Jarno Rajahalme <ja...@ovn.org> wrote: > In the OVS datapath we clear the skb hash whenever we change any of the > fields that may be used to compute it. This guarantees that any given flow > will get the same hash value when assigning packets to bond interfaces based > on the skb hash. If the hash is not cleared, some packets may use the pre-nat > hash provided by a nic, for example, while others may not have the nic > provided hash and compute a new one post-nat. Also, if DNAT is used for load > balancing, the hash should be computed after the NAT for the difference in > the destination address to make a difference in the hash value. > > We could also clear the hash in the OVS datapath code after calling into nf > nat, but could that still have the same issue with affecting the nf_tables > tracing (of which I know nothing about)?
No, that would not affect nft. Note that we could also remove the skb_get_hash() usage in nf trace (we want to compute a pseudo-id that doesn't change while skb travels the netfilter hooks). For now I'd prefer if the hash reset would happen in OVS. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
