so 21. 8. 2021 o 15:03 Blažej Krajňák <blazej.krajnak@xxxxxxxxx> napísal(a): > I just found an another strange behaviour of conntrack. I'm mirroring > port on switch and mirrored data are coming to Linux server. That port > on server is in bridge. In nftables I created table bridge filter with > some CT rule to enable connection tracking on bridge. > As I found I had to add another dummy interface to bridge, because > conntrack was not working at all, if just one port in bridge. > Now I see conntrack entries but all of them as UNREPLIED and just one > way byte/packet counters are increasing (see attachment). Is it > because the both ways are coming to server on the same port? Any easy > workaround? I just figure it out. Switch was sending one way of traffic tagged with vlan. And also I had to turn off bridge MAC addresses learning (a.k.a ageing to 0). Now it works.
