On Fri, Dec 23, 2016 at 05:31:40PM -0800, Daniele Di Proietto wrote: > The userspace connection tracker treats Neighbor Discovery packets > as invalid, because they're not checked against any connection. > > This in inconsistent with the kernel connection tracker which always > returns 'CS_NEW'. > > Therefore, this commit makes the userspace connection tracker conforming > with the kernel. ND packets still do not create or read any state, but > they're treated as NEW. > > To support this, the key extraction functions can now return > KEY_NO_TRACK, meaning the packet should be treated statelessly and not > be sent to the connection tracker. > > We also have to remove a test that explicitly checked that neighbor > discovery was treated as invalid. > > Reported-by: Sridhar Gaddam <[email protected]> > Signed-off-by: Daniele Di Proietto <[email protected]>
The actual changes would be slightly clearer if this were two patches: one that changes "bool" to the new "enum", without a behavioral change, and then a second one that adds the new KEY_NO_TRACK. But I think that it makes sense anyway. Thank you. Acked-by: Ben Pfaff <[email protected]> _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
