fix: sysctl net.ipv4.conf.dae0peer.accept_local=1

jschwinger233 commented 2 months ago

Background

Community gives feedback that traffic could be dropped due to martian source check:

ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 __netif_rx
ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 netif_rx_internal
ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 enqueue_to_backlog
ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 __netif_receive_skb
ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 __netif_receive_skb_one_core
ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 tc_run
ffff8e6d930b40e8 mark=0 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 tcf_classify
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 tcp_wfree
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 ip_rcv
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 ip_rcv_core
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 ip_route_input_noref
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 ip_route_input_slow
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 fib_validate_source
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 __fib_validate_source
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 ip_handle_martian_source
ffff8e6d930b40e8 mark=8000000 netns=4026532432 if=83(dae0peer) proc=124410(curl) 10.0.8.9:35964 > 1.1.1.2:80 tcp_flags=S payload_len=0 kfree_skb_reason(SKB_DROP_REASON_NOT_SPECIFIED)

Let's set sysctl net.ipv4.conf.dae0peer.accept_local=1 inside daens. It's safe to change sysctl inside daens as systemd-sysctl or whatever daemon watching sysctl on host shouldn't have any chance to revert our change.

Checklist

[ ] The Pull Request has been fully tested
[ ] There's an entry in the CHANGELOGS
[ ] There is a user-facing docs PR against https://github.com/daeuniverse/dae

Full Changelogs

[Implement ...]

Issue Reference

Closes #[issue number]

Test Result

mzz2017 commented 2 months ago

Cool!

jschwinger233 commented 2 months ago

Let me mark it "ready for review" and go for PR build. Don't merge until community confirms.

Brx86 commented 2 months ago

可以正常工作了

daeuniverse / dae