[ovs-dev] [PATCH] datapath-windows: Do not modify port field for ICMP during SNAT/DNAT

Shashank Ram rams at vmware.com
Fri Aug 11 04:39:55 UTC 2017


________________________________________
From: ovs-dev-bounces at openvswitch.org <ovs-dev-bounces at openvswitch.org> on behalf of Anand Kumar <kumaranand at vmware.com>
Sent: Thursday, August 10, 2017 8:59 PM
To: dev at openvswitch.org
Subject: [ovs-dev] [PATCH] datapath-windows: Do not modify port field for       ICMP during SNAT/DNAT

During SNAT/DNAT, we should not be updating the port field of ct_endpoint
struct, as ICMP packets do not have port information. Since port and
icmp_id are overlapped in ct_endpoint struct, icmp_id gets changed.
As a result, NAT look up fails to find a matching entry.

This patch addresses this issue by not modifying icmp_id field during
SNAT/DNAT only for ICMP traffic

The current NAT module doesn't take the ICMP type/id/code into account
during the lookups. Fix this to make it similar with the other conntrack
module.

Signed-off-by: Anand Kumar <kumaranand at vmware.com>
_______________________________________________

Acked-by: Shashank Ram <rams at vmware.com>


More information about the dev mailing list