Closed Shawn71 closed 3 years ago
@ShawnBian I believe the issue here is that Calico isn't expecting to re-advertise routes learned from your infrastructure. Namely, Calico has an export filter that says "only advertise routes within Calico IP pools". We do this because we don't want to enable arbitrary injection of routes out of the box.
You might be able to make this work by simply adding a new IP pool to your cluster that includes the CIDR of the addresses you would like Calico to re-advertise, but by setting spec.disabled: true
to prevent Calico from allocating pod IPs from that range.
thank you for updates , I will close this issue .
Is this still the case today? I’m having similar issues whereby any pods I force to run on my route reflector nodes can access my (non cluster) wider network but pods on my peered (to rr) nodes (regular workers) cannot.
I haven’t tried the workaround mentioned above yet.
Expected Behavior
calico is expected to propagate the external BGP routes (from Router via BGP peer) to their RR client. the RR client represent other nodes within the cluster
Current Behavior
calico does not propagate the external BGP routes (from the router via BGP peer) to their RR client
Possible Solution
This issue has stopped me for a long time, still not able to figure out the workaround
Steps to Reproduce (for bugs)
until here, everything is just working fine, please see the below output : (192.168.1.xx is the IP address of k8s node, 10.6.0.4 is the IP address of cisco CSR ) [root@master1 calico]# calicoctl node status The calico process is running.
IPv6 BGP status No IPv6 peers found.
we can see the route is being propagated between the k8s node and just working fine
we can see the BGP peer actually is just working great and cisco CSR advertise three routes to the k8s cluster which is 88.1.1.1/32,88.1.1.2/32,88.1.1.3/32 please see the below :
and actually, the k8s master has already put three routes to their route tables :
but it just doesn't propagate the routes to their RR client,for example, node2
we can not see any route related to 88.1.1.x./32 I have done the traffic capture from master1 and master2 and did the analysis, Actually, the master did not send any BGP update packet to their client regarding the route related to 88.1.1.x/32. if someone who can tell me the reason or how to fix that, that would be really appreciated.
Your Environment