Florian,
On Wed, Jan 2, 2019 at 3:17 PM Florian Westphal fw@strlen.de wrote:
Mauricio Faria de Oliveira mfo@canonical.com wrote:
<snip>
Either way, the suggested mainline fix does actually fix the issue in 4.14 for at least one environment. So, it might well be the case that Alakesh's test environment has differences/subtleties that leads to more connections accepted, and more commits are needed for that particular environment type.
nf_conncount has a design flaw that is only closed in nf.git/net.git at the time of this writing, so results with earlier kernels (including 4.20) might just fail with different bugs.
4.14 doesn't have those problems, so I think this series (aside from the nit in patch 4/4) indeed should fix the issue reported.
Thanks for mentioning that. It offers some relief about the different results observed.
But for now, with one bare-metal environment (24-core server, 4-core client) verified, I thought of submitting the patches for review/comments/testing, then looking for additional fixes for that environment separately.
4.14 should be good after this afaics.
Thanks a lot for doing this backport and the details testing information.
Thank you a lot for your quick and careful review. I'll build/test/submit a PATCH v2 series (with that fix to patch 4/4) shortly.
cheers,