Hi All:
I want to use VPP NAT plugin as a typical SNAT .
(1.1.1.0/24)pkt_gen(2.2.2.1)|----| (2.2.2.2)VPP(3.3.3.2)|----|(3.3.3.1)target|
the configuration of VPP is below:
vppctl set interface state TenGigabitEthernet81/0/0 up
vppctl set interface state TenGigabitEthernet81/0/1 up
vppctl set interface ip addr TenGigabitEthernet81/0/0 2.2.2.2/24
vppctl set interface ip addr TenGigabitEthernet81/0/1 3.3.3.2/24
vppctl set interface nat44 in TenGigabitEthernet81/0/0 out
TenGigabitEthernet81/0/1
vppctl ip route add 0.0.0.0/0 via 3.3.3.1
vppctl ip route add 1.1.1.0/24 via 2.2.2.1
vppctl nat44 add address 3.3.3.5
vppctl nat44 add address 3.3.3.4
vppctl nat44 add address 3.3.3.3
it works well when I use one test-server with IP 1.1.1.10 to ping 3.3.3.1;
[@node2 ~]$ ping 3.3.3.1
PING 3.3.3.1 (3.3.3.1) 56(84) bytes of data.
64 bytes from 3.3.3.1: icmp_seq=1 ttl=252 time=1.22 ms
64 bytes from 3.3.3.1: icmp_seq=2 ttl=252 time=0.693 ms
64 bytes from 3.3.3.1: icmp_seq=3 ttl=252 time=0.949 ms
64 bytes from 3.3.3.1: icmp_seq=4 ttl=252 time=1.46 ms
64 bytes from 3.3.3.1: icmp_seq=5 ttl=252 time=1.21 ms
64 bytes from 3.3.3.1: icmp_seq=6 ttl=252 time=0.578 ms
64 bytes from 3.3.3.1: icmp_seq=7 ttl=252 time=0.701 ms
but if use pkt_gen to generate some packet with a low rate(100pps); the NAT
does not work, AND I even can not ping the IP on VPP interface;
the show nat44 detail result;
vpp# show nat44 detail
NAT plugin mode: dynamic translations enabled
TenGigabitEthernet81/0/0 in
TenGigabitEthernet81/0/1 out
3.3.3.5
tenant VRF independent
0 busy udp ports
315 busy tcp ports
1 busy icmp ports
3.3.3.6
tenant VRF independent
0 busy udp ports
0 busy tcp ports
0 busy icmp ports
3.3.3.7
tenant VRF independent
0 busy udp ports
0 busy tcp ports
0 busy icmp ports
3.3.3.8
tenant VRF independent
0 busy udp ports
0 busy tcp ports
0 busy icmp ports
3.3.3.9
tenant VRF independent
0 busy udp ports
0 busy tcp ports
0 busy icmp ports
4 workers
vpp_wk_0
vpp_wk_1
vpp_wk_2
vpp_wk_3
245 users, 5 outside addresses, 328 active sessions, 0 static mappings
Hash table in2out-ed
0 active elements
0 free lists
0 linear search buckets
0 cache hits, 0 cache misses
Hash table out2in-ed
0 active elements
0 free lists
0 linear search buckets
0 cache hits, 0 cache misses
Thread 1 (vpp_wk_0 at lcore 7):
Hash table in2out
64 active elements
1 free lists
0 linear search buckets
0 cache hits, 0 cache misses
Hash table out2in
64 active elements
1 free lists
0 linear search buckets
0 cache hits, 0 cache misses
125 list pool elements
1.1.1.33: 2 dynamic translations, 0 static translations
1.1.1.29: 2 dynamic translations, 0 static translations
1.1.1.37: 2 dynamic translations, 0 static translations
1.1.1.57: 1 dynamic translations, 0 static translations
1.1.1.61: 1 dynamic translations, 0 static translations
1.1.1.65: 1 dynamic translations, 0 static translations
1.1.1.73: 1 dynamic translations, 0 static translations
1.1.1.77: 1 dynamic translations, 0 static translations
1.1.1.85: 1 dynamic translations, 0 static translations
1.1.1.41: 1 dynamic translations, 0 static translations
1.1.1.45: 1 dynamic translations, 0 static translations
1.1.1.49: 1 dynamic translations, 0 static translations
1.1.1.53: 1 dynamic translations, 0 static translations
1.1.1.69: 1 dynamic translations, 0 static translations
1.1.1.89: 1 dynamic translations, 0 static translations
1.1.1.81: 1 dynamic translations, 0 static translations
1.1.1.145: 1 dynamic translations, 0 static translations
1.1.1.161: 1 dynamic translations, 0 static translations
1.1.1.169: 1 dynamic translations, 0 static translations
1.1.1.157: 1 dynamic translations, 0 static translations
1.1.1.165: 1 dynamic translations, 0 static translations
……
If I use the deterministic NAT, it seems working well;
I want to know what’s wrong with the dynamic NAT;
_______________________________________________
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev
