neutron/neutron/common
Swaminathan Vasudevan 836f79e7b7 Packets getting lost during SNAT with too many connections
We have a problem with SNAT with too many connections using the
same source and destination on the network nodes.

In addition we can see in the conntrack table that the who
"instert_failed" increases.

This might be a generic problem with conntrack and linux.
We suspect that we encounter the following "limitation / bug"
in the kernel.

There seems to be a workaround to alleviate this behavior by
setting the -random-fully flag in iptables for port consumption.

This patch fixes the problem by adding the --random-fully to
the SNAT rules.
Conflicts:
    neutron/agent/linux/iptables_manager.py
    neutron/common/constants.py
    neutron/tests/unit/agent/l3/test_agent.py

Change-Id: I246c1f56df889bad9c7e140b56c3614124d80a19
Closes-Bug: #1814002
(cherry picked from commit 30f35e08f9)
2019-06-04 23:23:43 +00:00
..
__init__.py Update License Headers to replace Nicira with VMware 2014-02-27 08:11:15 +00:00
_deprecate.py debtcollector for globals 2016-08-30 10:18:19 -04:00
cache_utils.py Remove deprecated cache_url 2017-11-10 00:47:19 -05:00
config.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
constants.py Packets getting lost during SNAT with too many connections 2019-06-04 23:23:43 +00:00
eventlet_utils.py Windows: fix exec calls 2018-06-19 07:12:27 +00:00
exceptions.py Fix neutron-openvswitch-agent Windows support 2018-11-23 17:13:42 +02:00
ipv6_utils.py Allow Ipv6 addresses for nova_metadata_host 2018-10-13 07:16:55 +00:00
profiler.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
rpc.py Merge "Hook bandit security linter to pep8 target" 2017-08-24 06:10:40 +00:00
test_lib.py Revert "Removed test_lib module" 2015-06-29 08:27:41 +00:00
topics.py RPC Callback rolling upgrades reporting, and integration 2016-03-01 11:20:48 +01:00
utils.py Packets getting lost during SNAT with too many connections 2019-06-04 23:23:43 +00:00