This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/1934401 Title: Control netfilter flow table timeouts via sysctl Status in linux-bluefield package in Ubuntu: Invalid Status in linux-bluefield source package in Focal: Fix Committed Bug description: * Explain the bug(s) TCP and UDP connections may be offloaded from nf conntrack to nf flow table. Offloaded connections are aged after 30 seconds of inactivity. Once aged, ownership is returned to conntrack with a hard coded tcp/udp pickup time of 120/30 seconds, after which the connection may be deleted. The current hard-coded pickup intervals may introduce a very aggressive aging policy. For example, offloaded tcp connections in established state will timeout from nf conntrack after just 150 seconds of inactivity, instead of 5 days. In addition, the hard-coded 30 second offload timeout period can significantly increase the hardware insertion rate requirements in some use cases. * Brief explanation of fixes This patchset provides the user with the ability to configure protocol specific offload timeout and pickup intervals via sysctl. The first and second patches revert the existing non-upstream solution. The next two patches introduce the sysctl configuration for tcp and udp protocols. The last patch modifies nf flow table aging mechanisms to use the configured time intervals. * How to test Control tcp/udp connection timeout using the following sysctl parameters: net.netfilter.nf_flowtable_tcp_pickup = 120 net.netfilter.nf_flowtable_tcp_timeout = 30 net.netfilter.nf_flowtable_udp_pickup = 30 net.netfilter.nf_flowtable_udp_timeout = 30 * What it could break. Existing configuration scripts – not kernel related To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/1934401/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
