Skip to content

option: Reduce log level for WG strict mode + IPv6 #35763

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 5, 2024
Merged

option: Reduce log level for WG strict mode + IPv6 #35763

merged 1 commit into from
Nov 5, 2024

Conversation

pchaigno
Copy link
Member

@pchaigno pchaigno commented Nov 5, 2024
edited
Loading

WireGuard strict mode isn't supported with IPv6. At the moment, a warning is emitted if both are enabled at the same time, to warn the user that IPv6 traffic won't be protected.

There is however not much the user can do in this case to make the warning go away. Gray also pointed out that users should know that already as they've had to configure encryption.strictMode.cidr with an IPv4 CIDR. It is also documented in the guide. This commit therefore reduces the log to an Info level.

cc @benschlueter @3u13r

Reduce log level of warning that cannot be avoided when running with IPv6 and WireGuard strict mode.

@pchaigno pchaigno added release-note/bug This PR fixes an issue in a previous release of Cilium. feature/wireguard Relates to Cilium's Wireguard feature needs-backport/1.16 This PR / issue needs backporting to the v1.16 branch labels Nov 5, 2024
@pchaigno
option: Reduce log level for WG strict mode + IPv6
01a8a96 
WireGuard strict mode isn't supported with IPv6. At the moment, a
warning is emitted if both are enabled at the same time, to warn the
user that IPv6 traffic won't be protected.

There is however not much the user can do in this case to make the
warning go away. Gray also pointed out that users should know that
already as they've had to configure encryption.strictMode.cidr with an
IPv4 CIDR. It is also documented in the guide. This commit therefore
reduces the log to an Info level.

Suggested-by: Gray Liang <gray.liang@isovalent.com>
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
@pchaigno pchaigno force-pushed the wireguard-strict-mode-warn-log branch from 81966a0 to 01a8a96 Compare November 5, 2024 09:34
@pchaigno
Copy link
Member Author

pchaigno commented Nov 5, 2024

/test

@pchaigno pchaigno marked this pull request as ready for review November 5, 2024 09:36
@pchaigno pchaigno requested review from a team as code owners November 5, 2024 09:36
@pchaigno pchaigno requested review from thorn3r and derailed November 5, 2024 09:36
@pchaigno pchaigno added this pull request to the merge queue Nov 5, 2024
Merged via the queue into cilium:main with commit 06cca1b Nov 5, 2024
72 checks passed
@pchaigno pchaigno deleted the wireguard-strict-mode-warn-log branch November 5, 2024 14:33
@viktor-kurchenko viktor-kurchenko mentioned this pull request Nov 12, 2024
Merged
13 tasks
@viktor-kurchenko viktor-kurchenko added backport-pending/1.16 The backport for Cilium 1.16.x for this PR is in progress. and removed needs-backport/1.16 This PR / issue needs backporting to the v1.16 branch labels Nov 12, 2024
@github-actions github-actions bot added backport-done/1.16 The backport for Cilium 1.16.x for this PR is done. and removed backport-pending/1.16 The backport for Cilium 1.16.x for this PR is in progress. labels Nov 12, 2024
@cilium-release-bot cilium-release-bot bot mentioned this pull request Nov 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thorn3r thorn3r Awaiting requested review from thorn3r thorn3r is a code owner automatically assigned from cilium/sig-agent

@derailed derailed Awaiting requested review from derailed derailed is a code owner automatically assigned from cilium/cli

2 more reviewers

@doniacld doniacld doniacld approved these changes

@3u13r 3u13r 3u13r approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
backport-done/1.16 The backport for Cilium 1.16.x for this PR is done. feature/wireguard Relates to Cilium's Wireguard feature release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pchaigno @doniacld @3u13r @viktor-kurchenko