netutils

package
v27.1.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package netutils provides network utility functions.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateIfaceName

func GenerateIfaceName(nlh *netlink.Handle, prefix string, len int) (string, error)

GenerateIfaceName returns an interface name using the passed in prefix and the length of random bytes. The api ensures that the there are is no interface which exists with that name.

func GenerateMACFromIP

func GenerateMACFromIP(ip net.IP) net.HardwareAddr

GenerateMACFromIP returns a locally administered MAC address where the 4 least significant bytes are derived from the IPv4 address.

func GenerateRandomMAC

func GenerateRandomMAC() net.HardwareAddr

GenerateRandomMAC returns a new 6-byte(48-bit) hardware address (MAC)

func GenerateRandomName

func GenerateRandomName(prefix string, length int) (string, error)

GenerateRandomName returns a string of the specified length, created by joining the prefix to random hex characters. The length must be strictly larger than len(prefix), or an error will be returned.

func InferReservedNetworks

func InferReservedNetworks(v6 bool) []netip.Prefix

InferReservedNetworks returns a list of network prefixes that seem to be used by the system and that would likely break it if they were assigned to some Docker networks. It uses two heuristics to build that list:

1. Nameservers configured in /etc/resolv.conf ; 2. On-link routes ;

That 2nd heuristic was originally not limited to on-links -- all non-default routes were checked (see 1). This proved to be not ideal at best and highly problematic at worst:

  • VPN software and appliances doing split tunneling might push a small set of routes for large, aggregated prefixes to avoid maintenance and potential issues whenever a new subnet comes into use on internal network. However, not all subnets from these aggregates might be in use.
  • For full tunneling, especially when implemented with OpenVPN, the situation is even worse as the host might end up with the two following routes: 0.0.0.0/1 and 128.0.0.0/1. They are functionally indistinguishable from a default route, yet the Engine was treating them differently. With those routes, there was no way to use dynamic subnet allocation at all. (see 'def1' on 2)
  • A subnet covered by the default route can be used, or not. Same for non-default and non-on-link routes. The type of route says little about the availability of subnets it covers, except for on-link routes as they specifically define what subnet the current host is part of.

The 2nd heuristic was modified to be limited to on-link routes in PR #42598 (first released in v23.0, see 3).

If these heuristics don't detect an overlap, users should change their daemon config to remove that overlapping prefix from `default-address-pools`. If a prefix is found to overlap but users care enough about it being associated to a Docker network they can still rely on static allocation.

For IPv6, the 2nd heuristic isn't applied as there's no such thing as on-link routes for IPv6.

func IsV6Listenable

func IsV6Listenable() bool

IsV6Listenable returns true when `[::1]:0` is listenable. IsV6Listenable returns false mostly when the kernel was booted with `ipv6.disable=1` option.

func MustParseMAC

func MustParseMAC(s string) net.HardwareAddr

MustParseMAC returns a net.HardwareAddr or panic.

func ReverseIP

func ReverseIP(IP string) string

ReverseIP accepts a V4 or V6 IP string in the canonical form and returns a reversed IP in the dotted decimal form . This is used to setup the IP to service name mapping in the optimal way for the DNS PTR queries.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL