Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
network, bridge binding: Enable container interface
In a scenario where a VM with a bridge binding interface set with MAC address (e.g.: by human or KubeMacPool) on a cluster with IPv6 enabled (dual stack or IPv6 single stack) is migrated, we observe packet drops at the inbound traffic to the VM immediately after the migration target pod starts. These packets are getting routed to the destination node before the migration completes. When the migration target pod is created an IPv6 NS(Neighbor Solicitation) and NA (Neighbor Advertisement) are sent automatically by the kernel. The switches at the endpoints (e.g.: migration destination node) tables get updated and the traffic is routed to the migration destination before the migration is completed [1]. Following the bridge CNI RFE to disable the container interface to prevent the container interface from sending IPv6 NS/NA [2], set bridge binding interfaces' container interface state to up. Fixes: https://issues.redhat.com/browse/CNV-28040 [1] https://bugzilla.redhat.com/show_bug.cgi?id=2186372#c6 [2] containernetworking/plugins#951 Signed-off-by: Or Mergi <[email protected]>
- Loading branch information