Hi Ben, Thank you for pointing out the issue. Indeed it looks like the node runs just once. I will provide a patch shortly.
Best regards, Filip Varga -----Original Message----- From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of Ben McKeegan Sent: Monday, November 1, 2021 7:24 PM To: vpp-dev@lists.fd.io Subject: [vpp-dev] det44 plugin Hello, I am fairly new to VPP so please bear with me. I am trying to use the det44 NAT plugin on 21.06 but I am experiencing some difficulties with running out of ports. It would appear that my det44 sessions are never removed despite passing the expire time. For example, I have the following setting: show det44 timeout udp timeout: 300sec tcp established timeout: 7440sec tcp transitory timeout: 240sec icmp timeout: 60sec However, if I generate a series of ICMP pings from my test host and then run 'show det44 sessions' I have a session listed for every individual ping packet, as expected, but these remain long after the 60 second timeout configured. For example on my last test I sent a flood of 100 pings which generated 100 sessions in the lists, all "state: icmp-active expire" with expiry times ranging from 171 to 173. I have just sent another 100 pings and now have another 100 sessions with expiry times ranging from 2647 to 2650, and the original 100 sessions are still there still with expiry times from 171 to 173 so these have not been refreshed or expired. I have taken a look at the source code of the plugin and I can that det44_create_expire_walk_process() is called from det44_plugin_enable(). This function appears to start a new vlib process with the 'main loop' function det44_expire_walk_fn(). According to the documentation here https://docs.fd.io/vpp/21.06/dd/d64/vlib__process__doc_8h.html I understand these despatch functions should be implemented as a while (1) {} loop that never ends. However, my reading of the det44_expire_walk_fn() function code is that it will only perform a single walk of the det44 data structures before returning to its caller. Is this a bug in det44_expire_walk_fn(), is the documentation wrong or am I misreading it? My hypothesis is that det44_expire_walk_fn() runs just once, when the plugin is first enabled (and the session table is already empty), and does not get run again thereafter. Therefore, the sessions never get expired. Regards, Ben.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20408): https://lists.fd.io/g/vpp-dev/message/20408 Mute This Topic: https://lists.fd.io/mt/86748366/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
