On Tue, Aug 23, 2022 at 04:38:48PM -0700, Eric Dumazet wrote:
> From: Eric Dumazet <edumazet@xxxxxxxxxx>
>
> Currently, net.netfilter.nf_conntrack_frag6_high_thresh can only be lowered.
>
> I found this issue while investigating a probable kernel issue
> causing flakes in tools/testing/selftests/net/ip_defrag.sh
>
> In particular, these sysctl changes were ignored:
> ip netns exec "${NETNS}" sysctl -w net.netfilter.nf_conntrack_frag6_high_thresh=9000000 >/dev/null 2>&1
> ip netns exec "${NETNS}" sysctl -w net.netfilter.nf_conntrack_frag6_low_thresh=7000000 >/dev/null 2>&1
>
> This change is inline with commit 836196239298 ("net/ipfrag: let ip[6]frag_high_thresh
> in ns be higher than in init_net")
Applied, thanks
