TCP connection reset #109
Description
I'm trying to connect docker containers by using the p4 switch bmv2 model. Two containers on the same host (connected to the same switch) can establish a TCP connection but two containers on different hosts can't. After the server receives the syn packet, the server replies with a syn,ack packet that has the reset bit set. Before sending a packet to a new host NAT will be applied the action responsible for this looks like:
action nat(port, mac_src, mac_dst, host_ip, dst_ip) {
modify_field(ether_hdr.src, mac_src);
modify_field(ether_hdr.dst, mac_dst);
modify_field(ipv4_hdr.src, host_ip);
modify_field(ipv4_hdr.dst, dst_ip);
modify_field(standard_metadata.egress_spec, port);
}The TCP checksum is computed like this:
field_list tcp_checksum_list {
ipv4_hdr.src;
ipv4_hdr.dst;
8'0;
ipv4_hdr.proto;
meta.tcpLength;
tcp_hdr.src;
tcp_hdr.dst;
tcp_hdr.seq;
tcp_hdr.ack;
tcp_hdr.offset;
tcp_hdr.resrv;
tcp_hdr.flags;
tcp_hdr.window;
tcp_hdr.urgent;
payload;
}
field_list_calculation tcp_checksum {
input {
tcp_checksum_list;
}
algorithm : csum16;
output_width : 16;
}
calculated_field tcp_hdr.checksum {
update tcp_checksum if(valid(tcp_hdr));
}It's possible to ping the container on the other host.