Comment 13 for bug 1365438

I'm a bit concerned about the overhead of synchronizing conntrack between routers. In my experience, it is very significant and I actually doubt the benefit somewhat. So, maybe you can help me understand why this is important.

The linux kernel enables the nf_conntrack_tcp_loose sysctl option by default. When this is enabled. Conntrack will pick up existing connections traffic appears coming from the "right" direction, meaning the direction that would be allowed to initiate the session in the first place. In most cases, I imagine that this should be sufficient to maintain continuity for connections.

To me, the description of this bug doesn't adequately justify the developer work and the increase amount of overhead that this feature will add. For example, it doesn't cite any kind of real world experience or testing, it just merely states that connections are discarded and doesn't consider the potential mitigation from the tcp_loose option. I'm very concerned.