Uploaded image for project: 'vpp'
  1. vpp
  2. VPP-1023

vpp nat session not deleted when static mapping is deleted

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Highest Highest
    • 17.10
    • 17.10
    • S-NAT
    • None

    • vpp-17.10-rc1~9_gde6c03c~b14.x86_64
      Core configuration:
        main-core 1
        corelist-workers 2

      This is the output from vppctl show verbose:

        13 list pool elements
        192.168.20.10: 0 dynamic translations, 1 static translations
          i2o 192.168.20.10 proto tcp port 22 fib 0
          o2i 192.168.37.205 proto tcp port 22 fib 0
             external host 192.168.37.205
             last heard 2123.32
             total pkts 86246, total bytes 5523775
             static translation

        192.168.20.5: 0 dynamic translations, 1 static translations
          i2o 192.168.20.5 proto tcp port 22 fib 0
          o2i 192.168.37.207 proto tcp port 22 fib 0
             external host 192.168.37.207
             last heard 68260.35
             total pkts 74, total bytes 7737
             static translation

        192.168.20.7: 0 dynamic translations, 1 static translations
          i2o 192.168.20.7 proto tcp port 22 fib 0
          o2i 192.168.37.208 proto tcp port 22 fib 0
             external host 192.168.37.208
             last heard 2495.53
             total pkts 30, total bytes 4869
             static translation

        192.168.20.13: 0 dynamic translations, 1 static translations
          i2o 192.168.20.13 proto tcp port 22 fib 0
          o2i 192.168.37.203 proto tcp port 22 fib 0
             external host 192.168.37.203
             last heard 6425.74
             total pkts 20, total bytes 4353
             static translation

        192.168.20.12: 0 dynamic translations, 1 static translations
          i2o 192.168.20.12 proto tcp port 22 fib 0
          o2i 192.168.37.210 proto tcp port 22 fib 0
             external host 192.168.37.210
             last heard 6639.42
             total pkts 19, total bytes 4301
             static translation

        192.168.20.14: 0 dynamic translations, 2 static translations
          i2o 192.168.20.14 proto icmp port 54467 fib 0
          o2i 192.168.37.207 proto icmp port 54467 fib 0
             external host 192.168.37.207
             last heard 8110.31
             total pkts 6, total bytes 504
             static translation

          i2o 192.168.20.14 proto icmp port 58784 fib 0
          o2i 192.168.37.207 proto icmp port 58784 fib 0
             external host 192.168.37.207
             last heard 68456.46
             total pkts 6, total bytes 504
             static translation

      static mappings:
      local 192.168.20.14 external 192.168.37.207 vrf 0

      There are multiple entries for 192.168.37.207, which results in incorrect translations:

      18:57:39:345467: ip4-input
        TCP: 192.168.37.18 -> 192.168.37.207
          tos 0x00, ttl 64, length 60, checksum 0xd57d
          fragment id 0x990c, flags DONT_FRAGMENT
      18:57:39:345474: nat44-out2in
        NAT44_OUT2IN: sw_if_index 2, next index 1, session index 1
      18:57:39:345478: ip4-lookup
        fib 0 dpo-idx 5 flow hash: 0x00000000
        TCP: 192.168.37.18 -> 192.168.20.5
          tos 0x00, ttl 64, length 60, checksum 0xe747
          fragment id 0x990c, flags DONT_FRAGMENT

      The configured static mapping is 192.168.20.14/192.168.37.207, but the actual translation is from prior session - to 192.168.20.5.

            matfabia Matus Fabian
            juraj.linkes Juraj Linkeš
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: