iwita
b9152718d2
new version
|
лет назад: 5 | |
|---|---|---|
| .. | ||
| .gitignore | лет назад: 5 | |
| BUILD | лет назад: 5 | |
| Dockerfile | лет назад: 5 | |
| Makefile | лет назад: 5 | |
| README.md | лет назад: 5 | |
| VERSION | лет назад: 5 | |
| main.go | лет назад: 5 | |
| tcp.go | лет назад: 5 | |
README.md
Reproduction of k8s issue #74839
Network services with heavy load will cause "connection reset" from time to time. Especially those with big payloads. When packets with sequence number out-of-window arrived k8s node, conntrack marked them as INVALID. kube-proxy will ignore them, without rewriting DNAT. The packet goes back the original pod, who doesn't recognize the packet because of the wrong source ip, end up RSTing the connection.