[ovs-dev] [PATCH v4] conntrack: document all-zero IP SNAT behavior and add a test case

Dumitru Ceara dceara at redhat.com
Wed Jun 2 15:04:16 UTC 2021

On 6/2/21 3:34 PM, Eelco Chaudron wrote:
> Currently, conntrack in the kernel has an undocumented feature referred
> to as all-zero IP address SNAT. Basically, when a source port
> collision is detected during the commit, the source port will be
> translated to an ephemeral port. If there is no collision, no SNAT is
> performed.
> This patchset documents this behavior and adds a self-test to verify
> it's not changing. In addition, a datapath feature flag is added for
> the all-zero IP SNAT case. This will help applications on top of OVS,
> like OVN, to determine this feature can be used.
> Signed-off-by: Eelco Chaudron <echaudro at redhat.com>
> ---

Tested with OVN patches that use ct_zero_snat [0], works as expected.

Acked-by: Dumitru Ceara <dceara at redhat.com>


[0] https://github.com/dceara/ovn/tree/bz1939676-dnat-and-snat-v1

More information about the dev mailing list