If I were to qualify the NAT action based on some route lookup instead of outport, is there any bit/register available for me to carry the nat decision down in the pipeline?
Thanks. Hexin From: <ovs-discuss-boun...@openvswitch.org<mailto:ovs-discuss-boun...@openvswitch.org>> on behalf of Hexin Wang Date: Monday, April 24, 2017 at 2:57 PM To: Guru Shetty Cc: "ovs-discuss@openvswitch.org<mailto:ovs-discuss@openvswitch.org>" Subject: Re: [ovs-discuss] OVN knob to control floating IP NAT action Hi Guru, Thanks. You probably referred to the unit test "ovn -- DNAT and SNAT on distributed router - E/W" in tests/system-ovn.at? Is there anyway for me to configure route based dnat_and_snat from ovn-nbctl? Specifically can I qualify the following command with some prefix routes? ovn-nbctl lr-nat-add R1 dnat_and_snat <public_ip> <private_ip> <lsp> <mac> Or maybe there is another way to achieve the same functionality? Regards, Hexin From: Guru Shetty Date: Monday, April 24, 2017 at 12:44 PM To: Hexin Wang Cc: "ovs-discuss@openvswitch.org<mailto:ovs-discuss@openvswitch.org>" Subject: Re: [ovs-discuss] OVN knob to control floating IP NAT action On 24 April 2017 at 11:39, Hexin Wang <hexin.w...@nutanix.com<mailto:hexin.w...@nutanix.com>> wrote: Hi Guru, Let me try with the following use cases. 1. No floating IP is used for east-west routing traffic. E.g. VM1 <-> VM2: Private IPs are used. No NAT applied. 2. Floating IP is used for south-north default route to internet traffic. E.g. VM originated internet traffic: SNAT is applied to change source IP to floating IP. UNSNAT is applied to change destination IP back to private IP. Yes. There are examples in tests/system-traffic.at<http://system-traffic.at> Thanks. Hexin From: Guru Shetty Date: Monday, April 24, 2017 at 11:34 AM To: Hexin Wang Cc: "ovs-discuss@openvswitch.org<mailto:ovs-discuss@openvswitch.org>" Subject: Re: [ovs-discuss] OVN knob to control floating IP NAT action On 24 April 2017 at 11:31, Hexin Wang <hexin.w...@nutanix.com<mailto:hexin.w...@nutanix.com>> wrote: Hi, Is there any knob in OVN to control when floating IP will be applied in the distributed NAT? Specifically: 1. If the destination IP is part of some private layer3 domain, the usual private IP is used to to reach the destination in the private layer3 domain. 2. If the destination IP is not part of the private layer3 domain but part of the public layer3 domain, the public IP (I.e. Floating IP) is used to replace the private IP address of the source packet. I don't understand what you mean above. Please re-phrase with the direction of the packet. Does OVN support this behavior today? Thanks. Hexin _______________________________________________ discuss mailing list disc...@openvswitch.org<mailto:disc...@openvswitch.org> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
