Even I successfully tested this before getting merged, I just hit some scenario where traffic goes to the gateway node. If we have logical port lp1 with a dnat_and_snat NAT rule to fip1 and from lp1 you ping fip1, the traffic is leaving the hypervisor to the gateway node and comes back to lp1.
I'd expect this traffic to be recirculated within the OVN bridge and not being pushed out through the localnet port. It may be a corner case but I believe it should be taken into account. What do you folks think? Cheers, Daniel On Tue, Apr 16, 2019 at 7:41 PM Ben Pfaff <b...@ovn.org> wrote: > > On Sat, Apr 06, 2019 at 05:42:52PM +0200, Lorenzo Bianconi wrote: > > When DVR is enabled FIP traffic need to be forwarded directly using > > external connection to the underlay network and not be distributed > > through geneve tunnels. > > Fix this adding new logical flows to take care of distributed DNAT/SNAT > > > > Acked-by: Mark Michelson <mmich...@redhat.com> > > Signed-off-by: Lorenzo Bianconi <lorenzo.bianc...@redhat.com> > > Thanks, applied to master. > _______________________________________________ > dev mailing list > d...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
