Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[conntrack] Self-correcting mechanism for existing TCP connections' direction #805

Open
nddq opened this issue Oct 2, 2024 · 0 comments
Open

[conntrack] Self-correcting mechanism for existing TCP connections' direction #805

nddq opened this issue Oct 2, 2024 · 0 comments
Assignees
@SRodi @ibezrukavyi
Labels
area/ebpf area/flows scope/M Change is Medium type/fix Fixes something

Comments

@nddq
Copy link
Contributor

nddq commented Oct 2, 2024

Currently, for TCP connections that existed before Retina was deployed, conntrack uses a best-effort approach, relying on the ACK packet to determine the direction of these connections. However, this method can be inaccurate. Implementing a self-correcting mechanism, such as examining the packet sequence numbers, could resolve this issue. We also need to figure out a self-correcting mechanism for UDP connections as well.
@nddq nddq added type/fix Fixes something area/ebpf scope/M Change is Medium area/flows labels Oct 2, 2024
@SRodi SRodi mentioned this issue Oct 14, 2024
Closed
7 tasks
@SRodi SRodi linked a pull request Oct 15, 2024 that will close this issue
fix(ct): self-correction mechanism for existing TCP connections direction #857
Closed
7 tasks
@SRodi SRodi changed the title [conntrack] Self-correcting mechanism for existing connections' direction [conntrack] Self-correcting mechanism for existing TCP connections' direction Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SRodi SRodi

@ibezrukavyi ibezrukavyi

Labels
area/ebpf area/flows scope/M Change is Medium type/fix Fixes something
Projects
Retina Triage Board
Status: No status
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(ct): self-correction mechanism for existing TCP connections direction SRodi/retina
3 participants
@nddq @SRodi @ibezrukavyi