Support ICMP session timeout in deterministic NAT

Change-Id: I0306bc0ab87908adb79c594c657d579cb34b3ec1
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>

diff --git a/src/plugins/snat/in2out.c b/src/plugins/snat/in2out.c
index 89054a0..2dbaeb4 100644 (file)
--- a/src/plugins/snat/in2out.c
+++ b/src/plugins/snat/in2out.c
@@ -2215,6 +2215,11 @@ u32 icmp_match_in2out_det(snat_main_t *sm, vlib_node_runtime_t *node,
       goto out;
     }
 
+  u32 now = (u32) vlib_time_now (sm->vlib_main);
+
+  ses0->state = SNAT_SESSION_ICMP_ACTIVE;
+  ses0->expire = now + SNAT_ICMP_TIMEOUT;
+
 out:
   *p_proto = protocol;
   if (ses0)

diff --git a/src/plugins/snat/snat.h b/src/plugins/snat/snat.h
index 49b6e37..d0ffea7 100644 (file)
--- a/src/plugins/snat/snat.h
+++ b/src/plugins/snat/snat.h
@@ -32,6 +32,7 @@
 #define SNAT_UDP_TIMEOUT 300
 #define SNAT_TCP_TRANSITORY_TIMEOUT 240
 #define SNAT_TCP_ESTABLISHED_TIMEOUT 7440
+#define SNAT_ICMP_TIMEOUT 60
 
 /* Key */
 typedef struct {
@@ -106,7 +107,8 @@ typedef enum {
   _(3, TCP_ESTABLISHED, "tcp-established") \
   _(4, TCP_FIN_WAIT, "tcp-fin-wait")       \
   _(5, TCP_CLOSE_WAIT, "tcp-close-wait")   \
-  _(6, TCP_LAST_ACK, "tcp-last-ack")
+  _(6, TCP_LAST_ACK, "tcp-last-ack")       \
+  _(7, ICMP_ACTIVE, "icmp-active")
 
 typedef enum {
 #define _(v, N, s) SNAT_SESSION_##N = v,