Package route provides the Cilium specific abstraction and useful helpers to manage network routes



    View Source
    const (
    	// RouteReplaceMaxTries is the number of attempts the route will be
    	// attempted to be added or updated in case the kernel returns an error
    	RouteReplaceMaxTries = 10
    	// RouteReplaceRetryInterval is the interval in which
    	// RouteReplaceMaxTries attempts are attempted
    	RouteReplaceRetryInterval = 100 * time.Millisecond
    	// RTN_LOCAL is a route type used to indicate packet should be "routed"
    	// locally and passed up the stack. Is used by IPSec to force encrypted
    	// packets to pass through XFRM layer.
    	RTN_LOCAL = 0x2
    	// MainTable is Linux's default routing table
    	MainTable = 254
    	// EncryptRouteProtocol for Encryption specific routes
    	EncryptRouteProtocol = 192


    This section is empty.


    func Delete

    func Delete(route Route) error

      Delete deletes a Linux route. An error is returned if the route does not exist or if the route could not be deleted.

      func DeleteRule

      func DeleteRule(spec Rule) error

        DeleteRule delete a mark based rule from the routing table.

        func DeleteRuleIPv6

        func DeleteRuleIPv6(spec Rule) error

          DeleteRuleIPv6 delete a mark based IPv6 rule from the routing table.

          func ListRules

          func ListRules(family int, filter *Rule) ([]netlink.Rule, error)

            ListRules will list IP routing rules on Linux, filtered by `filter`. When `filter` is nil, this function will return all rules, "unfiltered". This function is meant to replicate the behavior of `ip rule list`.

            func NodeDeviceWithDefaultRoute

            func NodeDeviceWithDefaultRoute(enableIPv4, enableIPv6 bool) (netlink.Link, error)

              NodeDeviceWithDefaultRoute returns the node's device which handles the default route in the current namespace

              func ReplaceRule

              func ReplaceRule(spec Rule) error

                ReplaceRule add or replace rule in the routing table using a mark to indicate table. Used with BPF datapath to set mark and direct packets to route table.

                func ReplaceRuleIPv6

                func ReplaceRuleIPv6(spec Rule) error

                  ReplaceRuleIPv6 add or replace IPv6 rule in the routing table using a mark to indicate table.

                  func Upsert

                  func Upsert(route Route) (bool, error)

                    Upsert adds or updates a Linux kernel route. The route described can be in the following two forms:


                    prefix dev foo


                    prefix via nexthop dev foo

                    If a nexthop route is specified, this function will check whether a direct route to the nexthop exists and add if required. This means that the following two routes will exist afterwards:

                    nexthop dev foo
                    prefix via nexthop dev foo

                    Due to a bug in the Linux kernel, the prefix route is attempted to be updated RouteReplaceMaxTries with an interval of RouteReplaceRetryInterval. This is a workaround for a race condition in which the direct route to the nexthop is not available immediately and the prefix route can fail with EINVAL if the Netlink calls are issued in short order.

                    An error is returned if the route can not be added or updated.


                    type ByMask

                    type ByMask []Route

                      ByMask is used to sort an array of routes by mask, narrow first.

                      func (ByMask) Len

                      func (a ByMask) Len() int

                      func (ByMask) Less

                      func (a ByMask) Less(i, j int) bool

                      func (ByMask) Swap

                      func (a ByMask) Swap(i, j int)

                      type Route

                      type Route struct {
                      	Prefix  net.IPNet
                      	Nexthop *net.IP
                      	Local   net.IP
                      	Device  string
                      	MTU     int
                      	Proto   int
                      	Scope   netlink.Scope
                      	Table   int
                      	Type    int

                      func Lookup

                      func Lookup(route Route) (*Route, error)

                        Lookup attempts to find the linux route based on the route specification. If the route exists, the route is returned, otherwise an error is returned.

                        func (*Route) LogFields

                        func (r *Route) LogFields() logrus.Fields

                          LogFields returns the route attributes as logrus.Fields map

                          func (*Route) ToIPCommand

                          func (r *Route) ToIPCommand(dev string) []string

                            ToIPCommand converts the route into a full "ip route ..." command

                            type Rule

                            type Rule struct {
                            	// Priority is the routing rule priority
                            	Priority int
                            	// Mark is the skb mark that needs to match
                            	Mark int
                            	// Mask is the mask to apply to the skb mark before matching the Mark
                            	// field
                            	Mask int
                            	// From is the source address selector
                            	From *net.IPNet
                            	// To is the destination address selector
                            	To *net.IPNet
                            	// Table is the routing table to look up if the rule matches
                            	Table int

                              Rule is the specification of an IP routing rule

                              func (Rule) String

                              func (r Rule) String() string

                                String returns the string representation of a Rule (adhering to the Stringer interface).