On Mon, Jan 14, 2019 at 11:15:10PM +0100, Florian Westphal wrote:
> Pablo Neira Ayuso wrote:
> > On Sat, Jan 12, 2019 at 08:03:19AM +0800, we...@ucloud.cn wrote:
> > > From: wenxu
> > >
> > > In the ip_rcv the skb go through the PREROUTING hook first,
> > > Then jump in vrf device go through the
Pablo Neira Ayuso wrote:
> On Sat, Jan 12, 2019 at 08:03:19AM +0800, we...@ucloud.cn wrote:
> > From: wenxu
> >
> > In the ip_rcv the skb go through the PREROUTING hook first,
> > Then jump in vrf device go through the same hook again.
> > When conntrack dnat work with vrf, there will be some co
On Sat, Jan 12, 2019 at 08:03:19AM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> In the ip_rcv the skb go through the PREROUTING hook first,
> Then jump in vrf device go through the same hook again.
> When conntrack dnat work with vrf, there will be some conflict for rules.
> Because the packag
From: wenxu
In the ip_rcv the skb go through the PREROUTING hook first,
Then jump in vrf device go through the same hook again.
When conntrack dnat work with vrf, there will be some conflict for rules.
Because the package go through the hook twice with different nf status
ip link add user1 type
