Hi, I'm testing following scene:
vm1-172.16.11.2 -> SNAT to public1-192.168.1.100 to access public2-192.168.1.2, and reversely, 192.168.1.2 access 192.168.1.100 DNAT to 172.16.11.2. With these key configs: vppctl set int ip address host-ve_eip1 192.168.1.100/24 vppctl nat44 add interface address host-ve_eip1 vppctl set interface nat44 in host-ve_nat1_node1 out host-ve_eip1 vm1 can ping public2. But when public2 ping public1, vm1 did not receive the echo-request, the echo-reply seems to be answered by host-ve_eip1. After append this cmd: nat44 add static mapping tcp local 172.16.11.2 external 192.168.1.100 vrf 1 I've tested SNAT/DNAT successfully (ping/tcp/udp from public2, vm1 can receive DNATed request, and reply properly), but the protocol 'tcp' here seems being ignored. Is this cmd expected to support snat & dnat for just tcp protocol here?
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#14013): https://lists.fd.io/g/vpp-dev/message/14013 Mute This Topic: https://lists.fd.io/mt/34186299/21656 Mute #vpp: https://lists.fd.io/mk?hashtag=vpp&subid=1480452 Mute #nat: https://lists.fd.io/mk?hashtag=nat&subid=1480452 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
