[ovs-dev] Port based SNAT support

Ritesh Rekhi ritesh.rekhi at nutanix.com
Tue Nov 7 02:53:32 UTC 2017


Hi Guru,

Thx for the reply , load balancer can change the dest port if directed to a single ip.

The use case we are looking for is PAT where a whole subnet can go to internet using same IP .

Thx
Ritesh

Sent from my iPhone

On Nov 6, 2017, at 5:56 PM, Guru Shetty <guru at ovn.org<mailto:guru at ovn.org>> wrote:

You can use load-balancer with a single destination to achieve port NAtting.

On 6 November 2017 at 16:39, Manoj Sharma <manoj.sharma at nutanix.com<mailto:manoj.sharma at nutanix.com>> wrote:
Hi Guru, Mickey,

Does OVN currently support PORT based SNAT?  By looking at the code in ovn/lib/actions.c, it seems to be doing only IP based NAT.
Can you please confirm?

This is the NAT table entry:

ovn-nbctl lr-nat-list R1

TYPE             EXTERNAL_IP        LOGICAL_IP            EXTERNAL_MAC         LOGICAL_PORT
snat             public_ip      192.168.1.0/24<https://urldefense.proofpoint.com/v2/url?u=http-3A__192.168.1.0_24&d=DwMFaQ&c=s883GpUCOChKOHiocYtGcg&r=tS71hH9ZpgeYuaCp3UYeWhphNUWUM294zNruMiZ86oA&m=MhrEKKl6awcvFeJUEtRr9oLd3f74WvM1H-28zF00BCM&s=j2p_B4NvYyNR4YDDV-vQSn997P7OtyALvQoKeBpjfoM&e=>

When a VM in subnet 192.168.1.0/24<https://urldefense.proofpoint.com/v2/url?u=http-3A__192.168.1.0_24&d=DwMFaQ&c=s883GpUCOChKOHiocYtGcg&r=tS71hH9ZpgeYuaCp3UYeWhphNUWUM294zNruMiZ86oA&m=MhrEKKl6awcvFeJUEtRr9oLd3f74WvM1H-28zF00BCM&s=j2p_B4NvYyNR4YDDV-vQSn997P7OtyALvQoKeBpjfoM&e=> sends traffic to physical network, the source IP is getting translated to the “public_ip” but source port is left unchanged.

Thanks
Manoj



More information about the dev mailing list