ip netns - iptables
We have 3 network node's. On two of them I have one working tenant router and at second network node I have backup router.
When I ssh
to NN1
and access to tenant router with command
sudo ip netns exec qrouter-ff34f529-ebd8-463d-9eef-351302f4751a bash
I can list NAT rules and see chains. Example:
Chain neutron-vpn-agen-float-snat (1 references)
target prot opt source destination
SNAT all -- 172.20.0.140 anywhere to:185.56.xxx.xxx
SNAT all -- 172.20.0.13 anywhere to:185.56.xxx.xxx
SNAT all -- 172.20.0.214 anywhere to:185.56.xxx.xxx
SNAT all -- 172.20.0.15 anywhere to:185.56.xxx.xxx
SNAT all -- 172.20.0.101 anywhere to:185.56.xxx.xxx
SNAT all -- 172.20.0.14 anywhere to:185.56.xxx.xxx
or
Chain neutron-vpn-agen-OUTPUT (1 references)
target prot opt source destination
DNAT all -- anywhere 185.56.xxx.xxx to:172.20.0.140
DNAT all -- anywhere 185.56.xxx.xxx to:172.20.0.13
DNAT all -- anywhere 185.56.xxx.xxx to:172.20.0.214
DNAT all -- anywhere 185.56.xxx.xxx to:172.20.0.15
DNAT all -- anywhere 185.56.xxx.xxx to:172.20.0.101
DNAT all -- anywhere 185.56.xxx.xxx to:172.20.0.14
Also I have identical iptables
rules on backup router.
Question is, where are this rules stored? If answer is in database next question is in which base, table?