[PATCH] netfilter/ipvs: immediately expire no destination connections in kthread if expire_nodest_conn=1

against existing entries if a source port in the connection hash is reused. When the number of entries in the connection tracker is large, we can significantly reduce the number of dropped packets by expiring all connections upon deletion in a kthread. Signed-off-by: Andrew Sy Kim --- include/net

[PATCH] netfilter/ipvs: immediately expire UDP connections matching unavailable destination if expire_nodest_conn=1

against existing entries if a source port in the connection hash is reused. When the number of entries in the connection tracker is large, we can significantly reduce the number of dropped packets by expiring all connections upon deletion. Signed-off-by: Andrew Sy Kim --- include/net/ip_vs.h

[PATCH] netfilter/ipvs: expire no destination UDP connections when expire_nodest_conn=1

opped whenever an existing connection entry with the same source port exists. This patch ensures IPVS also expires UDP connections when a packet matches an existing connection with no destinations. Signed-off-by: Andrew Sy Kim --- net/netfilter/ipvs/ip_vs_core.c | 3 +-- 1 file changed, 1 insertion(