On 24 April 2017 at 18:49, Hexin Wang <[email protected]> wrote:
> If I were to qualify the NAT action based on some route lookup instead of > outport, is there any bit/register available for me to carry the nat > decision down in the pipeline? > I think I no longer understand what we are talking about. It is very easy to miss context when writing. It looks like, you are a little more familiar now with what OVN supports. And it is likely that you want to do something else. ovn-nb is a database. There are details in 'man ovn-nb'. It currently lets users add NAT rules on a router. It also lets users add static routes on a router to decide where to send the packet next. ovn-nbctl has a few shortcut commands like lr-nat-add for common cases. But, there are also the basic database commands where you can create/set/remove/.. database entries anyway you like. So please try again to frame your question without depending on previous mails for context. With a clear example. > > Thanks. > > Hexin > > From: <[email protected]> on behalf of Hexin Wang > Date: Monday, April 24, 2017 at 2:57 PM > To: Guru Shetty > > Cc: "[email protected]" > Subject: Re: [ovs-discuss] OVN knob to control floating IP NAT action > > Hi Guru, > > Thanks. You probably referred to the unit test "ovn -- DNAT and SNAT on > distributed router - E/W" in tests/system-ovn.at? Is there anyway for me > to configure route based dnat_and_snat from ovn-nbctl? Specifically can I > qualify the following command with some prefix routes? > > ovn-nbctl lr-nat-add R1 dnat_and_snat <public_ip> <private_ip> <lsp> > <mac> > > Or maybe there is another way to achieve the same functionality? > > Regards, > > Hexin > > From: Guru Shetty > Date: Monday, April 24, 2017 at 12:44 PM > To: Hexin Wang > Cc: "[email protected]" > Subject: Re: [ovs-discuss] OVN knob to control floating IP NAT action > > > > On 24 April 2017 at 11:39, Hexin Wang <[email protected]> wrote: > >> Hi Guru, >> >> Let me try with the following use cases. >> 1. No floating IP is used for east-west routing traffic. >> E.g. VM1 <-> VM2: Private IPs are used. No NAT applied. >> >> 2. Floating IP is used for south-north default route to internet traffic. >> E.g. VM originated internet traffic: SNAT is applied to change source IP >> to floating IP. UNSNAT is applied to change destination IP back to private >> IP. >> >> Yes. There are examples in tests/system-traffic.at > > > >> Thanks. >> >> Hexin >> >> From: Guru Shetty >> Date: Monday, April 24, 2017 at 11:34 AM >> To: Hexin Wang >> Cc: "[email protected]" >> Subject: Re: [ovs-discuss] OVN knob to control floating IP NAT action >> >> >> >> On 24 April 2017 at 11:31, Hexin Wang <[email protected]> wrote: >> >>> Hi, >>> >>> Is there any knob in OVN to control when floating IP will be applied in >>> the distributed NAT? Specifically: >>> >>> 1. If the destination IP is part of some private layer3 domain, the >>> usual private IP is used to to reach the destination in the private >>> layer3 >>> domain. >>> 2. If the destination IP is not part of the private layer3 domain >>> but part of the public layer3 domain, the public IP (I.e. Floating IP) is >>> used to replace the private IP address of the source packet. >>> >>> I don't understand what you mean above. Please re-phrase with the >> direction of the packet. >> >> >>> Does OVN support this behavior today? >>> >>> Thanks. >>> >>> Hexin >>> >>> _______________________________________________ >>> discuss mailing list >>> [email protected] >>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >>> >>> >> >
_______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
