flavio-fernandes · April 21, 2020 09:51
diff --git a/ovn_config.sh b/ovn_config.sh
 ovn-nbctl ls-add sw0
 ovn-nbctl lsp-add sw0 sw0-port1
 ovn-nbctl lsp-set-addresses sw0-port1 "50:54:00:00:00:03 10.0.0.3"

 ovn-nbctl ls-add public

 # Create a logical router
 ovn-nbctl lr-add lr0
 ovn-nbctl lrp-add lr0 lr0-sw0 00:00:00:00:ff:01 10.0.0.1/24
 ovn-nbctl lsp-add sw0 sw0-lr0
 ovn-nbctl lsp-set-type sw0-lr0 router
 ovn-nbctl lsp-set-addresses sw0-lr0 router
 ovn-nbctl lsp-set-options sw0-lr0 router-port=lr0-sw0

 ovn-nbctl lrp-add lr0 lr0-public 00:00:20:20:12:13 172.16.0.100/24
 ovn-nbctl lsp-add public public-lr0
 ovn-nbctl lsp-set-type public-lr0 router
 ovn-nbctl lsp-set-addresses public-lr0 router
 ovn-nbctl lsp-set-options public-lr0 router-port=lr0-public

 # localnet port
 ovn-nbctl lsp-add public ln-public
 ovn-nbctl lsp-set-type ln-public localnet
 ovn-nbctl lsp-set-addresses ln-public unknown
 ovn-nbctl lsp-set-options ln-public network_name=public

 # schedule the gw router port to a chassis.
 ovn-nbctl lrp-set-gateway-chassis lr0-public ovn-gw-1 20

 ovn-nbctl --portrange lr-nat-add lr0 dnat_and_snat 172.16.0.110 10.0.0.3 sw0-port1 30:54:00:00:00:03 8080-8082

 # Generated logical flow
 cat <<EOT >/dev/null

 Generated logical flow:

 [root@ovn-central /]# sudo ovn-sbctl dump-flows lr0 | grep -i -e 'ct_' -e 'nat'
  table=5 (lr_in_unsnat       ), priority=100  , match=(ip && ip4.dst == 172.16.0.110 && inport == "lr0-public"), action=(ct_snat;)
  table=5 (lr_in_unsnat       ), priority=0    , match=(1), action=(next;)
  table=6 (lr_in_dnat         ), priority=100  , match=(ip && ip4.dst == 172.16.0.110 && inport == "lr0-public"), action=(ct_dnat(10.0.0.3,8080-8082);)
  table=6 (lr_in_dnat         ), priority=0    , match=(1), action=(next;)
  table=0 (lr_out_undnat      ), priority=100  , match=(ip && ip4.src == 10.0.0.3 && outport == "lr0-public"), action=(eth.src = 30:54:00:00:00:03; ct_dnat;)
  table=0 (lr_out_undnat      ), priority=0    , match=(1), action=(next;)
  table=1 (lr_out_snat        ), priority=120  , match=(nd_ns), action=(next;)
  table=1 (lr_out_snat        ), priority=33   , match=(ip && ip4.src == 10.0.0.3 && outport == "lr0-public"), action=(eth.src = 30:54:00:00:00:03; ct_snat(172.16.0.110,8080-8082);)
  table=1 (lr_out_snat        ), priority=0    , match=(1), action=(next;)
  table=2 (lr_out_egr_loop    ), priority=100  , match=(ip4.dst == 172.16.0.110 && outport == "lr0-public" && is_chassis_resident("sw0-port1")), action=(clone { ct_clear; inport = outport; outport = ""; flags = 0; flags.loopback = 1; reg0 = 0; reg1 = 0; reg2 = 0; reg3 = 0; reg4 = 0; reg5 = 0; reg6 = 0; reg7 = 0; reg8 = 0; reg9 = 0; reg9[0] = 1; next(pipeline=ingress, table=0); };)

 EOT
	ovn-nbctl ls-add sw0
	ovn-nbctl lsp-add sw0 sw0-port1
	ovn-nbctl lsp-set-addresses sw0-port1 "50:54:00:00:00:03 10.0.0.3"

	ovn-nbctl ls-add public

	# Create a logical router
	ovn-nbctl lr-add lr0
	ovn-nbctl lrp-add lr0 lr0-sw0 00:00:00:00:ff:01 10.0.0.1/24
	ovn-nbctl lsp-add sw0 sw0-lr0
	ovn-nbctl lsp-set-type sw0-lr0 router
	ovn-nbctl lsp-set-addresses sw0-lr0 router
	ovn-nbctl lsp-set-options sw0-lr0 router-port=lr0-sw0

	ovn-nbctl lrp-add lr0 lr0-public 00:00:20:20:12:13 172.16.0.100/24
	ovn-nbctl lsp-add public public-lr0
	ovn-nbctl lsp-set-type public-lr0 router
	ovn-nbctl lsp-set-addresses public-lr0 router
	ovn-nbctl lsp-set-options public-lr0 router-port=lr0-public

	# localnet port
	ovn-nbctl lsp-add public ln-public
	ovn-nbctl lsp-set-type ln-public localnet
	ovn-nbctl lsp-set-addresses ln-public unknown
	ovn-nbctl lsp-set-options ln-public network_name=public

	# schedule the gw router port to a chassis.
	ovn-nbctl lrp-set-gateway-chassis lr0-public ovn-gw-1 20

	ovn-nbctl --portrange lr-nat-add lr0 dnat_and_snat 172.16.0.110 10.0.0.3 sw0-port1 30:54:00:00:00:03 8080-8082

	# Generated logical flow
	cat <<EOT >/dev/null

	Generated logical flow:

	[root@ovn-central /]# sudo ovn-sbctl dump-flows lr0 \| grep -i -e 'ct_' -e 'nat'
	table=5 (lr_in_unsnat ), priority=100 , match=(ip && ip4.dst == 172.16.0.110 && inport == "lr0-public"), action=(ct_snat;)
	table=5 (lr_in_unsnat ), priority=0 , match=(1), action=(next;)
	table=6 (lr_in_dnat ), priority=100 , match=(ip && ip4.dst == 172.16.0.110 && inport == "lr0-public"), action=(ct_dnat(10.0.0.3,8080-8082);)
	table=6 (lr_in_dnat ), priority=0 , match=(1), action=(next;)
	table=0 (lr_out_undnat ), priority=100 , match=(ip && ip4.src == 10.0.0.3 && outport == "lr0-public"), action=(eth.src = 30:54:00:00:00:03; ct_dnat;)
	table=0 (lr_out_undnat ), priority=0 , match=(1), action=(next;)
	table=1 (lr_out_snat ), priority=120 , match=(nd_ns), action=(next;)
	table=1 (lr_out_snat ), priority=33 , match=(ip && ip4.src == 10.0.0.3 && outport == "lr0-public"), action=(eth.src = 30:54:00:00:00:03; ct_snat(172.16.0.110,8080-8082);)
	table=1 (lr_out_snat ), priority=0 , match=(1), action=(next;)
	table=2 (lr_out_egr_loop ), priority=100 , match=(ip4.dst == 172.16.0.110 && outport == "lr0-public" && is_chassis_resident("sw0-port1")), action=(clone { ct_clear; inport = outport; outport = ""; flags = 0; flags.loopback = 1; reg0 = 0; reg1 = 0; reg2 = 0; reg3 = 0; reg4 = 0; reg5 = 0; reg6 = 0; reg7 = 0; reg8 = 0; reg9 = 0; reg9[0] = 1; next(pipeline=ingress, table=0); };)

	EOT