[ovs-discuss] OpenVswitch and iptables DNAT : problems
ben42ml at gmail.com
Wed Apr 13 14:16:42 UTC 2011
I've got a problème with openVswitch and iptables/DNAT
On an hypervisor with openvswitch, I have two VM. One of this VM is a linux
firewall and the other a web server.
The network topology is simble :
== LAN ==
| LAN IP : 10.x.x.x
| Pv IP : 192.168.7.1
| Pv IP : 192.168.7.10
So I've done simple rules on the firewall to DNAT the port 80 to the
When I try to connect to the LAN IP on port 80, the connection is really
slow, about some octet/s.
With tcpdump, i saw that lot's of Retransmission of tcp packets (missing
ack). Some packets are in state "Tcp segment of a reassembled pdu".
I've check the IP configuration, routing configuration on the Vm, and vlan
configuration on openvswitch. Didn't see any missconfiguration ...
Have you experiment DNAT with openVswitch ? any drawback ? any idea ?
Sofware version :
openvswitch : 1.0.3
I will work to have 1.1 up and ready but i've no time to do it for now ...
Thank you in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the discuss