Comment 8 for bug 1461000

Hi Thiago,

   After some thought I don't think we should push back on implementing an nftables-firewall-driver, or ovs/ct driver.

   why not having both and checking what works best? I cannot help too much on nft, since I don't have expertise on it (yet), but I would be glad to review any related patches, and learn on the way if you're willing to push that work.

the OVS/CT solution would eliminate absolutely everything except ovs/openflow.

OVS + NFT still means mixing two technologies. LB + NFT probably would see a lot of benefits.

Thiago, can you post a link here to your NFT proposal for cross reference?