Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-877

Implement NAT Standalone Service

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Normal Normal
    • FDP-25.A
    • None
    • OVN
    • 13
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide

      Given a NAT service is defined as a standalone service in the OVN system with its corresponding configurations (NAT type, direction, etc.) set in the NAT_Service table in the database, 

      When the OVN northd creates logical flows for each entry in the NAT_Service table and the ovn-controller ensures that conntrack zones are assigned for each local NAT service, 

      Then:

      • The system should correctly rewrite logical flows based on NAT changes and conntrack zones should only be allocated for local NAT services.
      • Traffic passing through the NAT service should have its addresses altered as expected.
      • NAT types such as dnat_and_snat should be restricted to ensure that unsupported configurations do not proceed.
      Show
      Given a NAT service is defined as a standalone service in the OVN system with its corresponding configurations (NAT type, direction, etc.) set in the NAT_Service table in the database,  When the OVN northd creates logical flows for each entry in the NAT_Service table and the ovn-controller ensures that conntrack zones are assigned for each local NAT service,  Then: The system should correctly rewrite logical flows based on NAT changes and conntrack zones should only be allocated for local NAT services. Traffic passing through the NAT service should have its addresses altered as expected. NAT types such as dnat_and_snat should be restricted to ensure that unsupported configurations do not proceed.
    • rhel-sst-network-fastdatapath
    • ssg_networking
    • FDP 25.A

      For reference on OVN composable services, please see this document: https://docs.google.com/document/d/1GMyxUJbqTaCxCx3hbEGSu6xMRDriMWUK1dKNFpSWlXo/edit

      For this task, you will implement NAT as a standalone service. Here is a basic rundown of the changes that are required:

      • Database schema changes
        • Add "NAT_Service" table
      • northd changes:
        • Create logical flows for each row in the NAT_Service table.
        • Use functions from FDP-856 to create southbound datapath bindings and port bindings for each row in NAT_Service
      • ovn-controller changes
        • Ensure that a conntrack zone is assigned for each local Datapath_Binding corresponding to a northd NAT_Service
      • Tests
        • Ensure that "dnat_and_snat" type is not allowed for NAT services.
        • Ensure that northd creates the expected logical flows for each NAT type/direction.
        • Ensure that changes to a configured NAT or NAT_Service results in logical flows being re-written.
        • Ensure that conntrack zones are allocated for local NAT services. Ensure that conntrack zones are not allocated if the NAT service is not local to the chassis.
        • Ensure that traffic that passes through NAT services have their addresses altered as expected.

              ovnteam@redhat.com OVN Team
              mmichelson Mark Michelson
              Jianlin Shi Jianlin Shi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: