Hi Jarno,
We are trying to install openflow rules to get floating-ips working in OVN and have a question about DNAT action. When a DNAT action is committed, at what stage is the packets DIP actually modified. If there are rules in the pipeline after the DNAT action that try to match on the new DNAT address, those rules doesn't seem to match the packet. In a simple setup with following rules, the packets always match the 3rd rule. Is there a way to match on the DNAT IP after a DNAT action is committed. cookie=0x0, duration=726.320s, table=0, n_packets=2, n_bytes=196, idle_age=613, ip,in_port=1 actions=ct(commit,zone=1,nat(dst=10.1.1.2)),resubmit(,1) cookie=0x0, duration=674.391s, table=1, n_packets=0, n_bytes=0, idle_age=674, priority=100,ip,nw_dst=10.1.1.2 actions=output:2 cookie=0x0, duration=664.212s, table=1, n_packets=2, n_bytes=196, idle_age=613, priority=50,ip,nw_dst=10.1.1.64 actions=output:2 The use case we are trying to solve is to be able to look at the DNAT IP of a packet from a public network -> a floating IP and accordingly route the packet based on the virtual network the DNAT IP belongs to. Thanks, Chandra _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
