I installed 4.15.0-56-generic #62~16.04.1-Ubuntu xenial HWE kernel, and
I followed the reproducer instructions at https://github.com/brb/conntrack-race,
specifically loading in the NAT iptables rules, enabling debug output of the
conntrack file and running the programs server and client.
Looking at dmesg output, I see that conntrack collisions are found and resolved,
and duplicate conntrack entries are de-allocated and returned to the slab.
This kernel is also being tested in a kubernetes test cluster and I will update
this bug if any problems arise. At the moment there isn't any.
Since one of the patches are from upstream -stable, and I have spent some time
validating, I am happy to mark this as verified.
I installed 4.15.0-56-generic #62~16.04.1-Ubuntu xenial HWE kernel, and /github. com/brb/ conntrack- race,
I followed the reproducer instructions at https:/
specifically loading in the NAT iptables rules, enabling debug output of the
conntrack file and running the programs server and client.
Looking at dmesg output, I see that conntrack collisions are found and resolved,
and duplicate conntrack entries are de-allocated and returned to the slab.
This kernel is also being tested in a kubernetes test cluster and I will update
this bug if any problems arise. At the moment there isn't any.
Since one of the patches are from upstream -stable, and I have spent some time
validating, I am happy to mark this as verified.