nat: fix port number selection

Change the port number selection for new NAT sessions so that it
matches how the thread index is calculated from the port number for
out2in packets. Before this change there was a problem when the
largest port number in the range was used, that resulted in the wrong
thread index being selected when out2in packets arrive for that
session.

Type: fix

Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I936c389eb0d5df6168e18e5e44754de1cdad6ad1
Signed-off-by: Klement Sekera <ksekera@cisco.com>

diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c
index 080f37e..8eafb5b 100644 (file)
--- a/src/plugins/nat/in2out_ed.c
+++ b/src/plugins/nat/in2out_ed.c
@@ -217,14 +217,14 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index,
     if (a->fib_index == rx_fib_index)                                        \
       {                                                                      \
         /* first try port suggested by caller */                             \
-        u16 port = clib_net_to_host_u16 (*outside_port);                   \
+        u16 port = clib_net_to_host_u16 (*outside_port);                     \
         u16 port_offset = port - port_thread_offset;                         \
         if (port <= port_thread_offset ||                                    \
             port > port_thread_offset + port_per_thread)                     \
           {                                                                  \
             /* need to pick a different port, suggested port doesn't fit in  \
              * this thread's port range */                                   \
-            port_offset = snat_random_port (1, port_per_thread);             \
+            port_offset = snat_random_port (0, port_per_thread - 1);         \
             port = port_thread_offset + port_offset;                         \
           }                                                                  \
         u16 attempts = port_per_thread;                                      \
@@ -240,8 +240,8 @@ nat_ed_alloc_addr_and_port (snat_main_t * sm, u32 rx_fib_index,
                 ++a->busy_##n##_port_refcounts[port];                        \
                 a->busy_##n##_ports_per_thread[thread_index]++;              \
                 a->busy_##n##_ports++;                                       \
-                *outside_addr = a->addr;                                   \
-                *outside_port = clib_host_to_net_u16 (port);               \
+                *outside_addr = a->addr;                                     \
+                *outside_port = clib_host_to_net_u16 (port);                 \
                 return 0;                                                    \
               }                                                              \
             port_offset = (port_offset + 1) % port_per_thread;               \

diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c
index c4c5dd8..fa62250 100644 (file)
--- a/src/plugins/nat/nat.c
+++ b/src/plugins/nat/nat.c
@@ -2893,7 +2893,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses,
                     { \
                       portnum = (port_per_thread * \
                         snat_thread_index) + \
-                        snat_random_port(1, port_per_thread) + 1024; \
+                        snat_random_port(0, port_per_thread - 1) + 1024; \
                       if (a->busy_##n##_port_refcounts[portnum]) \
                         continue; \
                      --a->busy_##n##_port_refcounts[portnum]; \
@@ -2930,7 +2930,7 @@ nat_alloc_addr_and_port_default (snat_address_t * addresses,
             { \
               portnum = (port_per_thread * \
                 snat_thread_index) + \
-                snat_random_port(1, port_per_thread) + 1024; \
+                snat_random_port(0, port_per_thread - 1) + 1024; \
              if (a->busy_##n##_port_refcounts[portnum]) \
                 continue; \
              ++a->busy_##n##_port_refcounts[portnum]; \