| Message ID | 20160915232605.4970-1-joe@ovn.org |
|---|---|
| State | Accepted |
| Headers | show |
On Thu, Sep 15, 2016 at 4:26 PM, Joe Stringer <joe@ovn.org> wrote: > Signed-off-by: Joe Stringer <joe@ovn.org> > --- > Pravin, does the GRE note look correct? > --- > NEWS | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/NEWS b/NEWS > index 8c78b3676cf3..19570b96816f 100644 > --- a/NEWS > +++ b/NEWS > @@ -124,6 +124,25 @@ v2.6.0 - xx xxx xxxx > - Add 'mtu_request' column to the Interface table. It can be used to > configure the MTU of the ports. > > +Known issues: > + - Using openvswitch module in conjunction with upstream Linux tunnels: > + * When using the openvswitch module distributed with OVS against kernel > + versions 4.4-4.6, the openvswitch module cannot be loaded or used at the > + same time as "ip_gre". ip-gre park looks good to me. > + - Conntrack FTP ALGs: When using the openvswitch module distributed with > + OVS, particular Linux distribution kernels versions may provide diminished > + functionality. This typically affects active FTP data connections when > + using "actions=ct(alg=ftp),..." in flow tables. Specifically: > + * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set > + up expectations for FTP data connections in multiple zones, > + eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the > + "ct" action for subsequent data connections may fail to determine that > + the data connection is "related" to an existing connection. > + * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state > + correctly for NATed connections. As a result, flows that perform NAT, > + eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet, > + and will populate the "ct_state=inv" bit in the flow. > + > > v2.5.0 - 26 Feb 2016 > --------------------- > -- > 2.9.3 >
On Thu, Sep 15, 2016 at 04:26:05PM -0700, Joe Stringer wrote: > Signed-off-by: Joe Stringer <joe@ovn.org> ... > + * When using the openvswitch module distributed with OVS against kernel > + versions 4.4-4.6, the openvswitch module cannot be loaded or used at the > + same time as "ip_gre". Would you mind writing "4.4 to 4.6" instead of "4.4-4.6"? There are kernel versions with hyphens in them (even cited later in your note) and at first this looked like a single version to me. The following is an editorial ack; I can't speak for this note technically. Acked-by: Ben Pfaff <blp@ovn.org>
On 19 September 2016 at 11:18, Ben Pfaff <blp@ovn.org> wrote: > On Thu, Sep 15, 2016 at 04:26:05PM -0700, Joe Stringer wrote: >> Signed-off-by: Joe Stringer <joe@ovn.org> > > ... > >> + * When using the openvswitch module distributed with OVS against kernel >> + versions 4.4-4.6, the openvswitch module cannot be loaded or used at the >> + same time as "ip_gre". > > Would you mind writing "4.4 to 4.6" instead of "4.4-4.6"? There are > kernel versions with hyphens in them (even cited later in your note) and > at first this looked like a single version to me. > > The following is an editorial ack; I can't speak for this note > technically. > > Acked-by: Ben Pfaff <blp@ovn.org> Thanks for the feedback, I made those adjustments and pushed to master and branch-2.6.
diff --git a/NEWS b/NEWS index 8c78b3676cf3..19570b96816f 100644 --- a/NEWS +++ b/NEWS @@ -124,6 +124,25 @@ v2.6.0 - xx xxx xxxx - Add 'mtu_request' column to the Interface table. It can be used to configure the MTU of the ports. +Known issues: + - Using openvswitch module in conjunction with upstream Linux tunnels: + * When using the openvswitch module distributed with OVS against kernel + versions 4.4-4.6, the openvswitch module cannot be loaded or used at the + same time as "ip_gre". + - Conntrack FTP ALGs: When using the openvswitch module distributed with + OVS, particular Linux distribution kernels versions may provide diminished + functionality. This typically affects active FTP data connections when + using "actions=ct(alg=ftp),..." in flow tables. Specifically: + * Centos 7.1 kernels (3.10.0-2xx) kernels are unable to correctly set + up expectations for FTP data connections in multiple zones, + eg "actions=ct(zone=1,alg=ftp),ct(zone=2,alg=ftp),...". Executing the + "ct" action for subsequent data connections may fail to determine that + the data connection is "related" to an existing connection. + * Centos 7.2 kernels (3.10.0-3xx) kernels may not establish FTP ALG state + correctly for NATed connections. As a result, flows that perform NAT, + eg "actions=ct(nat,ftp=alg,table=1),..." may fail to NAT the packet, + and will populate the "ct_state=inv" bit in the flow. + v2.5.0 - 26 Feb 2016 ---------------------
Signed-off-by: Joe Stringer <joe@ovn.org> --- Pravin, does the GRE note look correct? --- NEWS | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+)