Nice insight! I’m thinking this should be relatively easy for aws to fix (or at least make the chance vanishingly small) on nlb side by hacking up their tcp stack to select source port randomly
Edit: actually i just realized for really high number of long conns that wouldn’t matter. Hm maybe not rewrite the dst ip and make vms handle that. Seems like a much more intrusive chancge though
Edit: actually i just realized for really high number of long conns that wouldn’t matter. Hm maybe not rewrite the dst ip and make vms handle that. Seems like a much more intrusive chancge though