle)
-{
-  u8 *s;
-
-  s = format (0, "SCRIPT: nat44_session_cleanup");
-
-  FINISH;
-}
-
-
 static void
 vl_api_nat_set_log_level_t_handler (vl_api_nat_set_log_level_t * mp)
 {
@@ -336,8 +314,6 @@ vl_api_nat_set_timeouts_t_handler (vl_api_nat_set_timeouts_t * mp)
   sm->tcp_transitory_timeout = ntohl (mp->tcp_transitory);
   sm->icmp_timeout = ntohl (mp->icmp);
 
-  sm->min_timeout = nat44_minimal_timeout (sm);
-
   rv = nat64_set_icmp_timeout (ntohl (mp->icmp));
   if (rv)
     goto send_reply;
@@ -3142,7 +3118,6 @@ _(NAT_SHOW_CONFIG, nat_show_config)                                     \
 _(NAT_SET_WORKERS, nat_set_workers)                                     \
 _(NAT_WORKER_DUMP, nat_worker_dump)                                     \
 _(NAT44_DEL_USER, nat44_del_user)                                       \
-_(NAT44_SESSION_CLEANUP, nat44_session_cleanup)                         \
 _(NAT_SET_LOG_LEVEL, nat_set_log_level)                                 \
 _(NAT_IPFIX_ENABLE_DISABLE, nat_ipfix_enable_disable)                   \
 _(NAT_SET_TIMEOUTS, nat_set_timeouts)                                   \

diff --git a/src/plugins/nat/test/test_nat.py b/src/plugins/nat/test/test_nat.py
index ac9c65d..e267c4e 100644 (file)
--- a/src/plugins/nat/test/test_nat.py
+++ b/src/plugins/nat/test/test_nat.py
@@ -4187,100 +4187,6 @@ class TestNAT44(MethodHolder):
         self.logger.info(self.vapi.cli("show nat ha"))
 
 
-class TestNAT44EndpointDependent2(MethodHolder):
-    """ Endpoint-Dependent session test cases """
-
-    icmp_timeout = 2
-
-    @classmethod
-    def setUpConstants(cls):
-        super(TestNAT44EndpointDependent2, cls).setUpConstants()
-        cls.vpp_cmdline.extend(["nat", "{", "endpoint-dependent",
-                                "translation", "hash", "buckets", "1",
-                                "icmp", "timeout", str(cls.icmp_timeout), "}"])
-
-    @classmethod
-    def setUpClass(cls):
-        super(TestNAT44EndpointDependent2, cls).setUpClass()
-        translation_buckets = 1
-        cls.max_translations = 10 * translation_buckets
-
-        cls.create_pg_interfaces(range(2))
-        cls.interfaces = list(cls.pg_interfaces[0:2])
-
-        for i in cls.interfaces:
-            i.admin_up()
-            i.config_ip4()
-            i.resolve_arp()
-
-        cls.pg0.generate_remote_hosts(1)
-        cls.pg0.configure_ipv4_neighbors()
-
-        cls.pg1.generate_remote_hosts(1)
-        cls.pg1.configure_ipv4_neighbors()
-
-    @classmethod
-    def tearDownClass(cls):
-        super(TestNAT44EndpointDependent2, cls).tearDownClass()
-
-    def create_icmp_stream(self, in_if, out_if, count):
-        """
-        Create ICMP packet stream for inside network
-
-        :param in_if: Inside interface
-        :param out_if: Outside interface
-        :param count: Number of packets
-        """
-
-        self.assertTrue(count > 0)
-        icmp_id = random.randint(0, 65535 - (count - 1))
-
-        pkts = list()
-        for i in range(count):
-            p = (Ether(dst=in_if.local_mac, src=in_if.remote_mac) /
-                 IP(src=in_if.remote_ip4, dst=out_if.remote_ip4, ttl=64) /
-                 ICMP(id=icmp_id + i, type='echo-request'))
-            pkts.append(p)
-        return pkts
-
-    def send_pkts(self, pkts, expected=None):
-        self.pg0.add_stream(pkts)
-        self.pg_enable_capture(self.pg_interfaces)
-        self.pg_start()
-        return self.pg1.get_capture(
-            len(pkts) if expected is None else expected)
-
-    def test_session_cleanup(self):
-        """ NAT44 session cleanup test """
-
-        self.nat44_add_address(self.pg1.local_ip4)
-        flags = self.config_flags.NAT_IS_INSIDE
-        self.vapi.nat44_interface_add_del_feature(
-            sw_if_index=self.pg0.sw_if_index,
-            flags=flags, is_add=1)
-        self.vapi.nat44_interface_add_del_feature(
-            sw_if_index=self.pg1.sw_if_index,
-            is_add=1)
-
-        nat_config = self.vapi.nat_show_config()
-        self.assertEqual(1, nat_config.endpoint_dependent)
-
-        pkts = self.create_icmp_stream(self.pg0, self.pg1,
-                                       self.max_translations + 2)
-        sz = len(pkts)
-
-        # positive test
-        self.send_pkts(pkts[0:self.max_translations])
-
-        # false positive test
-        self.send_pkts(pkts[self.max_translations:sz - 1], 0)
-
-        sleep(self.icmp_timeout)
-
-        # positive test
-        self.send_pkts(pkts[self.max_translations + 1:sz])
-
-
 class TestNAT44EndpointDependent(MethodHolder):
     """ Endpoint-Dependent mapping and filtering test cases """