On 4/26/21 2:19 PM, Eelco Chaudron wrote: > Currently, conntrack in the kernel has an undocumented feature referred > to as all-zero IP address NULL SNAT. Basically, when a source port > collision is detected during the commit, the source port will be > translated to an ephemeral port. If there is no collision, no SNAT is > performed. > > This patchset documents this behavior and adds a self-test to verify > it's not changing. > > Signed-off-by: Eelco Chaudron <[email protected]> > --- > v3: Renamed NULL SNAT to all-zero IP SNAT. > v2: Fixed NULL SNAT to only work in the -rpl state to be inline with > OpenShift-SDN's behavior.
Hi Eelco, Would it be possible to add this capability to the list of kernel Datapath.capabilities ovsdb column? [0] Given that the patch to add userspace datapath support for all-zero IP SNAT is not accepted yet [1], and even if it does it will likely not be backported to LTS because it's a feature, this would make it easier for OVN (for example ovn-controller) to determine at runtime if it should use all-zero IP SNAT or not. [0] https://github.com/openvswitch/ovs/commit/27501802d09f782b8133031c1eae3394ae5ce147 [1] https://patchwork.ozlabs.org/project/openvswitch/list/?series=241223 Thanks, Dumitru _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
