L2 Neighbor Discovery: unable to determine next hop IPv4 address - remote node IP is non-routable

[TechABC]

Hello,

We are using Cilium with the kube-proxy replacement feature, along with L2 neighbor discovery, as recommended in the documentation. This feature has been working well; however, we have noticed some errors appearing in the cilium-cli status.

Some of our nodes are connected to a dedicated IP storage network with no other routes outside of its own subnet. This network interface appears to be causing the following error messages on those specific nodes: controller node-neighbor-link-updater is failing since 4s (1x): unable to determine next hop IPv4 address for <storage_interface_name> (<any_other_node_ip_address>): remote node IP is non-routable

We attempted to use the exclude-local-address agent configuration parameter to ignore the storage subnet, but this did not resolve the issue. We observed these errors using different kernel versions (5.15 or 6.1).

Is there a way to exclude certain network interfaces or subnets from the L2 neighbor discovery feature?

Thank you for your time and consideration. Best regards

[squeed]

Hi there, Would you be able to provide a sysdump of an affected node? Thanks!

[jrife]

Have you tried the --devices option in your Cilium config? Looking at the code, I think this will restrict L2 neighbor discovery only to the interfaces you specify. For example, if eth1 is the interface with routes to your storage network and eth0 has routes to cluster nodes you can do something like this. Maybe give it a try and see?

--devices=eth0