Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkg: Do not set MTU greater than 1450 for VXLAN #68

Merged
merged 2 commits into from
Jul 1, 2022
Merged

pkg: Do not set MTU greater than 1450 for VXLAN #68

merged 2 commits into from
Jul 1, 2022

Conversation

yoheiueda
Copy link
Member

MTU of a VXLAN interface in a pod VM becomes greater than 1450,
which is the maximum allowed size for VxLAN packets, when a CNI
plugin such as Calico IPIP uses a MTU greater than 1450. This may
cause undesirable packet fragmentation. This patch fixes the issue.

Fixes #67

Signed-off-by: Yohei Ueda yohei@jp.ibm.com

@yoheiueda
pkg: Do not set MTU greater than 1450 for VXLAN
f84daf1 
MTU of a VXLAN interface in a pod VM becomes greater than 1450,
which is the maximum allowed size for VxLAN packets, when a CNI
plugin such as Calico IPIP uses a MTU greater than 1450. This may
cause undesirable packet fragmentation. This patch fixes the issue.

Fixes confidential-containers#67

Signed-off-by: Yohei Ueda <yohei@jp.ibm.com>
@yoheiueda
go: Update go.mod
fa3cce0 
Ran go mod tidy, since kata-container CCv0 was updated.

Signed-off-by: Yohei Ueda <yohei@jp.ibm.com>
stevenhorsman
stevenhorsman approved these changes Jun 30, 2022
View reviewed changes
Copy link
Member

@stevenhorsman stevenhorsman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code changes look good to me, and I've tested it out with the ibmcloud provider and was able to successfully create an nginx peer pod

bpradipt
bpradipt approved these changes Jul 1, 2022
View reviewed changes
Copy link
Member

@bpradipt bpradipt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@bpradipt bpradipt merged commit 41b75cc into confidential-containers:staging Jul 1, 2022
@huoqifeng
Copy link

@yoheiueda is it possible to accept the MTU as a parameter rather than a hard-coded const? i think Calico MTU is configurable.

@yoheiueda
Copy link
Member Author

@huoqifeng MTU is not hard-coded.

MTU of the interface created by a CNI plugin is detected at a worker node. Then, the detected MTU is set to the interface of the pod VM.

When a detected MTU is greater than 1450, which is the maximum allowed MTU for VXLAN, MTU of the interface of the pod VM is set to 1450.

cloud-api-adaptor/pkg/podnetwork/workernode.go

Lines 114 to 118 in 41b75cc

mtu, err := podNS.GetMTU(podInterface)
if err != nil {
return nil, fmt.Errorf("failed to get MTU size of %s: %w", podInterface, err)
}
config.MTU = mtu

cloud-api-adaptor/pkg/podnetwork/tunneler/vxlan/podnode.go

Lines 67 to 71 in 41b75cc

mtu := int(config.MTU)
if mtu > maxMTU {
mtu = maxMTU
}
if err := podNS.SetMTU(podVxlanInterface, mtu); err != nil {

@yoheiueda yoheiueda deleted the vxlan-mtu branch July 1, 2022 13:57
@yoheiueda yoheiueda mentioned this pull request Aug 1, 2024
Closed
@yoheiueda yoheiueda mentioned this pull request Aug 9, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bpradipt bpradipt bpradipt approved these changes

@stevenhorsman stevenhorsman stevenhorsman approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

MTU size of VXLAN interface should not be greater than 1450
4 participants
@yoheiueda @huoqifeng @bpradipt @stevenhorsman