On Wed, Aug 15, 2018 at 12:49 AM, Matus Fabian -X (matfabia - PANTHEON TECHNOLOGIES at Cisco) <matfa...@cisco.com> wrote:
> Hi Jon, > > > > NAT plugin does virtual fragment reassembly – it enables to translate > non-initial fragments without L4 header otherwise NAT is unable to gather > port information from the non-initial fragment, packet is still broken into > several fragments after NAT translation. > > > > Matus > Thanks, Matus! I'm trying to understand how part of the NAT virtual reassembly works still. When and how does the drop_frag count come into play? For example, if an original packet was broken into 3 fragments, and drop_frag was 1 or 2, should all three fragments get dropped? And are they dropped on ingress or egress? Is there a packet trace flow where I can see them being dropped? I ask because it looks to me like these fragments are only sometimes dropped when the drop_frag value is exceeded, and it also requires the ip_reassembly_enable_disable to be "on" too. I've been doing a "trace add dpdk-input 500", sending my example packets that need fragmentation, NAT-ing them, and then filtering the trace buffer. What is the right node to use in the "filter" here? Thanks, jdl
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#10167): https://lists.fd.io/g/vpp-dev/message/10167 Mute This Topic: https://lists.fd.io/mt/24529319/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
