Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Probes: NTF_EXT_LEARNED and NTF_EXT_MANAGED flags using netlink #20694

Closed
ti-mo opened this issue Jul 28, 2022 · 0 comments · Fixed by #25134
Closed

Probes: NTF_EXT_LEARNED and NTF_EXT_MANAGED flags using netlink #20694

ti-mo opened this issue Jul 28, 2022 · 0 comments · Fixed by #25134
Assignees
@rgo3
Labels
sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/loader Impacts the loading of BPF programs into the kernel.

Comments

@ti-mo
Copy link
Contributor

ti-mo commented Jul 28, 2022
edited

While working on #20556, @rgo3 identified we're using a probe on bpf_get_branch_snapshot as a proxy for detecting NTF_EXT_LEARNED and NTF_EXT_MANAGED support.

This works, but might break on older distro kernels that backport the commit containing that helper. Replace this probe with a few netlink calls that create a neigh entry in a separate netns with these flags to test if managed neighs are really supported.

cc @borkmann
@ti-mo ti-mo added sig/loader Impacts the loading of BPF programs into the kernel. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. labels Jul 28, 2022
@ti-mo ti-mo changed the title Probe NTF_EXT_LEARNED and NTF_EXT_MANAGED flags using netlink Probes: NTF_EXT_LEARNED and NTF_EXT_MANAGED flags using netlink Aug 2, 2022
@rgo3 rgo3 mentioned this issue Sep 8, 2022
Closed
rgo3 added a commit to rgo3/cilium that referenced this issue Sep 9, 2022
@rgo3
daemon: use netlink for managed neighbor support probe
47f0c02 
With this commit we refactor the probe logic that checks for
the existence of a certain helper as this could break on older
distro kernel that have backported the commit we probed for.

Using actual netlink calls to probe for managed neighbor support
will only succeed if the underlying kernel actually supports it.

Fixes cilium#20694.

Signed-off-by: Robin Gögge <r.goegge@isovalent.com>
@rgo3 rgo3 mentioned this issue Apr 26, 2023
Merged
rgo3 added a commit to rgo3/cilium that referenced this issue May 16, 2023
@rgo3
daemon: use netlink for managed neighbor support probe
e7d8d4a 
With this commit we refactor the probe logic that checks for
the existence of a certain helper as this could break on older
distro kernel that have backported the commit we probed for.

Using actual netlink calls to probe for managed neighbor support
will only succeed if the underlying kernel actually supports it.

Fixes cilium#20694.

Signed-off-by: Robin Gögge <r.goegge@isovalent.com>
tklauser pushed a commit that referenced this issue May 17, 2023
@rgo3 @tklauser
daemon: use netlink for managed neighbor support probe
0ada4e8 
With this commit we refactor the probe logic that checks for
the existence of a certain helper as this could break on older
distro kernel that have backported the commit we probed for.

Using actual netlink calls to probe for managed neighbor support
will only succeed if the underlying kernel actually supports it.

Fixes #20694.

Signed-off-by: Robin Gögge <r.goegge@isovalent.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rgo3 rgo3

Labels
sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. sig/loader Impacts the loading of BPF programs into the kernel.
Projects
None yet
Milestone
No milestone
2 participants
@ti-mo @rgo3