Hi all!
I have a problem when SNAT enable on VPP side.
"Machine A" 1.1.2.10/24 with default route 10.2.1.1"VPP host" (linux machine)
1.1.1.10/24 with static route 1.1.2.0/24 via 1.1.1.1On VPP side
GigabitEthernet2/0/0 with ip 1.1.2.1/24 looking to Machine "A", tap-0 with ip
1.1.1.1/24 looking to "VPP host", and GigabitEthernet2/0/1.871 with 2.2.2.2/24
looking to Internet
# cat /etc/vpp/startup.conf
unix {
nodaemon
log /tmp/vpp.log
full-coredump
cli-listen localhost:5002
exec /etc/vpp/111
}
dpdk {
dev 0000:02:00.0
dev 0000:02:00.1
}
snat {
translation hash buckets 20971520
translation hash memory 1073741824
user hash buckets 12288
user hash memory 20971520
max translations per user 50000
}
api-trace {
on
}
api-segment {
gid vpp
}
# cat /etc/vpp/111
create sub-interfaces GigabitEthernet2/0/1 871
set int state GigabitEthernet2/0/1 up
set int state GigabitEthernet2/0/0 up
set int state GigabitEthernet2/0/1.871 up
set int ip address GigabitEthernet2/0/1.871 2.2.2.2/24
set int ip address GigabitEthernet2/0/0 1.1.2.1/24
set int snat out GigabitEthernet2/0/1.871
ip route add 0.0.0.0/0 via 2.2.2.1 GigabitEthernet2/0/1.871
set int snat in GigabitEthernet2/0/0 out GigabitEthernet2/0/1.871
snat add address 2.2.2.3
tap connect vppctl
set int state tap-0 up
set int ip address tap-0 1.1.1.1/24
With this configuration SNAT working very good from Machine A, but i cannot
ping from Machine A (1.1.2.10) to VPP host (1.1.1.10).When i delete only one
rule set int snat in GigabitEthernet2/0/0 out GigabitEthernet2/0/1.871 then i
can ping VPP host, but SNAT lost.
How to get working both SNAT and SSH via tap device?I can send additional
information if needed.
Thank you for your help!
--
Yours sincerely,
Denis Lotarev_______________________________________________
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev
