search

projectcalico / calico

Cloud native networking and network security
https://docs.tigera.io/calico/latest/about/
Apache License 2.0
5.97k stars 1.33k forks source link

calico-node use problem #9349

Open Faker523 opened 5 days ago

Faker523 commented 5 days ago

why calico-node always use the first int6 to as the ipv6 src address

Expected Behavior

the pod ipv6 ping normal

Current Behavior

i have three kubernetes node cluster, use dulstack, and the ingress-nginx use a ipv6 address bind to cube-02, but i found if the ipv6 vip set in the node ipv6 front, the cube-02 can not ping the other node pod ipv6, if the cube-02 node ipv6 in front the vip ipv6, the route is right? why?

Possible Solution

Steps to Reproduce (for bugs)

1. 2. 3. 4.

Context

Your Environment

Faker523 commented 5 days ago

if the cube-02 ip a show is blew, the pod ipv6 ping normal 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 3c:7c:3f:f1:7e:ba brd ff:ff:ff:ff:ff:ff inet 10.12.14.235/24 brd 10.12.14.255 scope global noprefixroute em1 valid_lft forever preferred_lft forever inet6 2024:1011::3/80 scope global valid_lft forever preferred_lft forever inet6 2024:1011::1111/128 scope global valid_lft forever preferred_lft forever inet6 fe80::6249:bbfa:cb8a:a700/64 scope link noprefixroute valid_lft forever preferred_lft forever

Faker523 commented 5 days ago

but if cube-02 is this, cube-02 pod ipv6 can not ping to other node 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 3c:7c:3f:f1:7e:ba brd ff:ff:ff:ff:ff:ff inet 10.12.14.235/24 brd 10.12.14.255 scope global noprefixroute em1 valid_lft forever preferred_lft forever inet6 2024:1011::1111/128 scope global valid_lft forever preferred_lft forever inet6 2024:1011::3/80 scope global noprefixroute valid_lft forever preferred_lft forever inet6 fe80::6249:bbfa:cb8a:a700/64 scope link noprefixroute valid_lft forever preferred_lft forever

and the src address become 2024:1011::1111

Faker523 commented 5 days ago

and the calico-node log show the change felix/int_dataplane.go 1358: Linux interface addrs changed. addrs=set.Set{10.12.14.235,2024:1011::1111,fe80::6249:bbfa:cb8a:a700} ifaceName="em1" 2024-10-16 01:12:27.479 [INFO][922] felix/int_dataplane.go 1972: Received interface addresses update msg=&intdataplane.ifaceAddrsUpdate{Name:"em1", Addrs:set.Typed[string]{"10.12.14.235":set.v{}, "2024:1011::1111":set.v{}, "fe80::6249:bbfa:cb8a:a700":set.v{}}} 2024-10-16 01:12:27.479 [INFO][922] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"em1", Addrs:set.Typed[string]{"10.12.14.235":set.v{}, "2024:1011::1111":set.v{}, "fe80::6249:bbfa:cb8a:a700":set.v{}}} 2024-10-16 01:12:27.479 [INFO][922] felix/hostip_mgr.go 84: Interface addrs changed. update=&intdataplane.ifaceAddrsUpdate{Name:"em1", Addrs:set.Typed[string]{"10.12.14.235":set.v{}, "2024:1011::1111":set.v{}, "fe80::6249:bbfa:cb8a:a700":set.v{}}} 2024-10-16 01:12:27.479 [INFO][922] felix/iface_monitor.go 238: Netlink address update for known interface. addr="2024:1011::1111" exists=false ifIndex=2 2024-10-16 01:12:30.163 [INFO][922] felix/iface_monitor.go 238: Netlink address update for known interface. addr="2024:1011::1111" exists=true ifIndex=2 2024-10-16 01:12:30.163 [INFO][922] felix/int_dataplane.go 1358: Linux

Faker523 commented 5 days ago

why this will happen? calico-node why always choose the first int6 address?