Hi, with OVN 21.06+ you can create overriding ACLs with higher priority than you currently have, with special "allow-stateless" verb, which ensures packets bypassing conntrack.
Regards, Vladislav Odintsov On 10 Sep 2021, at 22:49, Satish Patel <[email protected]<mailto:[email protected]>> wrote: Folk, We are a large shop of UDP applications so trying to find a way to disable the conntrack for the entire UDP protocol stack, I did google and dig into some ovn documentation but did not find any workaround which allows disabling a conntrack on UDP protocol. Or another option i was thinking of is to disable ACL in OVS entirely and then i will use iptables on vm because that way i can disable conntrack using iptables. Anyone have any idea what to do if possible? _______________________________________________ discuss mailing list [email protected]<mailto:[email protected]> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
_______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
