cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] Slair1 commented on issue #2680: Using Source NAT option on Private Gateway does not work
Date Mon, 11 Jun 2018 22:29:08 GMT
Slair1 commented on issue #2680: Using Source NAT option on Private Gateway does not work
URL: https://github.com/apache/cloudstack/issues/2680#issuecomment-396407405
 
 
   @rhtyd /cc @ustcweizhou 
   
   I think you're right @rhtyd, it isn't obvious, but when a guest VM attempts to communicate
with another guest VM's public IP, the packet flows into iptables and then hairpins back out.
 Without the SNAT in place, the reply from the destination VM would go straight to source
VM.  Which breaks any stateful, protocol such as TCP, since the source IP in the reply packet
will be the private IP of the original destination VM while the original source VM is expecting
the source IP to be the public IP...  If that makes sense... if not let me know and i can
explain more.
   
   I'll take a look and update the code some!

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message