Skip to content

bpf: nat: support additional code points for IPv4 ICMP_DEST_UNREACH #35636

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 31, 2024
Merged

bpf: nat: support additional code points for IPv4 ICMP_DEST_UNREACH #35636

merged 1 commit into from
Oct 31, 2024

Conversation

julianwiedmann
Copy link
Member

@julianwiedmann julianwiedmann commented Oct 30, 2024
edited
Loading

Add some more code points for ICMP_DEST_UNREACH. For the SNAT / RevSNAT of
the inner packet we can re-use the existing ICMP_FRAG_NEEDED code.

In particular this enables the EGW to return such ICMP responses back
to the client pod.

@julianwiedmann julianwiedmann added area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/misc This PR makes changes that have no direct user impact. feature/snat Relates to SNAT or Masquerading of traffic labels Oct 30, 2024
@julianwiedmann julianwiedmann requested a review from a team as a code owner October 30, 2024 07:13
@julianwiedmann julianwiedmann requested a review from jibi October 30, 2024 07:13
@julianwiedmann
bpf: nat: support additional code points for IPv4 ICMP_DEST_UNREACH
aa06712 
Add some more code points for ICMP_DEST_UNREACH. For the SNAT / RevSNAT of
the inner packet we can re-use the existing ICMP_FRAG_NEEDED code.

In particular this enables the EGW to return such ICMP responses back
to the client pod.

Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
@julianwiedmann julianwiedmann changed the title bpf: nat: support additional code points for ICMP_DEST_UNREACH bpf: nat: support additional code points for IPv4 ICMP_DEST_UNREACH Oct 30, 2024
@julianwiedmann
Copy link
Member Author

/test

@julianwiedmann julianwiedmann mentioned this pull request Oct 30, 2024
Open
4 tasks
jibi
jibi reviewed Oct 30, 2024
View reviewed changes
@julianwiedmann julianwiedmann requested a review from jibi October 31, 2024 07:47
@julianwiedmann
Copy link
Member Author

(stashed some tests in #35672, but that's not ready for prime-time yet / more effort to backport)

@julianwiedmann julianwiedmann added this pull request to the merge queue Oct 31, 2024
Merged via the queue into cilium:main with commit 44ec948 Oct 31, 2024
86 of 109 checks passed
@julianwiedmann julianwiedmann deleted the 1.17-bpf-snat-icmp branch October 31, 2024 10:48
@julianwiedmann julianwiedmann mentioned this pull request Nov 26, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jibi jibi jibi approved these changes

Assignees
No one assigned
Labels
area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. feature/snat Relates to SNAT or Masquerading of traffic release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@julianwiedmann @jibi