search

slackhq / nebula

A scalable overlay networking tool with a focus on performance, simplicity and security
MIT License
14.28k stars 958 forks source link

🐛 BUG: use_system_route_table not considering multipath routes #1175

Open dioss-Machiel opened 1 month ago

dioss-Machiel commented 1 month ago

What version of nebula are you using? (nebula -version)

1.9.3

What operating system are you using?

Linux

Describe the Bug

When setting use_system_route_table: true nebula tracks route changes. The nebula code checks if the route is a "gateway route" before considering adding the route

https://github.com/slackhq/nebula/blob/e6009b849145c039a088cb84dc9c6f349bb42f78/overlay/tun_linux.go#L495-L500

However, this does not work when adding a multipath route, in that case you get this in the logs: level=debug msg="Ignoring route update, not a gateway route" route="{Dst: 10.152.22.107/32 Src: 10.154.0.13 Gw: [{Ifindex: 4 Weight: 1 Gw: 10.158.255.252 Flags: [onlink]} {Ifindex: 13 Weight: 1 Gw: 10.159.0.1 Flags: []}] Flags: [] Table: 254 Realm: 0}"

Formatted:

{
    Dst: 10.152.22.107/32 Src: 10.154.0.13 Gw: 
    [
        {Ifindex: 4 Weight: 1 Gw: 10.158.255.252 Flags: [onlink]} 
        {Ifindex: 13 Weight: 1 Gw: 10.159.0.1 Flags: []}
    ]
}

When adding multipath routes the "GW" field is empty, instead the gateways in the multipath route config should be checked.

Logs from affected hosts

level=debug msg="Ignoring route update, not a gateway route" route="{Dst: 10.152.22.107/32 Src: 10.154.0.13 Gw: [{Ifindex: 4 Weight: 1 Gw: 10.158.255.252 Flags: [onlink]} {Ifindex: 13 Weight: 1 Gw: 10.159.0.1 Flags: []}] Flags: [] Table: 254 Realm: 0}"

Config files from affected hosts

tun:
  disabled: false
  drop_local_broadcast: true
  drop_multicast: true
  mtu: 1300
  tx_queue: 500
  use_system_route_table: true
wadey commented 1 month ago

Please also see #1012 where we tried to add support for this, but it is more complicated than it appears.