I installed 4.15.0-56-generic #62~16.04.1-Ubuntu xenial HWE kernel, and I followed the reproducer instructions at https://github.com/brb/conntrack-race, specifically loading in the NAT iptables rules, enabling debug output of the conntrack file and running the programs server and client.
Looking at dmesg output, I see that conntrack collisions are found and resolved, and duplicate conntrack entries are de-allocated and returned to the slab. This kernel is also being tested in a kubernetes test cluster and I will update this bug if any problems arise. At the moment there isn't any. Since one of the patches are from upstream -stable, and I have spent some time validating, I am happy to mark this as verified. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1836816 Title: Fix nf_conntrack races when dealing with same origin requests in NAT environments To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836816/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs