On 3/4/20 8:44 PM, Dumitru Ceara wrote:
> On 3/4/20 7:45 PM, Ilya Maximets wrote:
>> On 3/4/20 2:01 PM, Dumitru Ceara wrote:
>>> On 1/30/20 3:16 PM, Dumitru Ceara wrote:
When a new conntrack zone is entered, the ct_state field is zeroed in
order to avoid using state information from
On 3/4/20 7:45 PM, Ilya Maximets wrote:
> On 3/4/20 2:01 PM, Dumitru Ceara wrote:
>> On 1/30/20 3:16 PM, Dumitru Ceara wrote:
>>> When a new conntrack zone is entered, the ct_state field is zeroed in
>>> order to avoid using state information from different zones.
>>>
>>> One such scenario is when
On 3/4/20 2:01 PM, Dumitru Ceara wrote:
> On 1/30/20 3:16 PM, Dumitru Ceara wrote:
>> When a new conntrack zone is entered, the ct_state field is zeroed in
>> order to avoid using state information from different zones.
>>
>> One such scenario is when a packet is double NATed. Assuming two zones
On 1/30/20 3:16 PM, Dumitru Ceara wrote:
> When a new conntrack zone is entered, the ct_state field is zeroed in
> order to avoid using state information from different zones.
>
> One such scenario is when a packet is double NATed. Assuming two zones
> and 3 flows performing the following actions
When a new conntrack zone is entered, the ct_state field is zeroed in
order to avoid using state information from different zones.
One such scenario is when a packet is double NATed. Assuming two zones
and 3 flows performing the following actions in order on the packet:
1. ct(zone=5,nat), recirc
