flannel
flannel copied to clipboard
flannel-io
flannel udp checksum incorrect
flannel udp cksum incorrect when ping another node's pod ip
Expected Behavior
Current Behavior
[root@wx0vm00052 rbadmin_app1]# tcpdump -vv -i ens192 dst 10.178.41.71 and dst port 8472 dropped privs to tcpdump tcpdump: listening on ens192, link-type EN10MB (Ethernet), snapshot length 262144 bytes 17:11:10.808752 IP (tos 0x0, ttl 64, id 21091, offset 0, flags [none], proto UDP (17), length 134) wx0vm00052.apac.bosch.com.40029 > qin4vm0006.apac.bosch.com.otv: [bad udp cksum 0xa7b8 -> 0x1f23!] OTV, flags [I] (0x08), overlay 0, instance 1 IP (tos 0x0, ttl 64, id 9731, offset 0, flags [DF], proto ICMP (1), length 84) wx0vm00052 > 172.16.9.0: ICMP echo request, id 12, seq 1, length 64
Possible Solution
Context
Your Environment
- Flannel version: CNI Plugin flannel version v1.2.0 (linux/amd64) commit 6464faac built on 2023-07-21T15:07:42Z
- Backend used (e.g. vxlan or udp):
- Etcd version:
- Kubernetes version (if used): v1.28.3
- Operating System and version:
- Link to your project (optional):
which version of flannel are you using? You mentioned only the CNI plugin. There was an issue with random-fully done on iptables when the packets were forwarded on the vxlan tunnel with the latest versions it should be fixed.
os info: Red Hat Enterprise Linux release 9.1 (Plow) Linux wx0vm00052 5.14.0-362.18.1.el9_3.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jan 3 15:54:45 EST 2024 x86_64 x86_64 x86_64 GNU/Linux
flannel version: docker image( docker.io/flannel/flannel:v0.22.3)
The reason is that I want to build a cluster across different subnets, so I plan to use a UDP proxy server (which can access two subnets at the same time) to proxy VXLAN traffic. However, I found that the UDP proxy cannot forward traffic normally. Further investigation using TCPDUM revealed that the checksum of UDP traffic between all nodes is incorrect.