From 4994958e5c41c18e10793aac1d592f8aabb37dd4 Mon Sep 17 00:00:00 2001 From: Matus Fabian Date: Wed, 18 Jul 2018 00:28:52 -0700 Subject: [PATCH] NAT44: in+out interface in STN setup improvement (VPP-1344) Change-Id: Iad7e0337a577ef8a0dfb7bde1968cc115d176043 Signed-off-by: Matus Fabian --- src/plugins/nat/nat.c | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index 8dce3b96c50..f35120663fb 100755 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -428,12 +428,15 @@ static u8 * format_nat44_classify_trace (u8 * s, va_list * args) static inline uword nat44_classify_node_fn_inline (vlib_main_t * vm, vlib_node_runtime_t * node, - vlib_frame_t * frame) + vlib_frame_t * frame, + int is_ed) { u32 n_left_from, * from, * to_next; nat44_classify_next_t next_index; snat_main_t *sm = &snat_main; snat_static_mapping_t *m; + u32 thread_index = vm->thread_index; + snat_main_per_thread_data_t *tsm = &sm->per_thread_data[thread_index]; from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; @@ -450,11 +453,13 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, { u32 bi0; vlib_buffer_t *b0; - u32 next0 = NAT44_CLASSIFY_NEXT_IN2OUT; + u32 next0 = NAT44_CLASSIFY_NEXT_IN2OUT, sw_if_index0, rx_fib_index0; ip4_header_t *ip0; snat_address_t *ap; snat_session_key_t m_key0; clib_bihash_kv_8_8_t kv0, value0; + clib_bihash_kv_16_8_t ed_kv0, ed_value0; + udp_header_t *udp0; /* speculatively enqueue b0 to the current next frame */ bi0 = from[0]; @@ -466,6 +471,20 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, b0 = vlib_get_buffer (vm, bi0); ip0 = vlib_buffer_get_current (b0); + udp0 = ip4_next_header (ip0); + + if (is_ed) + { + sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_RX]; + rx_fib_index0 = + fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP4, + sw_if_index0); + make_ed_kv (&ed_kv0, &ip0->src_address, &ip0->dst_address, + ip0->protocol, rx_fib_index0, udp0->src_port, + udp0->dst_port); + if (!clib_bihash_search_16_8 (&tsm->in2out_ed, &ed_kv0, &ed_value0)) + goto enqueue0; + } vec_foreach (ap, sm->addresses) { @@ -481,7 +500,7 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, m_key0.addr = ip0->dst_address; m_key0.port = 0; m_key0.protocol = 0; - m_key0.fib_index = sm->outside_fib_index; + m_key0.fib_index = 0; kv0.key = m_key0.as_u64; if (!clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv0, &value0)) { @@ -490,7 +509,6 @@ nat44_classify_node_fn_inline (vlib_main_t * vm, next0 = NAT44_CLASSIFY_NEXT_OUT2IN; goto enqueue0; } - udp_header_t * udp0 = ip4_next_header (ip0); m_key0.port = clib_net_to_host_u16 (udp0->dst_port); m_key0.protocol = ip_proto_to_snat_proto (ip0->protocol); kv0.key = m_key0.as_u64; @@ -528,7 +546,7 @@ nat44_classify_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return nat44_classify_node_fn_inline (vm, node, frame); + return nat44_classify_node_fn_inline (vm, node, frame, 0); }; VLIB_REGISTER_NODE (nat44_classify_node) = { @@ -551,7 +569,7 @@ nat44_ed_classify_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return nat44_classify_node_fn_inline (vm, node, frame); + return nat44_classify_node_fn_inline (vm, node, frame, 1); }; VLIB_REGISTER_NODE (nat44_ed_classify_node) = { @@ -575,7 +593,7 @@ nat44_det_classify_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return nat44_classify_node_fn_inline (vm, node, frame); + return nat44_classify_node_fn_inline (vm, node, frame, 0); }; VLIB_REGISTER_NODE (nat44_det_classify_node) = { @@ -599,7 +617,7 @@ nat44_handoff_classify_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return nat44_classify_node_fn_inline (vm, node, frame); + return nat44_classify_node_fn_inline (vm, node, frame, 0); }; VLIB_REGISTER_NODE (nat44_handoff_classify_node) = { -- 2.16.6