See my comments. SNAT and DNAT zones should be based on peer when sending the packet back around to ingress.
Mickey On Wed, Dec 7, 2016 at 10:46 AM, Ben Pfaff <b...@ovn.org> wrote: > On Wed, Dec 07, 2016 at 10:08:25AM -0800, Guru Shetty wrote: > > On 4 December 2016 at 23:17, Ben Pfaff <b...@ovn.org> wrote: > > > > > Until now, ovn-controller has implemented OVN logical patch ports and > > > l3gateway ports in terms of OVS patch ports. It is a hassle to create > and > > > destroy ports, and it is also wasteful compared to what the patch ports > > > actually buy us: the ability to "save and restore" a packet around a > > > recursive trip through the flow table. The "clone" action can do that > too, > > > without the need to create a port. This commit takes advantage of the > > > clone action for that purpose, getting rid of most of the patch ports > > > previously created by ovn-controller. > > > > > > Signed-off-by: Ben Pfaff <b...@ovn.org> > > > > > > > Though all the unit tests pass, all the system tests related to the > gateway > > fail. > > make check-kernel TESTSUITEFLAGS="-k ovn" > > Uh-oh. Is there something obviously wrong? > _______________________________________________ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev