Comment 5 for bug 1907451

As mentioned in #1 everything appear to work with port security enabled and a 5.8 kernel which has support for offload of conntrack flows. But as we know that is a bit too bleeding edge for production use at this point in time.

To try an alternative approach I took the OVN VXLAN support patch [0] and backported it to the 20.03 package in OVN.

Testing so far suggests that solves the issue, so that might indicate that the root of the issue is in NIC firmware and/or driver for the Geneve offload support. So perhaps we need to go with VXLAN for now and move back to Geneve once the 5.8 kernel becomes stable enough to be consumable in production?

0: https://github.com/ovn-org/ovn/commit/b07f1bc3d068e231e40840b0d977bd57158987fd