neutron

History

David Hill e7f8b93a8a Allow operator to disable usage of random-fully In some specific use case, the cloud operator expects the source port of a packet to stay the same across all masquerading layer up to the destination host. With the implementation of the random-fully code, this behavior was changed as source_port is always rewritten no matter which type of architecture / network CIDRs is being used in the backend. This setting allows a user to fallback to the original behavior of the masquerading process which is to keep the source_port consistent across all layers. The initial random-fully fix prevents packet drops when duplicate tuples are generated from two different namespace when the source_ip:source_port goes toward the same destination so enabling this setting would allow this issue to show again. Perhaps a right approach here would be to fix this "racey" situation in the kernel by perhaps using the mac address as a seed to the tuple ... Change-Id: Idfe5e51007b9a3eaa48779cd01edbca2f586eee5 Closes-bug: #1987396 (cherry picked from commit `bbefe5285e`) (cherry picked from commit `fa77abbc15`)	2022-08-29 12:39:40 +00:00
..
notes	Allow operator to disable usage of random-fully	2022-08-29 12:39:40 +00:00
source	Imported Translations from Zanata	2020-04-26 07:31:19 +00:00

David Hill e7f8b93a8a Allow operator to disable usage of random-fully

In some specific use case, the cloud operator expects the source port
of a packet to stay the same across all masquerading layer up to the
destination host.   With the implementation of the random-fully code,
this behavior was changed as source_port is always rewritten no matter
which type of architecture / network CIDRs is being used in the backend.
This setting allows a user to fallback to the original behavior of the
masquerading process which is to keep the source_port consistent across
all layers.  The initial random-fully fix  prevents packet drops when
duplicate tuples are generated from two different namespace when the
source_ip:source_port goes toward the same destination so enabling this
setting would allow this issue to show again.   Perhaps a right approach
here would be to fix this "racey" situation in the kernel by perhaps
using the mac address as a seed to the tuple ...

Change-Id: Idfe5e51007b9a3eaa48779cd01edbca2f586eee5
Closes-bug: #1987396
(cherry picked from commit bbefe5285e)
(cherry picked from commit fa77abbc15)

2022-08-29 12:39:40 +00:00

notes Allow operator to disable usage of random-fully 2022-08-29 12:39:40 +00:00

source Imported Translations from Zanata 2020-04-26 07:31:19 +00:00