Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
External IP based NAT: NORTHD changes to use allowed/exempted externa…
…l ip This patch has northd changes which consumes allowed/exempted external ip configuration per NAT rule in logical flow. Allowed external ip range adds an additional match criteria in snat/dnat logical flow rules. For example, if an allowed_external_ip address set ("abcd") is configured for following NAT rule. TYPE EXTERNAL_IP LOGICAL_IP snat 10.15.24.135 50.0.0.10 Then logical flow will look like following: ..(lr_out_snat)...match=(ip && .... && ip4.dst == $abcd), action=(ct_snat(...);) Exempted external ip range adds an additional flow at priority+1 to bypass the NAT pipeline if external ip is in extempted external ip address set. For example, if the same NAT rule mentioned aboe has an exempted_external_ip address set ("efgh"), then logical flow will look like following: ..(lr_out_snat), priority=162...match=(ip && .... && ip4.dst == $efgh), action=(next;) ..(lr_out_snat), priority=161...match=(ip && ....), action=(ct_snat(10.15.24.135);) Signed-off-by: Ankur Sharma <ankur.sharma@nutanix.com> Signed-off-by: Numan Siddique <numans@ovn.org>
- Loading branch information
1 parent
20bc58a
commit fc79d69
Showing
3 changed files
with
380 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.