Add --random-fully to VPC Gateway snat rule #1956
Labels
bug
Something isn't working
Comments
oilbeater
added
feature
|
@shane965 Thanks for the information. I will be appreciated if you can make the change |
shane965
added a commit
to shane965/kube-ovn
that referenced
this issue
Oct 15, 2022
shane965
added a commit
to shane965/kube-ovn
that referenced
this issue
Oct 15, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature request
Linux kernel realization that sometimes causes multiple flows to get mapped to the same IP:PORT and consequently some suffer packet drops. Iptables supports other ways to allocate ports, controlled with the option
--random-fully. This is helpful to sloveconntrack raceproblem.Relevant information:
DNS intermittent delays: kubernetes/kubernetes#56903
Explain conntrack race: https://adrian-philipp.com/notes/linux-conntrack-race-condition
Iptables manpages: https://manpages.debian.org/unstable/iptables/iptables-extensions.8.en.html#random_fully~2
Similar commit in k8s: kubernetes/kubernetes@d86d1de
I can create a pr if necessary.
The text was updated successfully, but these errors were encountered: