We hit this problem a while ago and reported it here: https://bugzilla.redhat.com/show_bug.cgi?id=1906455
On Mon, Feb 20, 2023 at 9:56 AM Plato, Michael via discuss < [email protected]> wrote: > Hello, > > > > we have a problem with ovn in connection with neutron dynamic routing > (which is now supported with ovn). We can announce our internal networks > via BGP and the VMs in this network can also be reached directly without > nat. > > But if we attach a public floating ip to the internal self service network > ip, we have some strange effects. The VM can still be reached via ping with > both ips. But SSH for example only works via floating ip. I did some > network traces and found that the return traffic is being natted even > though no nat was applied on incoming way. From my point of view we need a > conntrack marker which identifies traffic which was d-natted on incoming > way and s-nat only those traffic on return way. Is it possible to implement > something like this to fully support ovn with BGP announced networks which > are directly reachable via routing? > > > > Thanks for reply and best regards! > > > > Michael > _______________________________________________ > discuss mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-discuss > -- LUIS TOMÁS BOLÍVAR Principal Software Engineer Red Hat Madrid, Spain [email protected]
_______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
