Chris Chiu
Chris Chiu
Interesting. We can't really reproduce the same even with your steps. Could you provide the output file of the `journalctl -xb > whatever_file_bame` on the node when the VIP shows...
The http(s) request from VLAN should be applied with the DNAT rule. Ex rule 3, 6 of the following chain. ``` num target prot opt source destination 1 CNI-HOSTPORT-SETMARK tcp...
Per the tcpdump, the DNAT rule is correctly applied on the TCP SYN packet as the picture attached. It comes from the `veth` interface and the DST ip address has...
Tried lots of different ways (majorly `iptables` and `ip route`), but they are all too complicated. Need to enable VLAN on `calixxxx` first and then add routing rules , `iptables...
@tjjh89017 As you said, the `mgmt-br` should be always untagged. In this case, the packet from `vethxxx` goes to `mgmt-br` and should be routed according to the routing policy, which...
I agree the additional mgmt-br.${vlan_id} is a correct choice and the vethxxxx created with the same ${vlan_id} should be added to it. But it's easier to use `bridge` command to...
Could you brief how you setup your VLAN testing environment? In my setup, I have a external gateway to handle different VLAN and DHCP server serves different VLANs. Basically the...
This is the tcpdump flow of the VLAN 100 after applying `bridge vlan add vid 100 dev mgmt-br untagged self`. ``` listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot...
Since the `mgmt-br` is not simply a layer 2 bridge, k8s tries to implement full-funtion networking in the `mgmt-br` which contains the functions of `router`, `switch`, `endpoint`. That's why I...
Need the https://github.com/harvester/network-controller-harvester/pull/83 to be approved. We may need to evaluate the risk first.