Investigate workaround in privileged tests for netlink.RuleAdd() returning EINVAL #14383
Assignees
Labels
kind/bug
This is a bug in the Cilium logic.
pinned
These issues are not marked stale by our issue bot.
sig/datapath
Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
sig/loader
Impacts the loading of BPF programs into the kernel.
Comments
|
For quicker future reference: we'd like to replace the c.Assert(netlink.RuleAdd(&netlink.Rule{
Src: &net.IPNet{IP: net.ParseIP("172.2.0.2"), Mask: net.CIDRMask(32, 32)},
Priority: linux_defaults.RulePriorityEgress,
Table: dummy.Index,
}), IsNil) |
|
This can be useful to trace netlink requests to the kernel: https://github.com/socketpair/nltrace |
|
Alternatively, the recent enough strace version should help you to compare both netlink requests. If that doesn't work, then https://docs.pyroute2.org/debug.html might be useful. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
stale
bot
added
the
stale
pchaigno
added
pinned
ti-mo
added
sig/loader
ti-mo
added a commit
to ti-mo/cilium
that referenced
this issue
Jun 26, 2023
The default value of a netlink.Rule does not seem to be useful. netlink.NewRule must be used instead. Fixes: cilium#14383 Signed-off-by: Timo Beckers <timo@isovalent.com>
|
@christarazi Turns out the default value of netlink.Rule cannot be used: #26486. |
ti-mo
added a commit
that referenced
this issue
Jun 26, 2023
The default value of a netlink.Rule does not seem to be useful. netlink.NewRule must be used instead. Fixes: #14383 Signed-off-by: Timo Beckers <timo@isovalent.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
See #14337 (comment). For now the workaround is to shell out to
ip rule addinstead of using the netlink library.The text was updated successfully, but these errors were encountered: