Paul Chaignon
Paul Chaignon
This is happening because it seems the ingress controller is incompatible with XDP acceleration today. We should add a fatal in that case and document it. cc @borkmann @jrajahalme
I force pushed a change only to the commit description to address some feedback from Jibi. Before that, only [k8s-1.23-kernel-5.4](https://jenkins.cilium.io/job/Cilium-PR-K8s-1.23-kernel-5.4/222/) was failing, with known flake https://github.com/cilium/cilium/issues/16122. Marking ready to merge.
Is it packets going to 1.2.3.4 or coming from 1.2.3.4 which are dropped? You mentioned KPR is enabled. Which devices did you let Cilium manage (`--devices`)?
FYI, the Cilium sysdump seems to be missing most information because of a permission issue (see `cilium-sysdump.log`).
Could you share a sysdump? How did you install Cilium? Do you have the same issue over IPv4?
> Ah interesting, querying against the v4 service ip seems to get correctly redirected and proxied. Could you share the `cilium monitor` trace equivalent to the above one for that...
In the IPv6 case, are you able to confirm that 2001:db8:4001::a is the VIP for the DNS service and 2001:db8:4000:1::7e78 is the IP for the backend DNS pod?
> Cilium installed with Helm. Please provide the full command.
> We enabled CiliumLocalRedirectPolicy to forward dns requests to node-local-dns. We enabled DNS-policy in CNP. Sometimes it takes several seconds to resolve DNS name. At the same time I see...
@farcaller @waltfy Note the first report was specific to IPv6 ([it worked over IPv4](https://github.com/cilium/cilium/issues/21367#issuecomment-1252737512)) so it doesn't look like you're hitting the same bug. I'd recommend to open new issue(s)...