1997711 – Add support for SNAT/DNAT in same ct action

Bug 1997711 - Add support for SNAT/DNAT in same ct action

Summary: Add support for SNAT/DNAT in same ct action

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux Fast Datapath
Classification:	Red Hat
Component:	openvswitch
Sub Component:
Version:	RHEL 8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Aaron Conole
QA Contact:	Jiying Qiu
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-08-25 16:42 UTC by Tim Rozet
Modified:	2023-07-13 07:25 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	FD-1508	0	None	None	None	2021-08-26 00:42:16 UTC

Description Tim Rozet 2021-08-25 16:42:52 UTC

Description of problem:
Currently with OVS, a ct action may only take a single nat operation (snat or dnat), but conntrack supports doing both. We should be able to add support in the ct action to have both. Currently:

[trozet@fedora ~]$ sudo ovs-ofctl add-flow br-ex 'ip,action=ct(commit,zone=1,nat(src=10.1.1.1,dst=11.1.1.1))'
ovs-ofctl: May only specify one of "src" or "dst".

Comment 1 Aaron Conole 2021-08-25 16:44:39 UTC

For sure this is possible to do from DP side.  I will investigate from the OpenFlow side.

After looking, it doesn't seem like ct() action is part of openflow 
proper (so it's a nicira extension).

Note You need to log in before you can comment on or make changes to this bug.