linuxrouting

package
v1.7.13 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 27, 2021 License: Apache-2.0 Imports: 12 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Delete

func Delete(ip net.IP, compat bool) error

Delete removes the ingress and egress rules that control traffic for endpoints. Note that the routes referenced by the rules are not deleted as they can be reused when another endpoint is created on the same node. The compat flag controls which egress priority to consider when deleting the egress rules (see option.Config.EgressMultiHomeIPRuleCompat).

Note that one or more IPs may share the same route table, as identified by the interface number of the corresponding device. This function only removes the ingress and egress rules to disconnect the per-ENI egress routes from a specific local IP, and does not remove the corresponding route table as other IPs may still be using that table.

The search for both the ingress & egress rule corresponding to this IP is a best-effort based on the respective priority that Cilium uses, which we assume full control over. The search for the ingress rule is more likely to succeed (albeit very rarely that egress deletion fails) because we are able to perform a narrower search on the rule because we know it references the main routing table. Deletion of both rules only proceeds if one rule matches the IP & priority. If more than one rule match, then deletion is skipped.

func NewMigrator

func NewMigrator(getter interfaceDB) *migrator

NewMigrator constructs a migrator object with the default implementation to use the underlying upstream netlink library to manipulate the Linux RPDB. It accepts a getter for retrieving the interface number by MAC address and vice versa.

Types

type RoutingInfo

type RoutingInfo struct {
	// IPv4Gateway is the gateway where outbound/egress traffic is directed.
	IPv4Gateway net.IP

	// IPv4CIDRs is a list of CIDRs which the ENI device has access to. In most
	// cases, it'll at least contain the CIDR of the IPv4Gateway IP address.
	IPv4CIDRs []net.IPNet

	// MasterIfMAC is the MAC address of the master interface that egress
	// traffic is directed to. This is the MAC of the ENI itself which
	// corresponds to the IPv4Gateway IP addr.
	MasterIfMAC mac.MAC

	// InterfaceNumber is the generic number of the master interface that
	// egress traffic is directed to. This is used to compute the table ID for
	// the per-ENI tables.
	InterfaceNumber int
}

RoutingInfo represents information that's required to enable connectivity via the local rule and route tables while in ENI mode. The information in this struct is used to create rules and routes which direct traffic out of the ENI devices (egress).

This struct is mostly derived from the `ipam.AllocationResult` as the information comes from IPAM.

func NewRoutingInfo

func NewRoutingInfo(gateway string, cidrs []string, mac, ifaceNum string) (*RoutingInfo, error)

NewRoutingInfo creates a new RoutingInfo struct, from data that will be parsed and validated. Note, this code assumes IPv4 values because ENI + IPv4 is the only supported path currently.

func (*RoutingInfo) Configure

func (info *RoutingInfo) Configure(ip net.IP, mtu int, masq, compat bool) error

Configure sets up the rules and routes needed when running in ENI mode. These rules and routes direct egress traffic out of the ENI device and ingress traffic back to the endpoint (`ip`). The compat flag controls which egress priority to consider when deleting the egress rules (see option.Config.EgressMultiHomeIPRuleCompat).

ip: The endpoint IP address to direct traffic out / from ENI device. info: The ENI device routing info used to create rules and routes. mtu: The ENI device MTU. masq: Whether masquerading is enabled.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL