From 6631032791f842017c20ddf217e915c465ff809d Mon Sep 17 00:00:00 2001 From: Nathan Skrzypczak Date: Thu, 14 Oct 2021 18:41:57 +0300 Subject: cnat: flag to disable rsession This adds a flag on the translation asking the VIP & input-feature nodes not to create the return session when translating / load-balancing an incoming flow. This is needed with maglev & DSR Type: feature Change-Id: I699012310ddc59f6ceeeb4878638eac6da5128dc Signed-off-by: Nathan Skrzypczak --- src/plugins/cnat/cnat.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'src/plugins/cnat/cnat.rst') diff --git a/src/plugins/cnat/cnat.rst b/src/plugins/cnat/cnat.rst index a177bc10aa2..b0426f35373 100644 --- a/src/plugins/cnat/cnat.rst +++ b/src/plugins/cnat/cnat.rst @@ -134,19 +134,19 @@ This plugin is built to be extensible. For now two NAT types are defined, ``cnat * Session lookup : ``rv`` will be set to ``0`` if a session was found * Translation primitives ``cnat_translation_ip4`` based on sessions * A session creation primitive ``cnat_session_create`` +* A reverse session creation primitive ``cnat_rsession_create`` -Creating a session will also create a reverse session (for matching return traffic), -and call a NAT node back that will perform the translation. +Creating a session will also create reverse session matching return traffic unless told otherwise by setting ``CNAT_TR_FLAG_NO_RETURN_SESSION`` on the translation. This will call the NAT nodes on the return flow and perform the inverse translation. Known limitations _________________ This plugin is still under development, it lacks the following features : * Load balancing doesn't support parametric probabilities -* VRFs aren't supported. All rules apply to fib table 0 only +* VRFs are not supported, all rules apply regardless of the FIB table. * Programmatic session handling (deletion, lifetime updates) aren't supported -* ICMP is not yet supported -* Traffic matching is only done based on ``(proto, dst_addr, dst_port)`` source matching isn't supported +* translations (i.e. rewriting the destination address) only match on the three +tuple ``(proto, dst_addr, dst_port)`` other matches are not supported * Statistics & session tracking are still rudimentary. -- cgit 1.2.3-korg