Try to avoid running out of memory on NAT reset

Before, when resetting the NAT table to handle an out-of-memory condition we tried to allocate the new table while still holding the reference to the old one. It should be more reliable to drop the old reference first. Log showed: 2016-01-31 19:33.47: INF [firewall] added NAT redirect 10.137.3.12:32860 -> 53:firewall:52517 -> 53:net-vm 2016-01-31 19:33.52: WRN [firewall] Out_of_memory adding NAT rule. Dropping NAT table... --- End dump --- Fatal error: exception Out of memory Raised by primitive operation at file "hashtbl.ml", line 63, characters 52-70 Called from file "router.ml", line 47, characters 11-30 Called from file "src/core/lwt.ml", line 907, characters 20-24 Mirage exiting with status 2 Do_exit called!
2024-07-01 08:31:18 +00:00 · 2016-01-31 21:01:52 +00:00 · 2016-01-31 21:01:52 +00:00 · 62aec06be9
commit 62aec06be9
parent 26adeee1da
1 changed files with 7 additions and 1 deletions
--- a/router.ml
+++ b/router.ml
@ -43,5 +43,11 @@ let resolve t = function
  | `NetVM -> Ipaddr.V4 t.uplink#other_ip
  | #Client_eth.host as host -> Client_eth.resolve t.client_eth host

+(* To avoid needing to allocate a new NAT table when we've run out of
+   memory, pre-allocate the new one ahead of time. *)
+let next_nat = ref (Nat_lookup.empty ())
 let reset t =
-  t.nat <- Nat_lookup.empty ()
+  t.nat <- !next_nat;
+  (* (at this point, the big old NAT table can be GC'd, so allocating
+     a new one should be OK) *)
+  next_nat := Nat_lookup.empty ()