Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[conntrack]: Add Flag for unknown TCP connection direction when SYN is missed #919

Open
SRodi opened this issue Oct 31, 2024 · 0 comments
Open

[conntrack]: Add Flag for unknown TCP connection direction when SYN is missed #919

SRodi opened this issue Oct 31, 2024 · 0 comments
Assignees
@SRodi
Labels
area/ebpf area/flows

Comments

@SRodi
Copy link
Member

SRodi commented Oct 31, 2024

Background

TCP connections that existed before the deployment of Retina are currently subjected to a best-effort approach by conntrack to determine their direction. This method depends on the ACK flag on the TCP packet, which can be prone to errors due to the unpredictable nature of network traffic.

Goal

Create a flag in conntrack map to identify connections for which direction cannot be established for certain.

This will allow us to analyze the volume of affected connections. We can include this data in the heartbeat telemetry to monitor the issue over time and understand how the volume of affected connections changes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SRodi SRodi

Labels
area/ebpf area/flows
Projects
Retina Triage Board
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SRodi