-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v1.9 backport: node: Remove check whether nextHop is in same L2 #14453
Conversation
test-backport-1.9 |
7595d5d
to
fac4b87
Compare
It was reported that on a GKE cluster the neigh handling logged the following error: level=error msg="IP is not L2 reachable" error="iface: 'eth0' can't reach ip: '10.164.0.1'" interface=eth0 ipAddr=10.164.0.1 subsys=linux-datapath The "ip route" and "ip addr" had the following relevant entries: default via 10.164.0.1 dev eth0 proto dhcp metric 1024 10.164.0.1 dev eth0 proto dhcp scope link metric 1024 eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc mq state UP group default qlen 1000 link/ether 42:01:0a:a4:00:4f brd ff:ff:ff:ff:ff:ff inet 10.164.0.79/32 scope global dynamic eth0 As we can see, eth0 had IP addr assigned from /32 subnet which made the check for nexthop in the same L2 to fail regardless of the "10.164.0.1 dev eth0" route. This commit removes the check, as nexthop is guaranteed to be L2-reachable by the Linux kernel routing system. Reported-by: Joe Stringer <joe@cilium.io> Reported-by: Paul Chaignon <paul@cilium.io> Signed-off-by: Martynas Pumputis <m@lambda.lt>
fac4b87
to
a2dd505
Compare
The updated version contains the following change: arping: Make PingOverIface* to accept source IP addr Instead of trying to derive the src IP with FindIPInNetworkFromIface(), accept src IP addr as a param. The latter function is broken for the case when the iface has IP addr assigned from the /32 subnet and there exists an route to the gw via the iface (GKE). Also, use the source IP addr for arping from the nexthop route. Signed-off-by: Martynas Pumputis <m@lambda.lt>
test-backport-1.9 |
retest-net-next |
retest-runtime |
CI net-next failed with:
|
retest-net-next |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The two backported commits are missing references to the upstream commits. Those references are automatically added when using our cherry-pick script.
@brb If you want to fix that, I can merge without rerunning the whole tests after the update. Otherwise, I'll merge before end of day.
There are no upstream commits. The commits in this PR are only for v1.9. |
Oh, I missed that the "upstream" PR was closed and I had completely forgot our discussion. Merging both backport PRs 🚢 |
This is a backport of #14354 for v1.9.