Fix IPv6 PD routing rule management#70
Merged
nmeyerhans merged 6 commits intoamazonlinux:1.xfrom Oct 6, 2022
Merged
Conversation
added 6 commits
September 29, 2022 16:55
See amazonlinux#68 for background. The `ip rule list` output represents IPv6 addresses in compressed form, with the longest block of consecutive 0s replaced by "::", e.g. 2600:1f14:eeb:22ff:4a0::/80, while IMDS represents the address in uncompressed form, as in 2600:1f14:eeb:22ff:4a0:0:0:0/80. Since we're comparing addresses using simple string comparison, rather than something with knowledge of the address semantics, identical addresses can appear to differ incorrectly. The impact was that we would continuously delete and add routing rules for our delegated IPv6 prefixes. While there was no impact to routed traffic, because the new rules were deleted before adding the new ones, this caused unncessary churn through the policy routing rule table with unexpected consequences when the counter wrapped around from zero.
Commit 4b3d2f5 ("Move route file creation to a dhclient enter hook") moved some functionality to code executed by dhclient. Existing tests were updated to reflect that the code in question should no longer be called where it was, but there were no new tests written to cover the hook functionality. This commit adds the missing tests.
This tests for the condition described at amazonlinux#68
nmeyerhans
force-pushed
the
no-dup-v6-pd-rules
branch
from
1eec88b to
474b11a
Compare
Contributor
Author
|
Rebased after merging #72 so we have automated test run results for this PR now. |
keithaws
approved these changes
Oct 6, 2022
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue #, if available: #68
Description of changes:
Fix #68 by asking the kernel if it's got a policy rule for a given prefix, rather than try to figure it out by string comparison.
This PR also fixes a number of existing tests, and ensures that they run by default.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.