Hi, with OVN 21.06+ you can create overriding ACLs with higher priority than you currently have, with special "allow-stateless" verb, which ensures packets bypassing conntrack.
Regards, Vladislav Odintsov On 10 Sep 2021, at 22:49, Satish Patel <satish....@gmail.com<mailto:satish....@gmail.com>> wrote: Folk, We are a large shop of UDP applications so trying to find a way to disable the conntrack for the entire UDP protocol stack, I did google and dig into some ovn documentation but did not find any workaround which allows disabling a conntrack on UDP protocol. Or another option i was thinking of is to disable ACL in OVS entirely and then i will use iptables on vm because that way i can disable conntrack using iptables. Anyone have any idea what to do if possible? _______________________________________________ discuss mailing list disc...@openvswitch.org<mailto:disc...@openvswitch.org> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
