Hi All My objective is to use fast failover using linux nat in OVS but before implementing that I am stuck in NAT(ip tables) issue.
I have one ovs bridge with 2 lan interface ( 1 virtual interface (ethlan)and one physical interface(eth1.4)) Also added 2 wan virtual interfaces to ovs bridge(ethwan1 and ethwan2) *Below is the bridge configuration:* LAN SIDE: ovs-vsctl add-port base ethlan tag=10 -- set interface ethlan type=internal ovs-vsctl add-port base eth1.4 tag=10 (Actual physical lan interface) WAN1 SIDE: ovs-vsctl add-port base ethwan1 tag=20 -- set interface ethwan1 type=internal WAN2 SIDE: ovs-vsctl add-port base ethwan2 tag=30 -- set interface ethwan2 type=internal IP addresss: ethlan -> 192.168.10.2 ethwan1 -> 192.168.10.4 eth2->10.1.10.2/24 eth3->10.1.20.2/24 I have 2 wan physical interfaces i.e. eth2 and eth3. Both of these interfaces are lying outside the ovs My linux nat iptables from ethwan1 to eth2 are not working .I am able to receive the packet from eth1.4 to ethwan1 but not further. *I am using below iptables:* # /sbin/iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE # /sbin/iptables -A FORWARD -i eth2 -o ethwan1 -m state --state RELATED,ESTABLISHED -j ACCEPT # /sbin/iptables -A FORWARD -i ethwan1 -o eth2 -j ACCEPT *I am using below openflows:* 1. ovs-ofctl -O OpenFlow13 add-flow base cookie=50000,priority=50000,actions=NORMAL ->To forward traffic from ethlan to ethwan1 2.ovs-ofctl -O OpenFlow13 add-flow base cookie=50001,priority=50001,ip,in_port=1,actions=output:2 Please advise Thanks Akshay _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
