Hi Numan, thanks for the answers! Regards, Vladislav Odintsov
On 14 Sep 2021, at 21:38, Numan Siddique <num...@ovn.org<mailto:num...@ovn.org>> wrote: On Thu, Sep 9, 2021 at 11:56 AM Odintsov Vladislav <vlodint...@croc.ru<mailto:vlodint...@croc.ru>> wrote: Hi, There are some questions about NAT in OVN from me. 1. Is there any documentation about how GARP works in OVN with localnet ports? I see GARPs sending when new network is configured on the associated router port (ovn-nbctl set logical-router-port <lrp> networks="<ip1> <ip2>") Can you please see ovn-nb man page and grep for "nat-addresses" - https://www.ovn.org/support/dist-docs/ovn-nb.5.html Ah. Its pretty comprehensive docs about that, I just couldn’t find it. Some questions here. I haven’t found this in docs, but seen in practice: OVN sends one GARP (who has <IP1> from <IP1>), when a new NAT entry is added to the edge router: Is it true that it sends only one packet only while adding? Or there is more complex logic here? Is packets count a tunable? 2. I’m wonder if GARP should be sent when a new dnat_and_snat rule is added to the edge LR. We’ve got cases, where in centralised topology administrator can reschedule chassis for 1:1 outgoing traffic. In my understanding it’s just enough to set new gateway chassis to wan logical router port and remove an old one. So, CR lrp is moved to another chassis and should sent GARP to notify upstream switches to update FDB. In my tests this is not executed, but may be I’m configured something wrong. If you configure nat-addresses=router for the logical switch port of type router (connecting to the router port), then ovn-controller will send GARPs for NAT entries. Obviously the logical switch would be also having a localnet port. ovn-controller will generate GARPs and send them out via the patch ports connecting the br-int to the provider bridge. This is what the man page says ---- Options for router ports: These options apply when type is router. options : router-port: optional string Required. The name of the Logical_Router_Port to which this log‐ ical switch port is connected. options : nat-addresses: optional string This is used to send gratuitous ARPs for SNAT and DNAT IP addresses via the localnet port that is attached to the same logical switch as this type router port. This option is speci‐ fied on a logical switch port that is connected to a gateway router, or a logical switch port that is connected to a distrib‐ uted gateway port on a logical router. This must take one of the following forms: router Gratuitous ARPs will be sent for all SNAT and DNAT exter‐ nal IP addresses and for all load balancer IP addresses defined on the options:router-port’s logical router, using the options:router-port’s MAC address. This form of options:nat-addresses is valid for logical switch ports where options:router-port is the name of a port on a gateway router, or the name of a distributed gateway port. Supported only in OVN 2.8 and later. Earlier versions required NAT addresses to be manually synchronized. Ethernet address followed by one or more IPv4 addresses Example: 80:fa:5b:06:72:b7 158.36.44.22 158.36.44.24. This would result in generation of gratuitous ARPs for IP addresses 158.36.44.22 and 158.36.44.24 with a MAC address of 80:fa:5b:06:72:b7. This form of options:nat-addresses is only valid for log‐ ical switch ports where options:router-port is the name of a port on a gateway router. ------- 3. Do I need to configure an IP address to be an LRP network address for each NAT 1:1 entry? I didn't understand this question completely. Which column of NAT table are you referring to here ? "logical_ip" column or "external_ip" column ? Don’tpay attention :) This question is not actual after reading manpage. Thanks Numan Currently I have on wan port only one IP /32 and configured 0.0.0.0/0 route via default GW with output_port set to LR’s wan port. Thanks. Regards, Vladislav Odintsov _______________________________________________ discuss mailing list disc...@openvswitch.org<mailto:disc...@openvswitch.org> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
