Hi, I have two questions about stateful. First, why stateful implementation of NAT and ACL are independent? Was there any logic behind this? As it is expected that both ACL and NAT plugins use the same connection tracking code base or platform.
Second, Should we define an acl in both directions even if we are configuring stateful acl using "permit+reflect"? Or if I have a "permit+reflect" acl in one direction, can I expect the response packets to be also permitted? Regards,
_______________________________________________ vpp-dev mailing list vpp-dev@lists.fd.io https://lists.fd.io/mailman/listinfo/vpp-dev