In the past (last year) I know I had some issues when connection tracking was off on my routers so I have just been leaving it on since then. I’d like to revisit if it is required though because I prefer to turn it off on all routers to decrease system utilization. No NAT, just straight up routing on the routers and OSPF.
If it turns out I can disable connection tracking then is there any other issue I may have (with sniffer tools, firewall rules etc) that you can think of?
I vaguely remember with early 3.x you had to use connection tracking if you wanted to route ip fragmented packets. I have no idea if this was fixed. I sure hope so, I am getting close to needed to add border routes on newer hardware and need 3.x. Anyone with first hand experience with no connection tracking on 3.x?