Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-448

Nested routers do not SNAT external network traffic

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Undefined Undefined
    • None
    • None
    • ovn24.03
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      This request is coming from [1].

      The traffic from a nested router is not SNATed to the external network upper router. The environment is the following:

      • Three networks. Two networks are tenant network (net1, net2), the third one is an external network (public).
      • Two routers:
        • r2 (inner router) has two interfaces, one to "net1" and another one to "net2".
        • r1 (outer router) connected to "net1" and an external gw interface connected to "public"
      • A vm connected to the inner network "net2"

      A diagram of the deployment [2].

      The following routes have been added:

      • r1 (outer): destination=10.20.0.0/24,gateway=10.10.0.10 (destination: subnet "net2", gw: r2 net1 port)
      • r2 (inner): destination=0.0.0.0/0,gateway=10.10.0.1 (destination: default route, gw: r1 net1 port)

      The VM can ping to the external router GW port IP (10.218.0.221) but cannot ping to internet (cannot ping to 8.8.8.8, for example).

      Attached in [3] are the following tables:

      • logical router
      • logical router port
      • logical router static route
      • nat

      [1]https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/2051935

      [2]https://docs.google.com/presentation/d/1IR1XAb5dy3bsZsWKLome0blO9INyJ33D_6WXyA1O5GU/edit?usp=sharing

      [3]https://paste.opendev.org/show/bwxuR55rW5UGr2wW1L1P/

       

            ovnteam@redhat.com OVN Team
            rodolfo_alonso Rodolfo Alonso
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: