Using vlan external netowrk fip,dragonflow dirtributed dnat does not work

My problem is :
Dragonflow distributed dnat can work ok when external network type is vlan ? if ok ,dragonflow distributed dnat support two or more external vlan network ?

Details below:

Using flat external netowork fip , dragonflow distributed dnat work fine

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

+------------------------------------------------------+ +----------------------------------+
| | | MARK: C |
| br-ex enp0s3 |XXXXXXXXXXXXXXXXXXX| 192.168.56.10 |
| 08:00:27:12:3f:5b | | external network gateway |
| 192.168.56.155 | | |
+------------------------------------------------------+ +----------------------------------+
|
|
|
|
|
|
|
+-----------------------------------------------------------+ flows: A -> br-int(dnat) -> br-ex(l3 forward) -> C
| |
| |
| br-int |
| |
| |
+-----------------------------------------------------------+
|
|
| fa:16:3e:d4:60:2d
| flat floating ip 192.168.56.55
| dragonflow distribute dnat
|
+--------------------+
| 1.1.1.6 |
| Mark: A |
| |
| |
+--------------------+

Instructions:

192.168.56.0/24 is my external flat network subnet.

using dragonflow dnat

A->C icmp flows: A -> br-int(dnat) -> br-ex(l3 forward) -> C

1.1.1.6 with fip ping gateway.( A->C connected). When icmp packet arrived at br-ex , layer3 forwarding is noraml.

Catch packets in br-ex interface.

1
2
3
4
5
6
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br-ex, link-type EN10MB (Ethernet), capture size 262144 bytes
21:40:50.340646 fa:16:3e:d4:60:2d > 08:00:27:12:3f:5b, ethertype IPv4 (0x0800), length 98: 192.168.56.55 > 114.114.114.114: ICMP echo request, id 22785, seq 188, length 64
21:40:50.340672 08:00:27:12:3f:5b > be:e5:f2:da:42:46, ethertype IPv4 (0x0800), length 98: 192.168.56.55 > 114.114.114.114: ICMP echo request, id 22785, seq 188, length 64
21:40:51.341668 fa:16:3e:d4:60:2d > 08:00:27:12:3f:5b, ethertype IPv4 (0x0800), length 98: 192.168.56.55 > 114.114.114.114: ICMP echo request, id 22785, seq 189, length 64
21:40:51.341696 08:00:27:12:3f:5b > be:e5:f2:da:42:46, ethertype IPv4 (0x0800), length 98: 192.168.56.55 > 114.114.114.114: ICMP echo request, id 22785, seq 189, length 64

tcpdump catch packets in enp0s3

1
2
3
4
5
listening on enp0s3, link-type EN10MB (Ethernet), capture size 262144 bytes
21:43:01.601739 08:00:27:12:3f:5b > be:e5:f2:da:42:46, ethertype IPv4 (0x0800), length 98: 192.168.56.55 > 114.114.114.114: ICMP echo request, id 22785, seq 319, length 64
21:43:01.609858 be:e5:f2:da:42:46 > fa:16:3e:d4:60:2d, ethertype IPv4 (0x0800), length 98: 114.114.114.114 > 192.168.56.55: ICMP echo reply, id 22785, seq 319, length 64
21:43:02.602343 08:00:27:12:3f:5b > be:e5:f2:da:42:46, ethertype IPv4 (0x0800), length 98: 192.168.56.55 > 114.114.114.114: ICMP echo request, id 22785, seq 320, length 64
21:43:02.611243 be:e5:f2:da:42:46 > fa:16:3e:d4:60:2d, ethertype IPv4 (0x0800), length 98: 114.114.114.114 > 192.168.56.55: ICMP echo reply, id 22785, seq 320, length 64

Using vlan external netowrk fip,dragonflow dirtributed dnat does not work

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

+------------------------------------------------------+ +----------------------------------+
| | | MARK: C |
| br-ex enp0s3 |XXXXXXXXXXXXXXXXXXX| 192.168.57.10 |
| 08:00:27:12:3f:5b | | external vlan network gateway |
| 192.168.56.155 | | |
+------------------------------------------------------+ +----------------------------------+
|
| +
| |
| |
| |
| |
| v
+-----------------------------------------------------------+ flows: A -> br-int(dnat) -> br-ex(l3 forward) -> C
| |
| |
| br-int | work err here
| |
| |
+-----------------------------------------------------------+
|
|
| fa:16:3e:39:63:c2
| vlan external network fip : 192.168.57.159
|
|
+--------------------+
| 1.1.1.6 |
| Mark: A |
| |
| |
+--------------------+

Catch packets in br-ex interface. and I find that icmp packet can not be l3 forwarded in br-ex . A -> c disconnect.

1
2
3
4
5
6
stack@p-controller:~/devstack$ sudo tcpdump -i br-ex -ne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br-ex, link-type EN10MB (Ethernet), capture size 262144 bytes
21:58:36.278770 fa:16:3e:39:63:c2 > 08:00:27:12:3f:5b, ethertype 802.1Q (0x8100), length 102: vlan 207, p 0, ethertype IPv4, 192.168.57.159 > 114.114.114.114: ICMP echo request, id 23041, seq 15, length 64
21:58:37.279352 fa:16:3e:39:63:c2 > 08:00:27:12:3f:5b, ethertype 802.1Q (0x8100), length 102: vlan 207, p 0, ethertype IPv4, 192.168.57.159 > 114.114.114.114: ICMP echo request, id 23041, seq 16, length 64
21:58:38.279781 fa:16:3e:39:63:c2 > 08:00:27:12:3f:5b, ethertype 802.1Q (0x8100), length 102: vlan 207, p 0, ethertype IPv4, 192.168.57.159 > 114.114.114.114: ICMP echo request, id 23041, seq 17, length 64

My problem is :

Dragonflow distributed dnat can work ok when external network type is vlan ? if ok ,dragonflow distributed dnat support two or more external vlan network ?