Daniel Borkmann
Daniel Borkmann
LGTM, commented in the Google doc as well, I presume eventually this would need to be updated. From the G doc discussion, looks like we're all on the same page....
> In some environments, neighbor entries for non-cluster hosts remain stale forever, breaking connectivity in cases where their IP is reassigned to a new host with a different MAC address....
> ### Without This Change > The neighbor entry for 192.168.4.255, a VM in the same L2 domain as my cluster nodes, remains STALE after making an HTTP request to...
> > My immediate reaction to this was "ugh, this feels like a workaround for something that should be improved in the kernel. And it won't help bpf_xdp when encountering...
> We also disabled eBPF Host Routing on this host and confirmed that the issue was gone. So I suspect that something's up around [fib_redirect_v4](https://github.com/cilium/cilium/blob/383365621442d6744ac07bff87f763b37fea87f7/bpf/lib/fib.h#L267) maybe? Hm, interesting, and this...
Weird, I just checked the kernel code, fib_lookup() internally evaluates routing rules..
> Hmm, you are right, it doesn't look like it's a BPF Host-Routing issue after all - I just did the exact same test and I was able to reproduce...
> Alright, here are 3 packet captures from the server host with Legacy Routing (so eBPF Host Routing disabled). All 3 were done with the default `pwru` output formatting: >...
> d)helm upgrade --install --namespace kube-system cilium ./cilium -f ${path to custom value file}/cilium-values.yaml @superzhu From your description, you basically attempted to do an in-place upgrade from veth to netkit....
> @borkmann I am not doing Cilium upgrade, Whether I using Cilium V1.15.7 or Cilium v1.16.0-rc.2, I am setting up a fresh Kubernetes cluster Okay, will try to repro locally...