On 3/28/24 17:18, Paolo Valerio wrote: > Recent kernels introduced a mechanism that allows to evict colliding > entries in a closing state whereas they were previously considered as > parts of a non-recoverable clash. > This new behavior makes "conntrack - SNAT with port range with > exhaustion test" fail, as it relies on the previous assumptions. > > Fix it by creating and not advancing the first entry in SYN_SENT to > avoid early eviction. > > Suggested-by: Ilya Maximets <i.maxim...@ovn.org> > Reported-at: https://issues.redhat.com/browse/FDP-486 > Signed-off-by: Paolo Valerio <pvale...@redhat.com> > --- > v2: > - replaced open-coded bytes with > 'ovs-ofctl compose-packet --bare' (Ilya) > --- > tests/system-traffic.at | 24 +++++++++++++++++------- > 1 file changed, 17 insertions(+), 7 deletions(-)
Thanks! Applied and backported down to 2.17. Best regards, Ilya Maximets. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev