Hello, Do we know if the same in/out interface for NAT in deterministic mode is supported in VPP? I am seeing a strange behavior where return traffic is not matching the session. For example, see session below where a DNS request is initially captured outbound to 8.8.8.8: http://jcm.me/session.txt
As you can see, this is recorded as 1.1.1.0:2325 for the outside translated IP/port: in 100.65.0.2:35573 out 1.1.1.0:2325 external host 8.8.8.8:53 state: udp-active expire: 869 When reply comes back from 8.8.8.8 though to 1.1.1.0:2325 the packet is dropped. I captured this in the trace: http://jcm.me/trace.txt The only thing I can think of here that may be a little odd with my setup is that I am using the same interface for inside and outside. See my VPP config below: jmoore@test:~$ cat /etc/vpp/setup.gate set interface ip address loop0 1.1.1.1/29 set interface state loop0 up set interface ip address GigabitEthernet3/0/0 172.16.30.250/24 set int nat44 in GigabitEthernet3/0/0 out GigabitEthernet3/0/0 nat44 deterministic add in 100.65.0.0/22 out 1.1.1.0/29 set interface state GigabitEthernet3/0/0 up ip route add 0.0.0.0/0 via 172.16.30.1 Any reason that the trace is showing the below? 00:09:23:047897: drop nat44-det-in2out: No translation
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#17593): https://lists.fd.io/g/vpp-dev/message/17593 Mute This Topic: https://lists.fd.io/mt/77203973/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
