Automated cherry pick of #7282: More robust way to extract source Node IP from encapsulated #7379
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hongliangl
added
the
kind/cherry-pick
…ages (antrea-io#7282) In hybrid or encap mode, IGMP reports between Nodes could be sent via tunnels using packet-out, with the Node transport IP as the source for encapsulated packets. For remote Nodes: - The underlay packet (carrying the encapsulated IGMP report) uses the Node transport IP as its source. - The remote Node extracts this source IP of the underlay packet to determine `tun_dst` and install OVS flow-based tunnel flows. - The installed OVS flow-based tunnel flows ensures that the multicast traffic is correctly forwarded over tunnel. In hybrid or encap mode, however, the underlay packets may be SNATed before reaching the remote Node. This means: - The underlay packet source IP could be altered and no longer reflect the Node transport IP. - Relying on the underlay source IP would cause incorrect OVS flow-based tunnel flows to be installed. The Node transport IP is used as the source IP of the IGMP report packets. When sending the packet via tunnel, the source IP of the underlay packet that encapsulating the IGMP packets is the Node transport IP. On the remote Node receiving the packets, the source IP of the underlay packet are used as the tun_dst to install flow-based tunnel flows, which ensure that the multicast traffic can be forwarded to remote Node via tunnel properly. To handle hybrid or encap mode properly, we are using a more robust way to extract the source Node IP from encapsulated IGMP messages: - Extract the source IP from the overlay IGMP packet, not the underlay one. - The overlay packet’s source stays as the Node transport IP, even if underlay SNAT occurs. Signed-off-by: Hongliang Liu <[email protected]>
hongliangl
force-pushed
the
automated-cherry-pick-of-#7282-upstream-release-2.2
branch
from
6caa03b to
68ef54c
Compare
|
/test-all |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Cherry pick of #7282 on release-2.2.
#7282: More robust way to extract source Node IP from encapsulated
For details on the cherry pick process, see the cherry pick requests page.