Skip to content

Commit

Permalink
cni: Use correct route MTU for various cloud cidrs
Browse files Browse the repository at this point in the history 
This commit corrects the MTU that is used by the cilium-cni plugin when
creating routes for CIDRs received from ENI, Azure or Alibaba Cloud.

The cilium-agent daemon returns two MTUs to the cilium-cni plugin: a
"device" MTU, which is used to set the MTU on a Pod's interface in
its network namespace, and a "route" MTU, which is used to set the MTU
on the routes created inside the Pod's network namespace that handle
traffic leaving the Pod. The "route" MTU is adjusted based on the Cilium
configuration to account for any configured encapsulation protocols,
such as VXLAN or WireGuard. Before this commit, when ENI, Azure or Alibaba
Cloud IPAM was enabled, the routes created in a Pod's network namespace
were using the "device" MTU, rather than the "route" MTU, leading to
fragmentation issues.

Signed-off-by: Ryan Drew <ryan.drew@isovalent.com>
  • Loading branch information
@learnitall @youngnick
learnitall authored and youngnick committed May 3, 2024
1 parent 8163532 commit 29a340e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion plugins/cilium-cni/cmd/interface.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func interfaceAdd(ipConfig *current.IPConfig, ipam *models.IPAMAddressResponse,

if err := routingInfo.Configure(
ipConfig.Address.IP,
int(conf.DeviceMTU),
int(conf.RouteMTU),
conf.EgressMultiHomeIPRuleCompat,
false,
); err != nil {
Expand Down

0 comments on commit 29a340e

Please sign in to comment.