The NAT plugin is tossing vxlan out-to-in packets. You’ll get different results
if you add a static mapping for (UDP, 4789) packets - maybe not the desired
result, but at least a different result...
D.
From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of
wangchuan...@163.com
Sent: Monday, October 29, 2018 4:13 AM
To: vpp-dev <vpp-dev@lists.fd.io>
Subject: [vpp-dev] NAT44 && vxlan tunnel conflict
Hi all,
I want to login PC1 through SSH2 where vpp is running, and the VPP is used
as the VXLAN translate center(only 1 ip).
However, I found some error!
Data from vxlan tunnel 1 were dropped, which should be decaped at one
vxlan-tunnel-1 and transmited out from vxlan-tunnel-2.
How can I achieve my goal?
Help please!
#####REMARK######
SSH: 172.16.4.3 ----(SSH2)---- 172.16.4.2 ----(NAT44)--- 192.168.120.2
VXLAN: 172.16.4.177 ----(vxlan)---- 172.16.4.2 ---- (NAT44) --
drop
( desired: vxlan-decap -> br -> vxlan-encap ->
TenGigabitEthernet6/0/0-tx )
trace:
00:31:35:400543: dpdk-input
TenGigabitEthernet6/0/0 rx queue 0
buffer 0x12c31: current data 14, length 164, free-list 0, clone-count 0,
totlen-nifb 0, trace 0x0
ext-hdr-valid
l4-cksum-computed l4-cksum-correct l2-hdr-offset 0
l3-hdr-offset 14
PKT MBUF: port 0, nb_segs 1, pkt_len 178
buf_len 2176, data_len 178, ol_flags 0x180, data_off 128, phys_addr
0x708b0cc0
packet_type 0x211 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0
Packet Offload Flags
PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid
Packet Types
RTE_PTYPE_L2_ETHER (0x0001) Ethernet packet
RTE_PTYPE_L3_IPV4 (0x0010) IPv4 packet without extension headers
RTE_PTYPE_L4_UDP (0x0200) UDP packet
IP4: 00:25:7c:30:05:ec -> 00:a0:c9:00:00:00
UDP: 172.16.4.177 -> 172.16.4.2
tos 0x00, ttl 64, length 164, checksum 0x4902
fragment id 0x1743, flags DONT_FRAGMENT
UDP: 4789 -> 4789
length 144, checksum 0x5ceb
00:31:35:400565: ip4-input-no-checksum
UDP: 172.16.4.177 -> 172.16.4.2
tos 0x00, ttl 64, length 164, checksum 0x4902
fragment id 0x1743, flags DONT_FRAGMENT
UDP: 4789 -> 4789
length 144, checksum 0x5ceb
00:31:35:400581: nat44-out2in
NAT44_OUT2IN: sw_if_index 1, next index 0, session index -1
00:31:35:400596: error-drop
nat44-out2in: No translation
****configure cmd line*************
set int state TenGigabitEthernet6/0/0 up
set int ip addr TenGigabitEthernet6/0/0 172.16.4.2/24
create bridge-domain 9999 learn 1 forward 1 uu-flood 1 flood 1 arp-term 1
loopback create
set int l2 bridge loop0 9999 bvi
set int ip address loop0 192.168.120.1/24
set int state loop0 up
tap connect tapOS address 192.168.120.2/24
set int l2 bridge tapcli-0 9999
set int state tapcli-0 up
create vxlan tunnel src 172.16.4.2 dst 172.16.4.177 vni 100
set interface l2 bridge vxlan_tunnel0 9999
create vxlan tunnel src 172.16.4.2 dst 172.16.4.188 vni 100
set interface l2 bridge vxlan_tunnel0 9999
nat44 add interface address TenGigabitEthernet6/0/0
set interface nat44 in loop0 out TenGigabitEthernet6/0/0
nat44 add static mapping local 192.168.120.2 22 external
TenGigabitEthernet6/0/0 22 tcp
________________________________
wangchuan...@163.com<mailto:wangchuan...@163.com>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#11016): https://lists.fd.io/g/vpp-dev/message/11016
Mute This Topic: https://lists.fd.io/mt/27779539/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
