I read the code and find this
datapath/conntrack.c : 982
if (info->nat && !(key->ct_state & OVS_CS_F_NAT_MASK) &&
(nf_ct_is_confirmed(ct) || info->commit) &&
ovs_ct_nat(net, key, info, skb, ct, ctinfo) != NF_ACCEPT) {
return -EINVAL;
}
I think this may be the reason of that problem
the pipiline is nat-->imcp reply-->nat
the first nat set the ct_state, so the second nat do not execute
am i right?
在 2017/6/2 1:14, Mickey Spiegel 写道:
On Thu, Jun 1, 2017 at 4:28 AM, 钢锁0918 <l...@dtdream.com
<mailto:l...@dtdream.com>> wrote:
that is for this problem[ovs-dev] [ovs-discuss] ovn: unsnat
handling error for Distributed
Gatewayhttps://mail.openvswitch.org/pipermail/ovs-dev/2017-April/330536.html
<http://mail.openvswitch.org/pipermail/ovs-dev/2017-April/330536.html>
I don't understand why this workaround is a good thing. In theory, all
pings should succeed. The point of the ping is to test the datapath
with an actual packet, to make sure that things work. Replying to the
ping when you have gone less than half way to the endpoint seems to me
to defeat the purpose.
Mickey
*****RTFSC*****
------------------------------------------------------------------发件人:Ben
Pfaff <b...@ovn.org <mailto:b...@ovn.org>>发送时间:2017年6月1日(星期四)
07:32收件人:钢锁0918 <l...@dtdream.com
<mailto:l...@dtdream.com>>抄 送:dev <d...@openvswitch.org
<mailto:d...@openvswitch.org>>主 题:Re: [ovs-dev] [PATCH] ovn-northd:
Add logical flows to reply ICMP echo requests for all the other
router ports connected to one switch
I don't understand this yet. The OVN logical router already has logic
to reply to ICMP requests. Can you add some more explanation to the
commit message?
_______________________________________________
dev mailing list
d...@openvswitch.org <mailto:d...@openvswitch.org>
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
