mtu

package
v1.17.0-pre.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 2, 2024 License: Apache-2.0 Imports: 43 Imported by: 18

Documentation

Overview

Package mtu is a library for tracking and configuring MTU for devices and routes.

Index

Constants

View Source 
const (
	// MaxMTU is the highest MTU that can be used for devices and routes
	// handled by Cilium. It will typically be used to configure inbound
	// paths towards containers where it is guaranteed that the packet will
	// not be rerouted to another node, and therefore will not lead to
	// any form of IP fragmentation.
	// One might expect this to be 65535, however Linux seems to cap the
	// MTU of routes at 65520, so we use this value below.
	MaxMTU = 65520

	// EthernetMTU is the standard MTU for Ethernet devices. It is used
	// as the MTU for container devices when running direct routing mode.
	EthernetMTU = 1500

	// TunnelOverhead is an approximation for bytes used for tunnel
	// encapsulation. It accounts for:
	//    (Outer ethernet is not accounted against MTU size)
	//    Outer IPv4 header:  20B
	//    Outer UDP header:    8B
	//    Outer VXLAN header:  8B
	//    Original Ethernet:  14B
	//                        ---
	//    Total extra bytes:  50B
	TunnelOverhead = 50

	// DsrTunnelOverhead is about the GENEVE DSR option that gets inserted
	// by the LB, when addressing a Service in hs-ipcache mode
	DsrTunnelOverhead = 12

	// EncryptionIPsecOverhead is an approximation for bytes used for
	// encryption. Depending on key size and encryption type the actual
	// size may vary here we do calculations for 128B keys and Auth. The
	// overhead is accounted for as:
	//    Outer IP header:    20B
	//    SPI:		   4B
	//    Sequece Numbers:	   4B
	//    Next Header:         1B
	//    ICV:		  16B
	//    Padding:            16B
	//    128bit Auth:        16B
	//			  ---
	//    Total extra bytes:  77B
	EncryptionIPsecOverhead = 77

	// EncryptionDefaultAuthKeyLength is 16 representing 128B key recommended
	// size for GCM(AES*) in RFC4106. Users may input other lengths via
	// key secrets.
	EncryptionDefaultAuthKeyLength = 16

	// WireguardOverhead is an approximation for the overhead of WireGuard
	// encapsulation.
	//
	// https://github.com/torvalds/linux/blob/v5.12/drivers/net/wireguard/device.c#L262:
	//      MESSAGE_MINIMUM_LENGTH:    32B
	//      Outer IPv4 or IPv6 header: 40B
	//      Outer UDP header:           8B
	//                                 ---
	//      Total extra bytes:         80B
	WireguardOverhead = 80
)

Variables

View Source 
var Cell = cell.Module(
	"mtu",
	"MTU discovery",

	cell.ProvidePrivate(newTable),
	cell.Provide(
		statedb.RWTable[RouteMTU].ToTable,
		newForCell,
	),
	cell.Invoke(newEndpointUpdater),
	cell.Config(defaultConfig),
)
View Source 
var DefaultPrefixV4 = netip.MustParsePrefix("0.0.0.0/0")
View Source 
var DefaultPrefixV6 = netip.MustParsePrefix("::/0")
View Source 
var (
	MTURouteIndex = statedb.Index[RouteMTU, netip.Prefix]{
		Name: "cidr",
		FromObject: func(rm RouteMTU) index.KeySet {
			return index.NewKeySet(index.NetIPPrefix(rm.Prefix))
		},
		FromKey:    index.NetIPPrefix,
		FromString: index.NetIPPrefixString,
		Unique:     true,
	}
)

Functions

func NewMTUTable 

func NewMTUTable() (statedb.RWTable[RouteMTU], error)

Types

type Config added in v1.16.0 

type Config struct {
	// Enable route MTU for pod netns when CNI chaining is used
	EnableRouteMTUForCNIChaining bool
}

func (Config) Flags added in v1.16.0 

func (c Config) Flags(flags *pflag.FlagSet)

type Configuration 

type Configuration struct {
	// contains filtered or unexported fields
}

Configuration is an MTU configuration as returned by NewConfiguration

func NewConfiguration 

func NewConfiguration(authKeySize int, encryptEnabled bool, encapEnabled bool, wireguardEnabled bool, hsIpcacheDSRenabled bool) Configuration

NewConfiguration returns a new MTU configuration which is used to calculate MTU values from a base MTU based on the config.

func (Configuration) Calculate 

func (c Configuration) Calculate(baseMTU int) RouteMTU

type EndpointMTUUpdateHook 

type EndpointMTUUpdateHook func(routeMTUs []RouteMTU) error

type EndpointMTUUpdater 

type EndpointMTUUpdater interface {
	// RegisterHook registers a hook to be called when updating the MTU of endpoints.
	// The hook is called from within the network namespace of each endpoint.
	RegisterHook(hook EndpointMTUUpdateHook)
}

type LatestMTUGetter 

type LatestMTUGetter struct {
	// contains filtered or unexported fields
}

func (*LatestMTUGetter) GetDeviceMTU 

func (m *LatestMTUGetter) GetDeviceMTU() int

func (*LatestMTUGetter) GetRouteMTU 

func (m *LatestMTUGetter) GetRouteMTU() int

func (*LatestMTUGetter) GetRoutePostEncryptMTU 

func (m *LatestMTUGetter) GetRoutePostEncryptMTU() int

func (*LatestMTUGetter) IsEnableRouteMTUForCNIChaining 

func (m *LatestMTUGetter) IsEnableRouteMTUForCNIChaining() bool

type MTU added in v1.15.0 

type MTU interface {
	GetDeviceMTU() int
	GetRouteMTU() int
	GetRoutePostEncryptMTU() int
	IsEnableRouteMTUForCNIChaining() bool
}

type MTUManager 

type MTUManager struct {
	Config *Configuration
	// contains filtered or unexported fields
}

func (*MTUManager) Updater 

func (m *MTUManager) Updater(ctx context.Context, health cell.Health) error

type RouteMTU 

type RouteMTU struct {
	Prefix              netip.Prefix
	DeviceMTU           int
	RouteMTU            int
	RoutePostEncryptMTU int
}

func (RouteMTU) TableHeader 

func (RouteMTU) TableHeader() []string

func (RouteMTU) TableRow 

func (r RouteMTU) TableRow() []string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.