Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

datapath tracing: report pre/post NAT address #31064

Open
julianwiedmann opened this issue Feb 29, 2024 · 1 comment
Open

datapath tracing: report pre/post NAT address #31064

julianwiedmann opened this issue Feb 29, 2024 · 1 comment
Labels
area/monitor Impacts monitoring, access logging, flow logging, visibility of datapath traffic. feature/egress-gateway Impacts the egress IP gateway feature. feature/snat Relates to SNAT or Masquerading of traffic kind/enhancement This would improve or streamline existing functionality. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/hubble Impacts hubble server or relay

Comments

@julianwiedmann
Copy link
Member

Background
#9321 introduced the notion of an OrigIP into datapath trace events. Initially this was intended to report the original SourceIP of a service reply, after it has been RevDNATed.

With #28723 we now also use the OrigIP in the outbound SNAT path, to report the packet's original SourceIP (eg. the pod's IP), after it has been SNATed.

Proposal
What's still missing is to report the original DestIP from the inbound RevSNAT path.

Open questions

  • should this be a new field (OrigDestIP) in the trace event? Or can we overload OrigIP, along with a flag that indicates whether OrigIP is the source/dest? What about trace events for packets that have been DNATed and SNATed?
@julianwiedmann julianwiedmann added sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. area/monitor Impacts monitoring, access logging, flow logging, visibility of datapath traffic. feature/snat Relates to SNAT or Masquerading of traffic kind/enhancement This would improve or streamline existing functionality. labels Feb 29, 2024
@joestringer joestringer added the sig/hubble Impacts hubble server or relay label Feb 29, 2024
@julianwiedmann julianwiedmann added the feature/egress-gateway Impacts the egress IP gateway feature. label Mar 1, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented May 1, 2024

This issue has been automatically marked as stale because it has not
had recent activity. It will be closed if no further activity occurs.

@github-actions github-actions bot added the stale The stale bot thinks this issue is old. Add "pinned" label to prevent this from becoming stale. label May 1, 2024
@julianwiedmann julianwiedmann added pinned These issues are not marked stale by our issue bot. and removed stale The stale bot thinks this issue is old. Add "pinned" label to prevent this from becoming stale. labels May 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/monitor Impacts monitoring, access logging, flow logging, visibility of datapath traffic. feature/egress-gateway Impacts the egress IP gateway feature. feature/snat Relates to SNAT or Masquerading of traffic kind/enhancement This would improve or streamline existing functionality. pinned These issues are not marked stale by our issue bot. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/hubble Impacts hubble server or relay
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joestringer @julianwiedmann