nat: distribute nat44-ed in2out sessions by rx vrf

Nat in2out sessions are distributing among workers by client
addresses. In case there's multiple client vrfs with very
similar client addresses (usually from rfc1918), session
distribution/load can be unfair just due similar hash.
Let's take dynamic client fib_index into account, it'll affect
external port range only, outside address picking has own
address-based hash therefore not affected.

Type: improvement
Change-Id: I56ab2e1ce8dd27f2b1f9e7f22839ccf7774bfb82
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>

diff --git a/src/plugins/nat/nat44-ed/nat44_ed.c b/src/plugins/nat/nat44-ed/nat44_ed.c
index e2ced3d..2ccd461 100644 (file)
--- a/src/plugins/nat/nat44-ed/nat44_ed.c
+++ b/src/plugins/nat/nat44-ed/nat44_ed.c
@@ -3044,7 +3044,9 @@ nat44_ed_get_in2out_worker_index (vlib_buffer_t *b, ip4_header_t *ip,
     }
 
   hash = ip->src_address.as_u32 + (ip->src_address.as_u32 >> 8) +
-    (ip->src_address.as_u32 >> 16) + (ip->src_address.as_u32 >> 24);
+        (ip->src_address.as_u32 >> 16) + (ip->src_address.as_u32 >> 24) +
+        rx_fib_index + (rx_fib_index >> 8) + (rx_fib_index >> 16) +
+        (rx_fib_index >> 24);
 
   if (PREDICT_TRUE (is_pow2 (_vec_len (sm->workers))))
     next_worker_index += sm->workers[hash & (_vec_len (sm->workers) - 1)];