Message ID | 1594254291-90069-1-git-send-email-svc.mail.git@nutanix.com |
---|---|
Headers | show |
Series | External IP based NAT | expand |
On Thu, Jul 9, 2020 at 5:55 AM Ankur Sharma <svc.mail.git@nutanix.com> wrote: > Another term for this feature is destination based NAT, > especially in the context of SNAT. > > Current NAT implementation is OVN endpoint ip based. > For example, > > # ovn-nbctl lr-nat-list router > TYPE EXTERNAL_IP LOGICAL_IP > snat 10.15.24.135 50.0.0.0/24 > > # ovn-nbctl lr-route-list router > IPv4 Routes > 0.0.0.0/0 10.15.24.1 dst-ip > > Above configuration implies that anytime packet from > 50.0.0.0/24 leaves logical router space (through default route), > then it will be NATed. > > Similarly, if we remove the NAT rule, then packet from > 50.0.0.0/24 leaves logical router space, without any NAT. > > i.e as of now in OVN, NAT/NON-NAT based communication from an endpoint > with external ips is mutually exclusive. This feature allows > external ips to be specified in NAT rule so that we can decide > which external ips we want to apply a rule on. That ways a given > source ip can talk to external ips with NAT and without NAT as well. > > One of the key usecases for this feature if a logical router has > to talk to endpoints outside the logical router space (i.e NS traffic), > but we dont have to do NAT for all the external endpoints. > i.e logical router is peered to (some) external subnets, and non > overlapping ips between logical router and external subnet > space are ensured. > > Ankur Sharma (2): > External IP based NAT: Add Columns and CLI > External IP based NAT: NORTHD changes to use applied/exempted external > Hi Ankur, Can you please rebase these patches and submit v4 ? These patches don't apply on top of the master. Thanks Numan > ip > > northd/ovn-northd.c | 61 ++++++++++++++++++++++++ > ovn-nb.ovsschema | 14 +++++- > ovn-nb.xml | 35 ++++++++++++++ > tests/ovn-nbctl.at | 44 ++++++++++++++++- > tests/ovn-northd.at | 127 > ++++++++++++++++++++++++++++++++++++++++++++++++++ > utilities/ovn-nbctl.c | 116 ++++++++++++++++++++++++++++++++++++++++++++- > 6 files changed, 393 insertions(+), 4 deletions(-) > > -- > 1.8.3.1 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > >
Hi Numan, Just submitted V4. Appreciate your feedback. Regards, Ankur