[ovs-discuss] Issue with connection tracking for packets modified in pipeline
joe at ovn.org
Fri Jun 16 17:52:37 UTC 2017
On 15 June 2017 at 22:20, Numan Siddique <nusiddiq at redhat.com> wrote:
> On Thu, Jun 15, 2017 at 5:06 PM, Aswin S <aswinsuryan at gmail.com> wrote:
>> Adding some more info here, Thanks Numan! for pointing to this.
>> The issue I am facing looks similar to the one described in  and .
>> But it seems the issue is not yet fixed. Is there a plan to fix this soon?
>> In Opendaylight security groups is implemented using ovs-conntrack. So the
>> flow based router ping responder and floating IP translations hits this
> The same issuse is also seen in OVN as pointed by Aswin.
> Joe - If you remember, we had a chat about this same issue during the
> Openstack Boston summit.
Hi Numan, yeah I recall we had this discussion. I didn't have much
clarity on where we're at with this. Looking at patchwork, I provided
some feedback on the RFC. The most straightforward approach seems to
be adding a nf_ct_set(skb, NULL, 0); call for each of the 5tuple "set"
actions in the datapath.
More information about the discuss