** Description changed: - Tools such as vpnc try to flush routes when run inside network - namespaces by writing 1 into /proc/sys/net/ipv4/route/flush. This - currently does not work because flush is not enabled in non-initial - network namespaces. - Since routes are per network namespace it is safe to enable + SRU Justification + + Impact: Tools such as vpnc try to flush routes when run inside network namespaces by writing 1 into /proc/sys/net/ipv4/route/flush. This + currently does not work because flush is not enabled in non-initial network namespaces. Users have complained about this at various times (cf. Link: https://github.com/lxc/lxd/issues/4257). + + Fix: Enable /proc/sys/net/ipv4/route/flush inside non-initial network + namespaces. + + Regression Potential: None, since this didn't use to work before. Since + routes are per network namespace it is safe to enable /proc/sys/net/ipv4/route/flush in there. - This has been reported against LXD a few times before + Test Case: Tested with LXD on a kernel with the patch applied and by + running vpnc successfully. - Link: https://github.com/lxc/lxd/issues/4257 + Target Kernels: All LTS kernels starting from 4.15. Kernel 5.3 has the + patchset upstream. - Please backport this to our LTS kernels. :) + Patches: + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5cdda5f1d6adde02da591ca2196f20289977dc56
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1836912 Title: ipv4: enable route flushing in network namespaces To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836912/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
