mtu

package
v1.13.0-rc3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 1, 2022 License: Apache-2.0 Imports: 6 Imported by: 18

Documentation

Overview

Package mtu is a library for tracking and configuring MTU for devices and routes.

Index

Constants

View Source
const (
	// MaxMTU is the highest MTU that can be used for devices and routes
	// handled by Cilium. It will typically be used to configure inbound
	// paths towards containers where it is guaranteed that the packet will
	// not be rerouted to another node, and therefore will not lead to
	// any form of IP fragmentation.
	// One might expect this to be 65535, however Linux seems to cap the
	// MTU of routes at 65520, so we use this value below.
	MaxMTU = 65520

	// EthernetMTU is the standard MTU for Ethernet devices. It is used
	// as the MTU for container devices when running direct routing mode.
	EthernetMTU = 1500

	// TunnelOverhead is an approximation for bytes used for tunnel
	// encapsulation. It accounts for:
	//    (Outer ethernet is not accounted against MTU size)
	//    Outer IPv4 header:  20B
	//    Outer UDP header:    8B
	//    Outer VXLAN header:  8B
	//    Original Ethernet:  14B
	//                        ---
	//    Total extra bytes:  50B
	TunnelOverhead = 50

	// EncryptionIPsecOverhead is an approximation for bytes used for
	// encryption. Depending on key size and encryption type the actual
	// size may vary here we do calculations for 128B keys and Auth. The
	// overhead is accounted for as:
	//    Outer IP header:    20B
	//    SPI:		   4B
	//    Sequece Numbers:	   4B
	//    Next Header:         1B
	//    ICV:		  16B
	//    Padding:            16B
	//    128bit Auth:        16B
	//			  ---
	//    Total extra bytes:  77B
	EncryptionIPsecOverhead = 77

	// EncryptionDefaultAuthKeyLength is 16 representing 128B key recommended
	// size for GCM(AES*) in RFC4106. Users may input other lengths via
	// key secrets.
	EncryptionDefaultAuthKeyLength = 16

	// WireguardOverhead is an approximation for the overhead of wireguard
	// encapsulation.
	//
	// https://github.com/torvalds/linux/blob/v5.12/drivers/net/wireguard/device.c#L262:
	//      MESSAGE_MINIMUM_LENGTH:    32B
	//      Outer IPv4 or IPv6 header: 40B
	//      Outer UDP header:           8B
	//                                 ---
	//      Total extra bytes:         80B
	WireguardOverhead = 80
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Configuration

type Configuration struct {
	// contains filtered or unexported fields
}

Configuration is an MTU configuration as returned by NewConfiguration

func NewConfiguration

func NewConfiguration(authKeySize int, encryptEnabled bool, encapEnabled bool, wireguardEnabled bool, mtu int, mtuDetectIP net.IP) Configuration

NewConfiguration returns a new MTU configuration. The MTU can be manually specified, otherwise it will be automatically detected. if encapEnabled is true, the MTU is adjusted to account for encapsulation overhead for all routes involved in node to node communication.

func (*Configuration) GetDeviceMTU

func (c *Configuration) GetDeviceMTU() int

GetDeviceMTU returns the MTU to be used on workload facing devices.

func (*Configuration) GetRouteMTU

func (c *Configuration) GetRouteMTU() int

GetRouteMTU returns the MTU to be used on the network. When running in tunneling mode and/or with encryption enabled, this will have tunnel and encryption overhead accounted for.

func (*Configuration) GetRoutePostEncryptMTU

func (c *Configuration) GetRoutePostEncryptMTU() int

GetRoutePostEncryptMTU return the MTU to be used on the encryption routing table. This is the MTU without encryption overhead and in the tunnel case accounts for the tunnel overhead.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL