openstack/tripleo-heat-templates
Code Issues Proposed changes

[ovn] Don't add conntrack entries for Geneve

Browse Source 
As Geneve UDP traffic is allowed, there's no reason to create
conntrack entries as it may result in a performance hit.

This patch is preventing Geneve traffic to be sent to conntrack.

Closes-Bug: #1885551
Change-Id: I1eb6c77ea3cbdfaaa2b2a3fec0e6b8d2a71aae95
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
This commit is contained in:
Daniel Alvarez 2020-06-29 13:23:20 +02:00 committed by Michele Baldessari
parent d13d010693
commit a9e95b26bc
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
deployment/ovn/ovn-controller-container-puppet.yaml
View File

@ -138,6 +138,22 @@ outputs:
'119 neutron geneve networks': '119 neutron geneve networks':
proto: 'udp' proto: 'udp'
dport: 6081 dport: 6081
'120 neutron geneve networks no conntrack':
proto: 'udp'
dport: 6081
table: 'raw'
chain: 'OUTPUT'
jump: 'NOTRACK'
action: 'append'
state: []
'121 neutron geneve networks no conntrack':
proto: 'udp'
dport: 6081
table: 'raw'
chain: 'PREROUTING'
jump: 'NOTRACK'
action: 'append'
state: []
config_settings: config_settings:
map_merge: map_merge:
- get_attr: [RoleParametersValue, value] - get_attr: [RoleParametersValue, value]