Revert "datapath/linux: make sure we have a local rule with proto ker…

…nel" This reverts commit 291852a. Signed-off-by: André Martins <andre@cilium.io>
NikAleksandrov · Apr 1, 2023 · 9d60341 · 9d60341
1 parent 7b78b30
commit 9d60341
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 94 deletions.
diff --git a/daemon/cmd/daemon.go b/daemon/cmd/daemon.go
@@ -19,7 +19,6 @@ import (
 	"github.com/sirupsen/logrus"
 	"github.com/vishvananda/netlink"
 	"golang.org/x/sync/semaphore"
-	"golang.org/x/sys/unix"
 
 	"github.com/cilium/cilium/api/v1/models"
 	health "github.com/cilium/cilium/cilium-health/launch"
@@ -286,12 +285,6 @@ func (d *Daemon) init() error {
 			return fmt.Errorf("failed while reinitializing datapath: %w", err)
 		}
 
-		if err := linuxdatapath.NodeEnsureLocalIPRule(); errors.Is(err, unix.EEXIST) {
-			log.WithError(err).Warn("Failed to ensure local IP rules")
-		} else if err != nil {
-			return fmt.Errorf("failed to ensure local IP rules: %w", err)
-		}
-
 		if option.Config.SockopsEnable {
 			eppolicymap.CreateEPPolicyMap()
 			if err := sockops.SockmapEnable(); err != nil {

diff --git a/pkg/datapath/linux/node.go b/pkg/datapath/linux/node.go
@@ -1883,90 +1883,3 @@ func NodeDeviceNameWithDefaultRoute() (string, error) {
 	}
 	return link.Attrs().Name, nil
 }
-
-func deleteOldLocalRule(rule route.Rule, family int) error {
-	var familyStr string
-
-	// sanity check, nothing to do if the rule is the same
-	if linux_defaults.RTProto == unix.RTPROT_UNSPEC {
-		return nil
-	}
-
-	if family == netlink.FAMILY_V4 {
-		familyStr = "IPv4"
-	} else {
-		familyStr = "IPv6"
-	}
-
-	localRules, err := route.ListRules(family, &rule)
-	if err != nil {
-		return fmt.Errorf("could not list local %s rules: %w", familyStr, err)
-	}
-
-	// we need to check for the old rule and make sure it's before the new one
-	oldPos := -1
-	found := false
-	for pos, rule := range localRules {
-		// mark the first unspec rule that matches
-		if oldPos == -1 && rule.Protocol == unix.RTPROT_UNSPEC {
-			oldPos = pos
-		}
-
-		if rule.Protocol == linux_defaults.RTProto {
-			// mark it as found only if it's before the new one
-			if oldPos != -1 {
-				found = true
-			}
-			break
-		}
-	}
-
-	if found == true {
-		err := route.DeleteRule(rule)
-		if err != nil {
-			return fmt.Errorf("could not delete old %s local rule: %w", familyStr, err)
-		}
-		log.WithFields(logrus.Fields{"family": familyStr}).Info("Deleting old local lookup rule")
-	}
-
-	return nil
-}
-
-// NodeEnsureLocalIPRule checks if Cilium local lookup rule (usually 100)
-// was installed and has proper protocol
-func NodeEnsureLocalIPRule() error {
-	// we have the Cilium local lookup rule only if the proxy rule is present
-	if !option.Config.InstallIptRules || !option.Config.EnableL7Proxy {
-		return nil
-	}
-
-	localRule := route.Rule{Priority: linux_defaults.RulePriorityLocalLookup, Table: unix.RT_TABLE_LOCAL, Mark: -1, Mask: -1, Protocol: linux_defaults.RTProto}
-	oldRule := localRule
-	oldRule.Protocol = unix.RTPROT_UNSPEC
-
-	if option.Config.EnableIPv4 {
-		err := route.ReplaceRule(localRule)
-		if err != nil {
-			return fmt.Errorf("could not replace IPv4 local rule: %w", err)
-		}
-
-		err = deleteOldLocalRule(oldRule, netlink.FAMILY_V4)
-		if err != nil {
-			return err
-		}
-	}
-
-	if option.Config.EnableIPv6 {
-		err := route.ReplaceRuleIPv6(localRule)
-		if err != nil {
-			return fmt.Errorf("could not replace IPv6 local rule: %w", err)
-		}
-
-		err = deleteOldLocalRule(oldRule, netlink.FAMILY_V6)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}