Paul Blakey <paulb@xxxxxxxxxx> wrote: > Currently UNREPLIED and UNASSURED connections are added to the nf flow > table. This causes the following connection packets to be processed > by the flow table which then skips conntrack_in(), and thus such the > connections will remain UNREPLIED and UNASSURED even if reply traffic > is then seen. Even still, the unoffloaded reply packets are the ones > triggering hardware update from new to established state, and if > there aren't any to triger an update and/or previous update was > missed, hardware can get out of sync with sw and still mark > packets as new. Reviewed-by: Florian Westphal <fw@xxxxxxxxx>
