Enable IP forwarding on the Windows bridge local interface

Traffic from the uplink interface will be output to the bridge local interface directly. When an external client connects to a LoadBalancer type Service, and the packets of the connection is routed to the selected backend Pod via the bridge interface, if we do not enable IP forwarding on the bridge interface, the connection will be discarded on the bridge interface as the source of the connection is not the Node. Signed-off-by: Hongliang Liu <lhongliang@vmware.com>
antrea-io · Dec 15, 2021 · 1f4b9d0 · 1f4b9d0
1 parent a5114e7
commit 1f4b9d0
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/pkg/agent/agent_windows.go b/pkg/agent/agent_windows.go
@@ -188,6 +188,14 @@ func (i *Initializer) prepareOVSBridge() error {
 		err = nil
 		klog.V(4).Infof("Address: %s already exists when configuring IP on interface %s", uplinkNetConfig.IP.String(), brName)
 	}
+	// Enable IP forwarding on the bridge local interface. Traffic from the uplink interface will be output to the bridge
+	// local interface directly. When an external client connects to a LoadBalancer type Service, and the packets of the
+	// connection is routed to the selected backend Pod via the bridge interface, if we do not enable IP forwarding on
+	// the bridge interface, the connection will be discarded on the bridge interface as the source of the connection is
+	// not the Node.
+	if err = util.EnableIPForwarding(brName); err != nil {
+		return err
+	}
 	// Restore the host routes which are lost when moving the network configuration of the uplink interface to OVS bridge interface.
 	if err = i.restoreHostRoutes(); err != nil {
 		return err