35 #define _(sym,string) string, 71 return format (s,
"no reason for slow path");
73 return format (s,
"slow path because lookup failed");
75 return format (s,
"slow path because vrf expired");
77 return format (s,
"slow path because tcp closed");
79 return format (s,
"slow path because session expired");
81 return format (s,
"invalid reason value");
94 "NAT44_OUT2IN_ED_FAST_PATH";
100 s =
format (s,
", session %d, translation result '%U' via %s",
111 s =
format (s,
"\n lookup skipped - cached session index used");
132 if (!clib_bihash_search_16_8 (&sm->
flow_hash, &kv, &value))
154 snat_session_t **s_p)
161 snat_session_t *s = 0;
162 u8 is_addr_only, identity_nat;
169 u16 lookup_sport, lookup_dport;
175 &lookup_daddr, &lookup_dport,
178 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_UNSUPPORTED_PROTOCOL];
184 vm, sm, ip->
dst_address, lookup_sport, rx_fib_index,
186 &sm_fib_index, 1, &is_addr_only, 0, 0, 0, &identity_nat, &m))
195 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_NO_TRANSLATION];
201 if (
next_src_nat (sm, ip, lookup_sport, lookup_dport, thread_index,
216 (
vnet_buffer (b)->ip.reass.icmp_type_or_tcp_flags !=
217 ICMP4_echo_request ||
220 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_BAD_ICMP_TYPE];
232 sm, b, sm_addr, sm_port, sm_fib_index, ip->
dst_address, lookup_sport,
244 if (checksum != 0 && checksum != 0xffff)
276 u16 port_per_thread,
u32 snat_thread_index)
283 #define _(N, j, n, s) \ 284 case NAT_PROTOCOL_##N: \ 285 if (a->busy_##n##_ports_per_thread[thread_index] < port_per_thread) \ 289 portnum = (port_per_thread * \ 290 snat_thread_index) + \ 291 snat_random_port(0, port_per_thread - 1) + 1024; \ 292 if (a->busy_##n##_port_refcounts[portnum]) \ 294 --a->busy_##n##_port_refcounts[portnum]; \ 295 a->busy_##n##_ports_per_thread[thread_index]++; \ 296 a->busy_##n##_ports++; \ 298 *port = clib_host_to_net_u16(portnum); \ 319 u32 snat_thread_index)
326 for (i = 0; i <
vec_len (addresses); i++)
331 #define _(N, j, n, s) \ 332 case NAT_PROTOCOL_##N: \ 333 if (a->busy_##n##_ports_per_thread[thread_index] < port_per_thread) \ 335 if (a->fib_index == fib_index) \ 339 portnum = (port_per_thread * snat_thread_index) + \ 340 snat_random_port (0, port_per_thread - 1) + 1024; \ 341 if (a->busy_##n##_port_refcounts[portnum]) \ 343 --a->busy_##n##_port_refcounts[portnum]; \ 344 a->busy_##n##_ports_per_thread[thread_index]++; \ 345 a->busy_##n##_ports++; \ 347 *port = clib_host_to_net_u16 (portnum); \ 351 else if (a->fib_index == ~0) \ 369 #define _(N, j, n, s) \ 370 case NAT_PROTOCOL_##N: \ 373 portnum = (port_per_thread * snat_thread_index) + \ 374 snat_random_port (0, port_per_thread - 1) + 1024; \ 375 if (a->busy_##n##_port_refcounts[portnum]) \ 377 ++a->busy_##n##_port_refcounts[portnum]; \ 378 a->busy_##n##_ports_per_thread[thread_index]++; \ 379 a->busy_##n##_ports++; \ 381 *port = clib_host_to_net_u16 (portnum); \ 397 static snat_session_t *
412 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
420 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
429 nat_proto == NAT_PROTOCOL_ICMP ? 0 :
vnet_buffer (b)->ip.reass.l4_src_port;
436 s->out2in.addr = o2i_addr;
437 s->out2in.port = o2i_port;
438 s->out2in.fib_index = o2i_fib_index;
439 s->in2out.addr = i2o_addr;
440 s->in2out.port = i2o_port;
441 s->in2out.fib_index = i2o_fib_index;
442 s->nat_proto = nat_proto;
444 if (NAT_PROTOCOL_ICMP == nat_proto)
447 o2i_addr, o2i_port, o2i_fib_index, ip->
protocol);
453 s->ext_host_port, o2i_addr, o2i_port,
462 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_HASH_ADD_FAILED];
493 &s->ext_host_nat_addr,
494 &s->ext_host_nat_port,
509 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_OUT_OF_PORTS];
516 s->ext_host_nat_port, s->nat_proto);
524 if (NAT_PROTOCOL_ICMP == nat_proto)
536 s->ext_host_nat_addr, s->ext_host_nat_port,
539 if (NAT_PROTOCOL_ICMP == nat_proto)
550 if (NAT_PROTOCOL_ICMP == nat_proto)
553 s->ext_host_addr, i2o_port, i2o_fib_index,
559 s->ext_host_addr, s->ext_host_port,
565 if (NAT_PROTOCOL_ICMP == nat_proto)
586 s->in2out.addr.as_u32,
587 s->out2in.addr.as_u32,
590 s->out2in.port, s->in2out.fib_index);
593 s->in2out.port, &s->ext_host_nat_addr,
594 s->ext_host_nat_port, &s->out2in.addr, s->out2in.port,
595 &s->ext_host_addr, s->ext_host_port, s->nat_proto,
611 u16 lookup_sport, lookup_dport;
615 if (ip->
protocol == IP_PROTOCOL_ICMP)
618 &lookup_sport, &lookup_saddr,
619 &lookup_dport, &lookup_protocol))
626 lookup_sport =
vnet_buffer (b)->ip.reass.l4_dst_port;
627 lookup_dport =
vnet_buffer (b)->ip.reass.l4_src_port;
639 init_ed_k (&kv, lookup_saddr, lookup_sport, lookup_daddr, lookup_dport,
640 rx_fib_index, lookup_protocol);
642 if (!clib_bihash_search_16_8 (&sm->
flow_hash, &kv, &value))
649 else if (ip->
protocol == IP_PROTOCOL_ICMP &&
651 (
vnet_buffer (b)->ip.reass.icmp_type_or_tcp_flags))
661 (sm, rx_fib_index, thread_index)))
674 s->ext_host_port = lookup_dport;
677 s->out2in.port = lookup_sport;
678 s->nat_proto =
proto;
679 if (proto == NAT_PROTOCOL_OTHER)
684 s->out2in.fib_index = rx_fib_index;
685 s->in2out.addr = s->out2in.addr;
686 s->in2out.port = s->out2in.port;
687 s->in2out.fib_index = s->out2in.fib_index;
703 if (ip->
protocol == IP_PROTOCOL_TCP)
707 tcp->ack_number, tcp->seq_number,
717 static snat_session_t *
731 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
739 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_NO_TRANSLATION];
749 b->
error = node->
errors[NAT_OUT2IN_ED_ERROR_MAX_SESSIONS_EXCEEDED];
759 s->out2in.fib_index = rx_fib_index;
762 s->in2out.port = s->out2in.port = ip->
protocol;
815 while (n_left_from > 0)
818 u32 sw_if_index0, rx_fib_index0;
821 snat_session_t *s0 = 0;
827 int lookup_skipped = 0;
862 ICMP4_time_exceeded_ttl_exceeded_in_transit,
872 if (
vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags !=
873 ICMP4_echo_request &&
874 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags !=
877 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags))
879 b0->
error = node->
errors[NAT_OUT2IN_ED_ERROR_BAD_ICMP_TYPE];
902 if (is_multi_worker &&
923 if (clib_bihash_search_16_8 (&sm->
flow_hash, &kv0, &value0))
936 ASSERT (thread_index == s0->thread_index);
948 if (s0->tcp_closed_timestamp)
950 if (now >= s0->tcp_closed_timestamp)
959 b0->
error = node->
errors[NAT_OUT2IN_ED_ERROR_TCP_CLOSED];
966 u64 sess_timeout_time;
969 if (now >= sess_timeout_time)
995 proto0 == NAT_PROTOCOL_UDP &&
997 clib_host_to_net_u16 (UDP_DST_PORT_dhcp_to_client))))
1004 b0->
error = node->
errors[NAT_OUT2IN_ED_ERROR_NO_TRANSLATION];
1030 sm, b0, ip0, f, proto0, 0 )))
1038 case NAT_PROTOCOL_TCP:
1040 thread_index, sw_if_index0, 1);
1043 reass.icmp_type_or_tcp_flags,
1045 reass.tcp_ack_number,
1047 reass.tcp_seq_number,
1050 case NAT_PROTOCOL_UDP:
1052 thread_index, sw_if_index0, 1);
1054 case NAT_PROTOCOL_ICMP:
1056 thread_index, sw_if_index0, 1);
1058 case NAT_PROTOCOL_OTHER:
1060 thread_index, sw_if_index0, 1);
1073 && (b0->
flags & VLIB_BUFFER_IS_TRACED)))
1101 thread_index, sw_if_index0, 1);
1132 while (n_left_from > 0)
1135 u32 sw_if_index0, rx_fib_index0;
1139 icmp46_header_t *icmp0;
1140 snat_session_t *s0 = 0;
1164 ICMP4_time_exceeded_ttl_exceeded_in_transit,
1171 icmp0 = (icmp46_header_t *) udp0;
1177 sm, b0, ip0, rx_fib_index0, thread_index, now, vm, node);
1186 sm, b0, ip0, &s0->o2i, proto0, 0 )))
1192 thread_index, sw_if_index0, 1);
1199 (sm, b0, ip0, icmp0, sw_if_index0, rx_fib_index0, node,
1200 next[0], now, thread_index, &s0);
1205 sm, b0, ip0, &s0->o2i, proto0, 0 )))
1211 thread_index, sw_if_index0, 1);
1217 vnet_buffer (b0)->ip.reass.l4_dst_port, rx_fib_index0,
1221 if (!clib_bihash_search_16_8 (&sm->
flow_hash, &kv0, &value0))
1228 if (s0->tcp_closed_timestamp && now >= s0->tcp_closed_timestamp)
1243 vnet_buffer (b0)->ip.reass.l4_dst_port, rx_fib_index0, proto0,
1244 &sm_addr, &sm_port, &sm_fib_index, 1, 0, &twice_nat0, &lb_nat0,
1253 clib_host_to_net_u16
1254 (UDP_DST_PORT_dhcp_to_client))))
1262 node->
errors[NAT_OUT2IN_ED_ERROR_NO_TRANSLATION];
1270 thread_index, rx_fib_index0))
1286 if ((proto0 == NAT_PROTOCOL_TCP)
1288 reass.icmp_type_or_tcp_flags))
1290 b0->
error = node->
errors[NAT_OUT2IN_ED_ERROR_NON_SYN];
1301 ip.reass.l4_dst_port,
1302 rx_fib_index0, proto0,
1303 node, rx_fib_index0,
1304 thread_index, twice_nat0,
1315 sm, b0, ip0, &s0->o2i, proto0, 0 )))
1324 thread_index, sw_if_index0, 1);
1327 reass.icmp_type_or_tcp_flags,
1329 reass.tcp_ack_number,
1331 reass.tcp_seq_number,
1337 thread_index, sw_if_index0, 1);
1349 && (b0->
flags & VLIB_BUFFER_IS_TRACED)))
1374 thread_index, sw_if_index0, 1);
1404 .name =
"nat44-ed-out2in",
1405 .vector_size =
sizeof (
u32),
1406 .sibling_of =
"nat-default",
1424 .name =
"nat44-ed-out2in-slowpath",
1425 .vector_size =
sizeof (
u32),
1426 .sibling_of =
"nat-default",
1455 .name =
"nat-pre-out2in",
1456 .vector_size =
sizeof (
u32),
1457 .sibling_of =
"nat-default",
u32 flags
buffer flags: VLIB_BUFFER_FREE_LIST_INDEX_MASK: bits used to store free list index, VLIB_BUFFER_IS_TRACED: trace this buffer.
#define SNAT_SESSION_FLAG_STATIC_MAPPING
static ip_csum_t ip_incremental_checksum_buffer(vlib_main_t *vm, vlib_buffer_t *first_buffer, u32 first_buffer_offset, u32 n_bytes_to_checksum, ip_csum_t sum)
static_always_inline void nat_6t_o2i_flow_init(snat_main_t *sm, u32 thread_idx, snat_session_t *s, ip4_address_t saddr, u16 sport, ip4_address_t daddr, u16 dport, u32 fib_index, u8 proto)
static u32 nat44_session_get_timeout(snat_main_t *sm, snat_session_t *s)
static void nat44_session_update_lru(snat_main_t *sm, snat_session_t *s, u32 thread_index)
Per-user LRU list maintenance.
#define nat_elog_info(_pm, nat_elog_str)
vlib_node_registration_t nat44_ed_out2in_node
(constructor) VLIB_REGISTER_NODE (nat44_ed_out2in_node)
static_always_inline int nat_6t_t_eq(nat_6t_t *t1, nat_6t_t *t2)
static u8 * format_nat_pre_trace(u8 *s, va_list *args)
static uword nat44_ed_out2in_slow_path_node_fn_inline(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
void nat_ipfix_logging_addresses_exhausted(u32 thread_index, u32 pool_id)
Generate NAT addresses exhausted event.
static_always_inline void nat_6t_i2o_flow_init(snat_main_t *sm, u32 thread_idx, snat_session_t *s, ip4_address_t saddr, u16 sport, ip4_address_t daddr, u16 dport, u32 fib_index, u8 proto)
void nat_syslog_nat44_sadd(u32 ssubix, u32 sfibix, ip4_address_t *isaddr, u16 isport, ip4_address_t *idaddr, u16 idport, ip4_address_t *xsaddr, u16 xsport, ip4_address_t *xdaddr, u16 xdport, nat_protocol_t proto, u8 is_twicenat)
vl_api_ip_port_and_mask_t dst_port
u16 nexts[VLIB_FRAME_SIZE]
static u8 * format_slow_path_reason(u8 *s, va_list *args)
static f64 vlib_time_now(vlib_main_t *vm)
u32 fib_table_get_index_for_sw_if_index(fib_protocol_t proto, u32 sw_if_index)
Get the index of the FIB bound to the interface.
#define is_twice_nat_session(s)
Check if NAT session is twice NAT.
static u8 is_interface_addr(snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0, u32 ip4_addr)
#define SNAT_SESSION_FLAG_TWICE_NAT
vlib_main_t vlib_node_runtime_t vlib_frame_t * frame
static snat_session_t * create_session_for_static_mapping_ed(snat_main_t *sm, vlib_buffer_t *b, ip4_address_t i2o_addr, u16 i2o_port, u32 i2o_fib_index, ip4_address_t o2i_addr, u16 o2i_port, u32 o2i_fib_index, nat_protocol_t nat_proto, vlib_node_runtime_t *node, u32 rx_fib_index, u32 thread_index, twice_nat_type_t twice_nat, lb_nat_type_t lb_nat, f64 now, snat_static_mapping_t *mapping)
static uword nat44_ed_out2in_fast_path_node_fn_inline(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame, int is_multi_worker)
#define foreach_nat_out2in_ed_error
static void vlib_increment_simple_counter(vlib_simple_counter_main_t *cm, u32 thread_index, u32 index, u64 increment)
Increment a simple counter.
#define VLIB_NODE_FN(node)
static void nat44_session_update_counters(snat_session_t *s, f64 now, uword bytes, u32 thread_index)
static void nat_6t_flow_saddr_rewrite_set(nat_6t_flow_t *f, u32 saddr)
vlib_error_t * errors
Vector of errors for this node.
vlib_node_registration_t nat44_ed_out2in_slowpath_node
(constructor) VLIB_REGISTER_NODE (nat44_ed_out2in_slowpath_node)
static uword vlib_buffer_length_in_chain(vlib_main_t *vm, vlib_buffer_t *b)
Get length in bytes of the buffer chain.
struct _tcp_header tcp_header_t
static_always_inline u8 icmp_type_is_error_message(u8 icmp_type)
static int ip4_is_fragment(const ip4_header_t *i)
#define clib_memcpy(d, s, n)
static void nat_6t_flow_daddr_rewrite_set(nat_6t_flow_t *f, u32 daddr)
static_always_inline void per_vrf_sessions_register_session(snat_session_t *s, u32 thread_index)
static snat_session_t * nat44_ed_out2in_slowpath_unknown_proto(snat_main_t *sm, vlib_buffer_t *b, ip4_header_t *ip, u32 rx_fib_index, u32 thread_index, f64 now, vlib_main_t *vm, vlib_node_runtime_t *node)
#define static_always_inline
void snat_free_outside_address_and_port(snat_address_t *addresses, u32 thread_index, ip4_address_t *addr, u16 port, nat_protocol_t protocol)
Free outside address and port pair.
static nat_protocol_t ip_proto_to_nat_proto(u8 ip_proto)
Common NAT inline functions.
vlib_get_buffers(vm, from, b, n_left_from)
description fragment has unexpected format
#define vlib_prefetch_buffer_header(b, type)
Prefetch buffer metadata.
u32 ip4_fib_table_get_index_for_sw_if_index(u32 sw_if_index)
#define nat_elog_warn(_pm, nat_elog_str)
static void * ip4_next_header(ip4_header_t *i)
static void nat_6t_flow_icmp_id_rewrite_set(nat_6t_flow_t *f, u16 id)
#define SNAT_SESSION_FLAG_UNKNOWN_PROTO
vlib_buffer_enqueue_to_next(vm, node, from,(u16 *) nexts, frame->n_vectors)
static_always_inline int nat_alloc_addr_and_port_exact(snat_address_t *a, u32 thread_index, nat_protocol_t proto, ip4_address_t *addr, u16 *port, u16 port_per_thread, u32 snat_thread_index)
struct snat_main_s::@736::@737 fastpath
vl_api_fib_path_type_t type
vlib_error_t error
Error code for buffers to be enqueued to error handler.
nat_translation_error_e translation_error
static void create_bypass_for_fwd(snat_main_t *sm, vlib_buffer_t *b, snat_session_t *s, ip4_header_t *ip, u32 rx_fib_index, u32 thread_index)
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
vl_api_interface_index_t sw_if_index
snat_static_mapping_t * static_mappings
#define SNAT_SESSION_FLAG_EXACT_ADDRESS
format_function_t format_nat_ed_translation_error
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
format_function_t format_ed_session_kvp
static void nat_6t_flow_sport_rewrite_set(nat_6t_flow_t *f, u32 sport)
clib_bihash_8_8_t static_mapping_by_external
vlib_main_t * vm
X-connect all packets from the HOST to the PHY.
static_always_inline int nat_get_icmp_session_lookup_values(vlib_buffer_t *b, ip4_header_t *ip0, ip4_address_t *lookup_saddr, u16 *lookup_sport, ip4_address_t *lookup_daddr, u16 *lookup_dport, u8 *lookup_protocol)
static void nat44_set_tcp_session_state_o2i(snat_main_t *sm, f64 now, snat_session_t *ses, u8 tcp_flags, u32 tcp_ack_number, u32 tcp_seq_number, u32 thread_index)
static u8 * format_nat44_ed_out2in_trace(u8 *s, va_list *args)
vl_api_ip_port_and_mask_t src_port
static hash_pair_t * lookup(void *v, uword key, enum lookup_opcode op, void *new_value, void *old_value)
#define VLIB_REGISTER_NODE(x,...)
format_function_t format_nat_6t_flow
#define CLIB_PREFETCH(addr, size, type)
sll srl srl sll sra u16x4 i
static void init_ed_k(clib_bihash_kv_16_8_t *kv, ip4_address_t l_addr, u16 l_port, ip4_address_t r_addr, u16 r_port, u32 fib_index, u8 proto)
struct snat_main_s::@736 counters
void nat_ipfix_logging_nat44_ses_create(u32 thread_index, u32 src_ip, u32 nat_src_ip, nat_protocol_t nat_proto, u16 src_port, u16 nat_src_port, u32 fib_index)
Generate NAT44 session create event.
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
8 octet key, 8 octet key value pair
static char * nat_out2in_ed_error_strings[]
#define SNAT_SESSION_FLAG_ENDPOINT_DEPENDENT
static void nat_6t_flow_txfib_rewrite_set(nat_6t_flow_t *f, u32 tx_fib_index)
#define is_exact_address(s)
Check if exact pool address should be used.
static_always_inline snat_session_t * nat_ed_session_alloc(snat_main_t *sm, u32 thread_index, f64 now, u8 proto)
struct snat_main_s::@736::@738 slowpath
#define SNAT_SESSION_FLAG_FWD_BYPASS
clib_bihash_kv_16_8_t search_key
nat_translation_error_e nat_6t_flow_buf_translate(snat_main_t *sm, vlib_buffer_t *b, ip4_header_t *ip, nat_6t_flow_t *f, nat_protocol_t proto, int is_output_feature)
snat_address_t * twice_nat_addresses
static vlib_main_t * vlib_get_main(void)
void nat_free_session_data(snat_main_t *sm, snat_session_t *s, u32 thread_index, u8 is_ha)
Free NAT44 session data (lookup keys, external address port)
static int next_src_nat(snat_main_t *sm, ip4_header_t *ip, u16 src_port, u16 dst_port, u32 thread_index, u32 rx_fib_index)
static u32 ed_value_get_session_index(clib_bihash_kv_16_8_t *value)
static u32 ed_value_get_thread_index(clib_bihash_kv_16_8_t *value)
static_always_inline u8 per_vrf_sessions_is_expired(snat_session_t *s, u32 thread_index)
static_always_inline int nat_ed_ses_o2i_flow_hash_add_del(snat_main_t *sm, u32 thread_idx, snat_session_t *s, int is_add)
static void nat_ed_session_delete(snat_main_t *sm, snat_session_t *ses, u32 thread_index, int lru_delete)
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
vlib_main_t vlib_node_runtime_t * node
VLIB buffer representation.
snat_main_per_thread_data_t * per_thread_data
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
#define SNAT_SESSION_FLAG_AFFINITY
#define SNAT_SESSION_FLAG_LOAD_BALANCING
static u32 icmp_out2in_ed_slow_path(snat_main_t *sm, vlib_buffer_t *b, ip4_header_t *ip, icmp46_header_t *icmp, u32 sw_if_index, u32 rx_fib_index, vlib_node_runtime_t *node, u32 next, f64 now, u32 thread_index, snat_session_t **s_p)
nat_slow_path_reason_e slow_path_reason
static void nat_6t_flow_dport_rewrite_set(nat_6t_flow_t *f, u32 dport)
int snat_static_mapping_match(vlib_main_t *vm, snat_main_t *sm, ip4_address_t match_addr, u16 match_port, u32 match_fib_index, nat_protocol_t match_protocol, ip4_address_t *mapping_addr, u16 *mapping_port, u32 *mapping_fib_index, u8 by_external, u8 *is_addr_only, twice_nat_type_t *twice_nat, lb_nat_type_t *lb, ip4_address_t *ext_host_addr, u8 *is_identity_nat, snat_static_mapping_t **out)
Match NAT44 static mapping.
void nat_6t_l3_l4_csum_calc(nat_6t_flow_t *f)
static_always_inline u8 nat44_ed_maximum_sessions_exceeded(snat_main_t *sm, u32 fib_index, u32 thread_index)
#define vec_foreach(var, vec)
Vector iterator.
#define nat_elog_notice(_pm, nat_elog_str)
u16 flags
Copy of main node flags.
static_always_inline int nat_ed_ses_i2o_flow_hash_add_del(snat_main_t *sm, u32 thread_idx, snat_session_t *s, int is_add)
clib_bihash_16_8_t flow_hash
void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
static int ip4_header_bytes(const ip4_header_t *i)
vlib_node_registration_t nat_pre_out2in_node
(constructor) VLIB_REGISTER_NODE (nat_pre_out2in_node)
#define VLIB_NODE_FLAG_TRACE
#define CLIB_CACHE_LINE_BYTES
static uword nat_pre_node_fn_inline(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame, u32 def_next)
vlib_buffer_t * bufs[VLIB_FRAME_SIZE]
snat_session_t * sessions
static bool tcp_flags_is_init(u8 f)
Check if client initiating TCP connection (received SYN from client)
static void init_nat_k(clib_bihash_kv_8_8_t *kv, ip4_address_t addr, u16 port, u32 fib_index, nat_protocol_t proto)
static_always_inline void icmp4_error_set_vnet_buffer(vlib_buffer_t *b, u8 type, u8 code, u32 data)
static u16 ip_csum_fold(ip_csum_t c)
static_always_inline int nat44_ed_alloc_outside_addr_and_port(snat_address_t *addresses, u32 fib_index, u32 thread_index, nat_protocol_t proto, ip4_address_t *addr, u16 *port, u16 port_per_thread, u32 snat_thread_index)
1.8.13