On Mon, Jan 23, 2023 at 11:01:47AM -0800, Nobel Barakat wrote:
PATCH_SUBJECT: netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state PATCH_COMMIT: e15d4cdf27cb0c1e977270270b2cea12e0955edd Reason for backport request: We've had a few customers experience issues with dnat such that their kubernetes processes are now unreachable. Because dnat rules fail to update, kubernetes pod IPs won't resolve and traffic gets blackholed causing any healthcheck service to kill and restart the pod. This commit has been verified to fix the issue and the ask here is to backport it to kernel versions v5.4 and v5.10.
Queued up, thanks for the report! -- Thanks, Sasha