
Connection tracking critical for high performance network policy for Kubernetes - chris_marino
http://blog.kubernetes.io/2016/09/high-performance-network-policies-kubernetes.html
======
chris_marino
We ran some performance benchmarks applying network policy to Kubernetes pods.
Found that latency was (nearly) independent of the number of iptable rules
applied. This is because once the session is set up, connection tracking lets
subsequent packets be forwarded right away.

