Documentation ¶
Overview ¶
Package route provides the Cilium specific abstraction and useful helpers to manage network routes
Index ¶
- Constants
- func Delete(route Route) error
- func DeleteRule(spec Rule) error
- func DeleteRuleIPv6(spec Rule) error
- func NodeDeviceWithDefaultRoute() (netlink.Link, error)
- func ReplaceRule(spec Rule) error
- func ReplaceRuleIPv6(spec Rule) error
- func Upsert(route Route) (bool, error)
- type ByMask
- type Route
- type Rule
Constants ¶
const ( // RouteReplaceMaxTries is the number of attempts the route will be // attempted to be added or updated in case the kernel returns an error RouteReplaceMaxTries = 10 // RouteReplaceRetryInterval is the interval in which // RouteReplaceMaxTries attempts are attempted RouteReplaceRetryInterval = 100 * time.Millisecond // RTN_LOCAL is a route type used to indicate packet should be "routed" // locally and passed up the stack. Is used by IPSec to force encrypted // packets to pass through XFRM layer. RTN_LOCAL = 0x2 // MainTable is Linux's default routing table MainTable = 254 // EncryptRouteProtocol for Encryption specific routes EncryptRouteProtocol = 192 )
Variables ¶
This section is empty.
Functions ¶
func Delete ¶
Delete deletes a Linux route. An error is returned if the route does not exist or if the route could not be deleted.
func DeleteRule ¶
DeleteRule delete a mark based rule from the routing table.
func DeleteRuleIPv6 ¶
DeleteRuleIPv6 delete a mark based IPv6 rule from the routing table.
func NodeDeviceWithDefaultRoute ¶ added in v1.6.0
NodeDeviceWithDefaultRoute returns the node's device which handles the default route in the current namespace
func ReplaceRule ¶
ReplaceRule add or replace rule in the routing table using a mark to indicate table. Used with BPF datapath to set mark and direct packets to route table.
func ReplaceRuleIPv6 ¶
ReplaceRuleIPv6 add or replace IPv6 rule in the routing table using a mark to indicate table.
func Upsert ¶
Upsert adds or updates a Linux kernel route. The route described can be in the following two forms:
direct:
prefix dev foo
nexthop:
prefix via nexthop dev foo
If a nexthop route is specified, this function will check whether a direct route to the nexthop exists and add if required. This means that the following two routes will exist afterwards:
nexthop dev foo prefix via nexthop dev foo
Due to a bug in the Linux kernel, the prefix route is attempted to be updated RouteReplaceMaxTries with an interval of RouteReplaceRetryInterval. This is a workaround for a race condition in which the direct route to the nexthop is not available immediately and the prefix route can fail with EINVAL if the Netlink calls are issued in short order.
An error is returned if the route can not be added or updated.
Types ¶
type Route ¶
type Route struct { Prefix net.IPNet Nexthop *net.IP Local net.IP Device string MTU int Proto int Scope netlink.Scope Table int Type int }
func Lookup ¶
Lookup attempts to find the linux route based on the route specification. If the route exists, the route is returned, otherwise an error is returned.
func (*Route) ToIPCommand ¶
ToIPCommand converts the route into a full "ip route ..." command
type Rule ¶ added in v1.6.0
type Rule struct { // Priority is the routing rule priority Priority int // Mark is the skb mark that needs to match Mark int // Mask is the mask to apply to the skb mark before matching the Mark // field Mask int // From is the source address selector From *net.IPNet // To is the destination address selector To *net.IPNet // Table is the routing table to look up if the rule matches Table int }
Rule is the specification of an IP routing rule