hello, Activating the inside-nat causes a problem in policer-classify.
without Nat packet trace: ------------------------------------------------------------------------ Packet 100:06:53:080419: af-packet-input af_packet: hw_if_index 4 next-index 4 tpacket2_hdr: status 0x20000005 len 1514 snaplen 1514 mac 66 net 80 sec 0x5f71c76f nsec 0x1c5d00c8 vlan 0 vlan_tpid 000:06:53:080429: ethernet-input IP4: 00:00:00:aa:00:02 -> 02:fe:c4:69:5a:5900:06:53:080435: ip4-input TCP: 1.1.1.10 -> 2.1.1.10 tos 0x00, ttl 64, length 1500, checksum 0x29a4 dscp CS0 ecn NON_ECN fragment id 0x0663, flags DONT_FRAGMENT TCP: 35404 -> 5201 seq. 0x4fbf1c3c ack 0x1b20287d flags 0x10 ACK, tcp header: 32 bytes window 502, checksum 0xe98a00:06:53:080441: ip4-policer-classify POLICER_CLASSIFY: sw_if_index 4 next 1 table 0 offset 1200 policer_index 000:06:53:080448: ip4-lookup fib 0 dpo-idx 3 flow hash: 0x00000000 TCP: 1.1.1.10 -> 2.1.1.10 tos 0x00, ttl 64, length 1500, checksum 0x29a4 dscp CS0 ecn NON_ECN fragment id 0x0663, flags DONT_FRAGMENT TCP: 35404 -> 5201 seq. 0x4fbf1c3c ack 0x1b20287d flags 0x10 ACK, tcp header: 32 bytes window 502, checksum 0xe98a00:06:53:080453: ip4-rewrite tx_sw_if_index 2 dpo-idx 3 : ipv4 via 200.1.2.2 host-eth1: mtu:9000 next:3 02fe784ab87202fe7f15ebc10800 flow hash: 0x00000000 00000000: 02fe784ab87202fe7f15ebc10800450005dc066340003f062aa40101010a0201 00000020: 010a8a4c14514fbf1c3c1b20287d801001f6e98a00000101080a870f00:06:53:080456: host-eth1-output host-eth1 IP4: 02:fe:7f:15:eb:c1 -> 02:fe:78:4a:b8:72 TCP: 1.1.1.10 -> 2.1.1.10 tos 0x00, ttl 63, length 1500, checksum 0x2aa4 dscp CS0 ecn NON_ECN fragment id 0x0663, flags DONT_FRAGMENT TCP: 35404 -> 5201 seq. 0x4fbf1c3c ack 0x1b20287d flags 0x10 ACK, tcp header: 32 bytes window 502, checksum 0xe98a with Nat packet trace: ------------------------------------------------------------------------ Packet 100:04:01:900783: af-packet-input af_packet: hw_if_index 4 next-index 4 tpacket2_hdr: status 0x20000005 len 98 snaplen 98 mac 66 net 80 sec 0x5f71c6c4 nsec 0x11a39db4 vlan 0 vlan_tpid 000:04:01:900800: ethernet-input IP4: 00:00:00:aa:00:02 -> 02:fe:c4:69:5a:5900:04:01:900807: ip4-input ICMP: 1.1.1.10 -> 2.1.1.10 tos 0x00, ttl 64, length 84, checksum 0x195e dscp CS0 ecn NON_ECN fragment id 0x1c36, flags DONT_FRAGMENT ICMP echo_request checksum 0x2d1d00:04:01:900815: ip4-sv-reassembly-feature [not-fragmented]00:04:01:900836: nat44-in2out NAT44_IN2OUT_FAST_PATH: sw_if_index 4, next index 3, session -100:04:01:900840: nat44-in2out-slowpath NAT44_IN2OUT_SLOW_PATH: sw_if_index 4, next index 0, session -100:04:01:900852: ip4-lookup fib 0 dpo-idx 3 flow hash: 0x00000000 ICMP: 1.1.1.10 -> 2.1.1.10 tos 0x00, ttl 64, length 84, checksum 0x195e dscp CS0 ecn NON_ECN fragment id 0x1c36, flags DONT_FRAGMENT ICMP echo_request checksum 0x2d1d00:04:01:900859: ip4-rewrite tx_sw_if_index 2 dpo-idx 3 : ipv4 via 200.1.2.2 host-eth1: mtu:9000 next:3 02fe784ab87202fe7f15ebc10800 flow hash: 0x00000000 00000000: 02fe784ab87202fe7f15ebc10800450000541c3640003f011a5e0101010a0201 00000020: 010a08002d1d00340032c4c6715f00000000d183040000000000101100:04:01:900862: host-eth1-output host-eth1 IP4: 02:fe:7f:15:eb:c1 -> 02:fe:78:4a:b8:72 ICMP: 1.1.1.10 -> 2.1.1.10 tos 0x00, ttl 63, length 84, checksum 0x1a5e dscp CS0 ecn NON_ECN fragment id 0x1c36, flags DONT_FRAGMENT ICMP echo_request checksum 0x2d1d --------------------------------------- chezgi, abbas ali amnesh.ir
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#17557): https://lists.fd.io/g/vpp-dev/message/17557 Mute This Topic: https://lists.fd.io/mt/77179085/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
