[driver] refactor pod netork configuration not to use static ARP entry

aws · Oct 25, 2022 · a73fde8 · a73fde8
1 parent 7eeb2a9
commit a73fde8
Showing 1 changed file with 23 additions and 48 deletions.
diff --git a/cmd/routed-eni-cni-plugin/driver/driver.go b/cmd/routed-eni-cni-plugin/driver/driver.go
@@ -159,66 +159,41 @@ func (createVethContext *createVethPairContext) run(hostNS ns.NetNS) error {
 		}
 	}
 
-	// Add a connected route to a dummy next hop (169.254.1.1 or fe80::1)
+	// Add an onlink route to a dummy next hop (169.254.1.1 or fe80::1)
 	// # ip route show
-	// default via 169.254.1.1 dev eth0
-	// 169.254.1.1 dev eth0
+	// default via 169.254.1.1 dev eth0 onlink
 
-	var gw net.IP
-	var maskLen int
-	var addr *netlink.Addr
-	var defNet *net.IPNet
+	var contVethAddress *netlink.Addr
+	var hostVethAddress *netlink.Addr
 
 	if createVethContext.v4Addr != nil {
-		gw = net.IPv4(169, 254, 1, 1)
-		maskLen = 32
-		addr = &netlink.Addr{IPNet: createVethContext.v4Addr}
-		defNet = &net.IPNet{IP: net.IPv4zero, Mask: net.CIDRMask(0, maskLen)}
+		contVethAddress = &netlink.Addr{IPNet: createVethContext.v4Addr}
+		hostVethAddress = &netlink.Addr{
+			IPNet: &net.IPNet{
+				IP:   net.IPv4(169, 254, 1, 1),
+				Mask: net.CIDRMask(8*net.IPv4len, 8*net.IPv4len),
+			},
+			Scope: int(netlink.SCOPE_LINK),
+		}
 	} else if createVethContext.v6Addr != nil {
-		gw = net.IP{0xfe, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}
-		maskLen = 128
-		addr = &netlink.Addr{IPNet: createVethContext.v6Addr}
-		defNet = &net.IPNet{IP: net.IPv6zero, Mask: net.CIDRMask(0, maskLen)}
-	}
-
-	gwNet := &net.IPNet{IP: gw, Mask: net.CIDRMask(maskLen, maskLen)}
-
-	if err = createVethContext.netLink.RouteReplace(&netlink.Route{
-		LinkIndex: contVeth.Attrs().Index,
-		Scope:     netlink.SCOPE_LINK,
-		Dst:       gwNet}); err != nil {
-		return errors.Wrap(err, "setup NS network: failed to add default gateway")
+		contVethAddress = &netlink.Addr{IPNet: createVethContext.v6Addr}
+		hostVethAddress = &netlink.Addr{
+			IPNet: &net.IPNet{
+				IP:   net.IP{0xfe, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1},
+				Mask: net.CIDRMask(8*net.IPv6len, 8*net.IPv6len),
+			},
+			Scope: int(netlink.SCOPE_LINK),
+		}
 	}
 
-	// Add a default route via dummy next hop(169.254.1.1 or fe80::1). Then all outgoing traffic will be routed by this
-	// default route via dummy next hop (169.254.1.1 or fe80::1)
-	if err = createVethContext.netLink.RouteAdd(&netlink.Route{
-		LinkIndex: contVeth.Attrs().Index,
-		Scope:     netlink.SCOPE_UNIVERSE,
-		Dst:       defNet,
-		Gw:        gw,
-	}); err != nil {
-		return errors.Wrap(err, "setup NS network: failed to add default route")
+	if err := createVethContext.netLink.AddrAdd(hostVeth, hostVethAddress); err != nil {
+		return errors.Wrapf(err, "setup NS network: failed to add link-local addr to %q", createVethContext.hostVethName)
 	}
 
-	if err = createVethContext.netLink.AddrAdd(contVeth, addr); err != nil {
+	if err = createVethContext.netLink.AddrAdd(contVeth, contVethAddress); err != nil {
 		return errors.Wrapf(err, "setup NS network: failed to add IP addr to %q", createVethContext.contVethName)
 	}
 
-	// add static ARP entry for default gateway
-	// we are using routed mode on the host and container need this static ARP entry to resolve its default gateway.
-	// IP address family is derived from the IP address passed to the function (v4 or v6)
-	neigh := &netlink.Neigh{
-		LinkIndex:    contVeth.Attrs().Index,
-		State:        netlink.NUD_PERMANENT,
-		IP:           gwNet.IP,
-		HardwareAddr: hostVeth.Attrs().HardwareAddr,
-	}
-
-	if err = createVethContext.netLink.NeighAdd(neigh); err != nil {
-		return errors.Wrap(err, "setup NS network: failed to add static ARP")
-	}
-
 	if createVethContext.v6Addr != nil && createVethContext.v6Addr.IP.To16() != nil {
 		if err := waitForAddressesToBeStable(createVethContext.netLink, createVethContext.contVethName, v6DADTimeout); err != nil {
 			return errors.Wrap(err, "setup NS network: failed while waiting for v6 addresses to be stable")