Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

Lots to digest - responses below Jan Scheurich writes: > Hi Darrel, > Let me try respond to your points below. > Regards, Jan >> -Original Message- >> From: Darrell Ball [mailto:db...@vmware.com] >> Sent: Thursday, 30 November, 2017 01:33 >> >> The idea of

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

Hi Darrel, Let me try respond to your points below. Regards, Jan > -Original Message- > From: Darrell Ball [mailto:db...@vmware.com] > Sent: Thursday, 30 November, 2017 01:33 > > The idea of creating an “Conntrack Established state” specific to each > protocol layer, as you propose,

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

The idea of creating an “Conntrack Established state” specific to each protocol layer, as you propose, does not adhere to any protocol specifications that I am aware of. 1/ UDP and ICMP do not even have such a concept as “Established” connection, so having those specific protocols track

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

On 11/20/17, 2:53 PM, "Jan Scheurich" wrote: Thanks, Darrel, for the quick patch. I have one major concern (see below). > > This code doesn't care across packets. It simply always sets > > CS_ESTABLISHED and CS_REPLY_DIR when

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

Thanks, Darrel, for the quick patch. I have one major concern (see below). > > This code doesn't care across packets. It simply always sets > > CS_ESTABLISHED and CS_REPLY_DIR when ctx->reply is true. > > > > Did I misunderstand something? > > > > There are Two separate ‘if’

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

Darrell Ball writes: > On 11/20/17, 10:02 AM, "Aaron Conole" wrote: > > Darrell Ball writes: > > > On 11/20/17, 9:43 AM, "Aaron Conole" wrote: > > > > Darrell Ball writes: >

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

On 11/20/17, 10:02 AM, "Aaron Conole" wrote: Darrell Ball writes: > On 11/20/17, 9:43 AM, "Aaron Conole" wrote: > > Darrell Ball writes: > > > On 11/20/17, 7:46 AM,

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

On 11/20/17, 9:43 AM, "Aaron Conole" wrote: Darrell Ball writes: > On 11/20/17, 7:46 AM, "ovs-dev-boun...@openvswitch.org on behalf of > Aaron Conole" acon...@redhat.com> wrote: >

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

Darrell Ball writes: > On 11/20/17, 7:46 AM, "ovs-dev-boun...@openvswitch.org on behalf of > Aaron Conole" acon...@redhat.com> wrote: > > Darrell Ball writes: > > > Presently, the userpace

Re: [ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

On 11/20/17, 7:46 AM, "ovs-dev-boun...@openvswitch.org on behalf of Aaron Conole" wrote: Darrell Ball writes: > Presently, the userpace connection tracker 'established' packet > state diverges

[ovs-dev] [patch v1 4/4] conntrack: Change established state to match kernel.

Presently, the userpace connection tracker 'established' packet state diverges from the kernel and this patch brings them in line. The behavior is now that 'established' is only possible after a reply packet is seen. The previous behavior is hard to notice when rules are written to commit a