Comment 3 for bug 1836816

Matthew Ruffell (mruffell) wrote :

I installed 4.15.0-56-generic #62~16.04.1-Ubuntu xenial HWE kernel, and
I followed the reproducer instructions at https://github.com/brb/conntrack-race,
specifically loading in the NAT iptables rules, enabling debug output of the
conntrack file and running the programs server and client.

Looking at dmesg output, I see that conntrack collisions are found and resolved,
and duplicate conntrack entries are de-allocated and returned to the slab.

This kernel is also being tested in a kubernetes test cluster and I will update
this bug if any problems arise. At the moment there isn't any.

Since one of the patches are from upstream -stable, and I have spent some time
validating, I am happy to mark this as verified.