From 94360d2c4f6b62b4ef849cca802b5db605cd36b7 Mon Sep 17 00:00:00 2001 From: Levente Kale Date: Thu, 30 Apr 2020 12:52:02 +0200 Subject: [PATCH 1/2] Disabling DAD on DANM allocated IPv6 addresses to avoid intermittent startup filures --- pkg/danmep/ep.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkg/danmep/ep.go b/pkg/danmep/ep.go index f2def9a2..0fab1929 100644 --- a/pkg/danmep/ep.go +++ b/pkg/danmep/ep.go @@ -7,6 +7,7 @@ import ( "os" "runtime" "strconv" + "syscall" "github.com/vishvananda/netlink" "github.com/containernetworking/plugins/pkg/ns" danmtypes "github.com/nokia/danm/crd/apis/danm/v1" @@ -128,6 +129,10 @@ func addIpToLink(ip string, iface netlink.Link) error { return errors.New("cannot parse IP address because:" + err.Error()) } ipAddr := &netlink.Addr{IPNet: &net.IPNet{IP: addr, Mask: pref.Mask}} + if addr.To4() == nil { + //Disable unnecessary DAD for IPv6 addresses managed by DANM + ipAddr.Flags = syscall.IFA_F_NODAD + } err = netlink.AddrAdd(iface, ipAddr) if err != nil { return errors.New("cannot add IP address to link because:" + err.Error()) From 1f1ba243d59d485cf5b5814b3d3f578d6e9be192 Mon Sep 17 00:00:00 2001 From: Levente Kale Date: Thu, 30 Apr 2020 15:19:11 +0200 Subject: [PATCH 2/2] Adding NODAD flag to V6 addresses provisioned by delegate CNIs. We do this my "replacing" the provisioned IP address on the link with itself, but with the right flag set. --- pkg/danmep/danmep.go | 8 ++++++-- pkg/danmep/ep.go | 13 +++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/pkg/danmep/danmep.go b/pkg/danmep/danmep.go index d2d48435..ee177e04 100644 --- a/pkg/danmep/danmep.go +++ b/pkg/danmep/danmep.go @@ -183,7 +183,11 @@ func PostProcessInterface(ep *danmtypes.DanmEp, dnet *danmtypes.DanmNet) error { } err = setDanmEpSysctls(ep) if err != nil { - return errors.New("failed to set kernel configs for interface" + ep.Spec.Iface.Name + " beause:" + err.Error()) + return errors.New("failed to set kernel configs for interface" + ep.Spec.Iface.Name + " because:" + err.Error()) + } + err = disableDadOnIface(ep, isVfAttachedToDpdkDriver) + if err != nil { + return errors.New("failed to disable DAD for address" + ep.Spec.Iface.AddressIPv6 + " because:" + err.Error()) } return addIpRoutes(ep,dnet) } @@ -382,7 +386,7 @@ func getVfMac(pciId string) net.HardwareAddr { pfLink, err := netlink.LinkByName(pfName) if err != nil { return net.HardwareAddr{} - } + } if pfLink.Attrs() != nil && len(pfLink.Attrs().Vfs) >= vfId { return pfLink.Attrs().Vfs[vfId].Mac } diff --git a/pkg/danmep/ep.go b/pkg/danmep/ep.go index 0fab1929..05ff449a 100644 --- a/pkg/danmep/ep.go +++ b/pkg/danmep/ep.go @@ -324,4 +324,17 @@ func createDummyInterface(ep *danmtypes.DanmEp, dnet *danmtypes.DanmNet) error { return errors.New("cannot find freshly created dummy interface because:" + err.Error()) } return configureLink(iface, ep) +} + +func disableDadOnIface(ep *danmtypes.DanmEp, isDummyIface bool) error { + if isDummyIface || ep.Spec.NetworkType == "ipvlan" || ep.Spec.Iface.AddressIPv6 == "" || ep.Spec.Iface.AddressIPv6 == ipam.NoneAllocType { + return nil + } + link, err := netlink.LinkByName(ep.Spec.Iface.Name) + if err != nil { + return errors.New("cannot find interface to disable DAD on its V6 address because:" + err.Error()) + } + addr, pref, _ := net.ParseCIDR(ep.Spec.Iface.AddressIPv6) + dadlessAddress := &netlink.Addr{IPNet: &net.IPNet{IP: addr, Mask: pref.Mask}, Flags: syscall.IFA_F_NODAD,} + return netlink.AddrReplace(link, dadlessAddress) } \ No newline at end of file