Skip to content

Add support for "default" destination to flow-filter stage #1205

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
qmonnet wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Add support for "default" destination to flow-filter stage #1205

qmonnet wants to merge 3 commits into from
+223 −64

Conversation

@qmonnet
Copy link
Member

@qmonnet qmonnet commented Jan 16, 2026

Work in progress.

This needs to be rebased on top of #1198, once it is merged.

Currently, this PR also misses:

  • New tests to validate the behaviour of the changes in flow-filter
  • Equivalent changes in NAT context tables to handle the "default" destinations properly

@qmonnet qmonnet added this to the GW R2 milestone Jan 16, 2026
@qmonnet qmonnet requested a review from Fredi-raspall January 16, 2026 22:11
@qmonnet qmonnet self-assigned this Jan 16, 2026
@qmonnet qmonnet added the area/nat Related to Network Address Translation (NAT) label Jan 16, 2026
@qmonnet qmonnet mentioned this pull request Jan 16, 2026
Open
Base automatically changed from pr/qmonnet/default-vpc to main January 16, 2026 23:00
@qmonnet qmonnet force-pushed the pr/qmonnet/handle-default branch from 21032d1 to f5d2633 Compare January 16, 2026 23:59
@qmonnet
Temporary commit: Add "default" to VpcExpose
e4914a8 
Because the follow-up commits should be based on the changes from
#1198, but we just need
this tiny change to get the rest to compile.
@qmonnet
feat(lpm): Add method .contains_key() to LPM and derivatives
5eb4e59 
This method will be used in a follow-up commit.

Signed-off-by: Quentin Monnet <qmo@qmon.net>
@qmonnet
feat(flow-filter): Add support for "default" destination VpcExpose
5053ce2 
Make sure that we account for "default" VpcExpose when we retrieve the
destination VPC discriminant for the packet.

Internally, we don't add a prefix for the default destination into the
tables, because we'd have to handle overlap to some extent. Instead, we
add a per-source-VPC value to use as a fallback when no other
destination prefix match.

At the moment, the code assumes that each VPC accepts at most one
"default" destination.

Signed-off-by: Quentin Monnet <qmo@qmon.net>
@qmonnet qmonnet force-pushed the pr/qmonnet/handle-default branch from f5d2633 to 5053ce2 Compare January 17, 2026 00:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Fredi-raspall Fredi-raspall Awaiting requested review from Fredi-raspall

At least 1 approving review is required to merge this pull request.

Assignees

@qmonnet qmonnet

Labels

area/nat Related to Network Address Translation (NAT)

Projects

None yet

Milestone

GW R2

Development

Successfully merging this pull request may close these issues.

2 participants

@qmonnet