Ephemeral port fallback is being done for DNAT and the code could be hit in
some special cases, where packets are expected to be persistently dropped.
At any rate, this is incorrect, so filter this out.
Also, rename the variable used for checking whether ephemeral ports
need to be checked.
Needs
It is not an error, but good to know about.
Signed-off-by: Darrell Ball
---
lib/conntrack.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 065c337..4b29c31 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -795,11 +795,15
Add check to validate that 'conn_clean()' is only called for
conntrack entries of default 'conn_type'.
Needs backporting to 2.8.
Signed-off-by: Darrell Ball
---
lib/conntrack.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 4b53e82..15e0a62 100644
nat_clean has a defunct optimization for calculating a hash outside the
scope of a bucket lock which potentially 'might' lead to referencing freed
memory. There is little point to this optimization, so just remove it.
Needs backporting to 2.8.
Signed-off-by: Darrell Ball
---
lib/conntrack.c |
The user should only reference a conntrack entry by the forward
direction context, as per 'conntrack_flush()', enforce this by
checking for 'default' conn_type. Needs backporting to 2.9.
Fixes: 271e48a0e244 ("conntrack: Support conntrack flush by ct 5-tuple")
Signed-off-by: Darrell Ball
---
Handle the 'unusual case' that the user requests natting to self.
This defaults to the legacy case, where a single conntrack entry is
used rather than having a separate reverse entry and can lead to
referencing freed memory in nat clean.
To handle this case, we only mark the conntrack entry as
Hello all,
Is it possible to configure remote_ip as a 'flow' instead of an IP address
(i.e., setting ovn-encap-ip to a single IP address)?
Today, we have one VTEP endpoint per OVN host and all the VMs that connects
to br-int on that OVN host are reachable behind this VTEP endpoint. Is it
Many OVS tests wait up for 10 seconds for a condition to become true.
Usually these conditions are ones that should take only a second or so to
actually become true in practice, but on a busy and slow machine it's
possible that some tests might fail or come close to failing because 10
seconds is
- Original Message -
> From: "Tiago Lam"
> To: "Bala Sankaran" , d...@openvswitch.org
> Cc: "Aaron Conole" , "Ian Stokes" ,
> "Ciara Loftus"
> Sent: Tuesday, 4 September, 2018 6:32:39 AM
> Subject: Re: [PATCH v4 6/6] system-dpdk: Connect network namespaces via
> dpdkvhostuser ports
>
Hi Ilya,
On 30/08/2018 12:06, Ilya Maximets wrote:
> Hi, Tiago. I applied that whole patch-set and looked through the
> code. Didn't finish review yet, but have a few concerns about current
> implementation:
>
> 1. dp_packet_l3/l4/others returns the pointer and checks only that
>offset is
OVN obviously allows it. But ovn-kubernetes has no code to do such a thing.
On Tue, 4 Sep 2018 at 09:06, Alona Kaplan wrote:
> Thanks for the answer.
> Is there a way to connect a pod to a specific logical switch (not the node
> default one)? So different pod interface will be able to be
Thanks for the answer.
Is there a way to connect a pod to a specific logical switch (not the node
default one)? So different pod interface will be able to be connected to
different layer 2 logical networks.
On Tue, Sep 4, 2018, 18:57 Guru Shetty wrote:
> I think people have tried with Multus.
I think people have tried with Multus. But we do not have official support
for it. Someone will have to spend some time to figure out what is needed.
On Mon, 3 Sep 2018 at 10:29, Alona Kaplan wrote:
> Hi all,
>
> I'm KubeVirt developer and we want to examine using ovn-Kubernetes over
> multus.
style="color:rgb(31,78,121)">Hi,
style="color:rgb(31,78,121)">
style="color:rgb(31,78,121)">Im just writing to check would you be
interested in
Rackspace Users contacts list?
style="color:rgb(31,78,121)">
style="color:rgb(31,78,121)">We also have other technology
On 03/09/18 19:11, Flavio Leitner wrote:
> On Fri, Aug 31, 2018 at 11:52:41AM -0700, Martin Xu wrote:
>> Add "--with/without allow_unsupported_modules" flag for rpmbuild. With
>> this flag on, OVS kmod RPM sets allow_unsupported_modules to 1 if needed
>> in
On 03/09/18 19:34, Flavio Leitner wrote:
> On Fri, Aug 31, 2018 at 11:52:42AM -0700, Martin Xu wrote:
>> Define a variable _ovs_config_extra_flags to allow passing more flags to
>> configure when building OVS kmod RPM. For example, to build with a
>> non-standard openssl and add an RPATH, use the
On 03/09/18 18:58, Flavio Leitner wrote:
>
> The /lib/modules/${kv}/build is a symlink to /usr/src/kernels/${kv}/
> on Fedora, so the patch looks good.
>
> Acked-by: Flavio Leitner
>
> fbl
>
This works on SUSE as well
Reviewed-by: Markos Chandras
--
markos
SUSE LINUX GmbH | GF: Felix
On 31/08/2018 16:55, Bala Sankaran wrote:
> This adds a few unit tests to the 'check-dpdk' subsystem that will
> exercise allocations of two network namespaces, PMDs, and the
> vhost-user and vhost-user-client code path(separate tests).
> As part of the tests, userspace bridge is added and
18 matches
Mail list logo
