openstack/neutron

Go to file

Swaminathan Vasudevan ce628a1237 Packets getting lost during SNAT with too many connections

We have a problem with SNAT with too many connections using the
same source and destination on the network nodes.

In addition we can see in the conntrack table that the who
"instert_failed" increases.

This might be a generic problem with conntrack and linux.
We suspect that we encounter the following "limitation / bug"
in the kernel.

There seems to be a workaround to alleviate this behavior by
setting the -random-fully flag in iptables for port consumption.

This patch fixes the problem by adding the --random-fully to
the SNAT rules.

Conflicts:
    neutron/agent/l3/dvr_edge_router.py
    neutron/agent/linux/iptables_manager.py
    neutron/common/constants.py
    neutron/tests/unit/agent/l3/test_agent.py

Change-Id: I246c1f56df889bad9c7e140b56c3614124d80a19
Closes-Bug: #1814002
(cherry picked from commit 30f35e08f9)

2019-06-04 23:25:09 +00:00

Fix some typos

2016-06-28 22:46:19 +02:00

XenAPI: add support for conntrack with XenServer

2016-09-23 02:34:25 +00:00

devstack: switch to new NEUTRON_* variables

2018-01-11 10:44:39 -08:00

Replace openstack.org git:// URLs with https://

2019-03-26 23:43:43 +00:00

Revert "Linux Bridge: driver support for QoS egress minimum bandwidth"

2017-02-10 04:34:21 +00:00

Packets getting lost during SNAT with too many connections

2019-06-04 23:25:09 +00:00

playbooks/legacy

Merge "Filter out failing tempest volume test on stable/ocata" into stable/ocata

2019-05-13 19:48:06 +00:00

rally: switch to new format for context name

2017-09-22 21:02:20 +00:00

Change default local ovs connection timeout

2019-04-05 17:33:59 +00:00

Disable IPv6 forwarding by default on HA routers

2018-06-24 15:25:05 +02:00

.coveragerc

Cleanup coverage configuration

2016-10-17 17:06:19 +05:30

.gitignore

Automatically generate neutron core configuration files

2015-11-27 15:22:59 +00:00

.gitreview

OpenDev Migration Patch

2019-04-19 19:38:36 +00:00

.mailmap

Add mailmap entry

2014-05-16 13:40:04 -04:00

.pylintrc

Update pylint disable list to pass pylint 1.7.1 checks

2017-06-14 16:07:11 +00:00

.testr.conf

Allow more time for DB migration tests

2016-09-21 20:54:41 -04:00

.zuul.yaml

OpenDev Migration Patch

2019-04-19 19:38:36 +00:00

babel.cfg

Use babel to generate translation file

2013-01-24 00:20:32 +08:00

bindep.txt

Add libssl packages to bindep

2017-06-09 13:02:18 +00:00

CONTRIBUTING.rst

Make crystal clear how to contribute/approach the neutron community

2016-10-28 11:49:44 -07:00

HACKING.rst

Merge "Replace assertEqual(None, *) with assertIsNone in tests"

2016-11-22 02:15:19 +00:00

LICENSE

Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to

2011-08-08 12:31:04 -07:00

README.rst

Show team and repo badges on README

2016-11-25 15:35:21 +01:00

requirements.txt

Updated from global requirements

2017-05-15 23:33:47 +00:00

run_tests.sh

Deprecate run_tests.sh

2016-11-08 03:50:20 +00:00

setup.cfg

Add Loki service plugin for optional DB havoc

2017-02-03 05:12:33 -08:00

setup.py

Updated from global requirements

2015-09-21 18:56:49 +00:00

test-requirements.txt

Updated from global requirements

2016-12-28 09:11:12 +00:00

TESTING.rst

[Tempest] Running Trunk test with advanced image only

2017-07-31 11:14:19 -07:00

tox.ini

Update minimum tox version to 2.3.2

2017-06-15 18:32:16 +00:00

README.rst

Team and repository tags

Welcome!

To learn more about neutron:

Documentation: http://docs.openstack.org

Features: http://specs.openstack.org/openstack/neutron-specs

Defects: http://launchpad.net/neutron

Get in touch via email. Use [Neutron] in your subject.

To learn how to contribute:

CONTRIBUTING.rst