cc @rjdenney, need to add helm values when testing ipv6:

enableIPv6Masquerade: false
extraArgs: ["--local-router-ipv4=169.254.23.0", "--local-router-ipv6=fe80::"]
ipv6:
  enabled: true

I'll make sure to add the correct helm values.

Also I noticed that you added a change in your previous PR that made it so that the routes would only be created if conf.InstallUplinkRoutesForDelegatedIPAM is set to true. Is this something that is done in Cilium or using helm values?

I'll make sure to add the correct helm values.

Also I noticed that you added a change in your previous PR that made it so that the routes would only be created if conf.InstallUplinkRoutesForDelegatedIPAM is set to true. Is this something that is done in Cilium or using helm values?

@rjdenney conf.InstallUplinkRoutesForDelegatedIPAM is controlled by helm value ipam.installUplinkRoutesForDelegatedIPAM

@ruicao93

I have been trying to test this but keep seeing this error in the logs when creating pods and have been having issues getting v6 IPs to be programmed to pods.

time="2025-01-15T00:39:27.893572444Z" level=debug msg="Configuring link" interface=eth0 ipAddr="invalid IP" netLink="&{LinkAttrs:{Index:6844 MTU:1500 TxQLen:1000 Name:eth0 HardwareAddr:86:06:5a:4b:53:44 Flags:broadcast|multicast RawFlags:4098 ParentIndex:6845 MasterIndex:0 Namespace:<nil> Alias: AltNames:[] Statistics:0xc000003380 Promisc:0 Allmulti:0 Multi:1 Xdp:0xc000054a20 EncapType:ether Protinfo:<nil> OperState:down PhysSwitchID:0 NetNsID:0 NumTxQueues:4 NumRxQueues:4 TSOMaxSegs:0 TSOMaxSize:0 GSOMaxSegs:65535 GSOMaxSize:65536 GROMaxSize:0 GSOIPv4MaxSize:0 GROIPv4MaxSize:0 Vfs:[] Group:0 PermHWAddr: Slave:<nil>} PeerName: PeerHardwareAddr: PeerNamespace:<nil>}" subsys=cilium-cni

I have also been seeing this issue when trying to test on main. In the current verison of Cilium we are using for AKS I am able to create a dualstack cluster the does program the pods with IPv4 and IPv6.

I can see that the delegated plugin is sending the expected IPv4 and IPv6 for pods as well as gateway IPs but can't seem to get the pods to program correctly.

Also I believe aks should already be sending the correct helm values already but if there is somewhere new I need to update them in the Cilium repo itself before building it.

extraArgs: ["--local-router-ipv4=169.254.23.0", "--local-router-ipv6=fe80::"]
ipv6:
  enabled: true```

@ruicao93

I have been trying to test this but keep seeing this error in the logs when creating pods and have been having issues getting v6 IPs to be programmed to pods.

time="2025-01-15T00:39:27.893572444Z" level=debug msg="Configuring link" interface=eth0 ipAddr="invalid IP" netLink="&{LinkAttrs:{Index:6844 MTU:1500 TxQLen:1000 Name:eth0 HardwareAddr:86:06:5a:4b:53:44 Flags:broadcast|multicast RawFlags:4098 ParentIndex:6845 MasterIndex:0 Namespace:<nil> Alias: AltNames:[] Statistics:0xc000003380 Promisc:0 Allmulti:0 Multi:1 Xdp:0xc000054a20 EncapType:ether Protinfo:<nil> OperState:down PhysSwitchID:0 NetNsID:0 NumTxQueues:4 NumRxQueues:4 TSOMaxSegs:0 TSOMaxSize:0 GSOMaxSegs:65535 GSOMaxSize:65536 GROMaxSize:0 GSOIPv4MaxSize:0 GROIPv4MaxSize:0 Vfs:[] Group:0 PermHWAddr: Slave:<nil>} PeerName: PeerHardwareAddr: PeerNamespace:<nil>}" subsys=cilium-cni

I have also been seeing this issue when trying to test on main. In the current verison of Cilium we are using for AKS I am able to create a dualstack cluster the does program the pods with IPv4 and IPv6.

I can see that the delegated plugin is sending the expected IPv4 and IPv6 for pods as well as gateway IPs but can't seem to get the pods to program correctly.

Also I believe aks should already be sending the correct helm values already but if there is somewhere new I need to update them in the Cilium repo itself before building it.

extraArgs: ["--local-router-ipv4=169.254.23.0", "--local-router-ipv6=fe80::"]
ipv6:
  enabled: true```

hi @rjdenney, could you upload the full agent and cni log? The log shows ipv6 address is empty: ipAddr="invalid IP"

Here is the helm values from my test env FYI:

ipam:
  mode: "delegated-plugin"
  installUplinkRoutesForDelegatedIPAM: true
  multiPoolPreAllocation: ""
enableIPv4Masquerade: false
enableIPv6Masquerade: false
image:
  repository: "xxx/cilium"
  tag: "latest"
  useDigest: false
operator:
  image:
    repository: "xxx/cilium/operator"
    tag: "v1.17.0-pre.0"
    useDigest: false
    suffix: ""
cni:
  customConf: true
  configMap: "cni-configuration"
kubeProxyReplacement: true
k8sServiceHost: "172.16.1.4"
k8sServicePort: 6443
envoy:
  enabled: false
extraArgs: ["--local-router-ipv4=169.254.23.0", "--local-router-ipv6=fe80::"]
endpointRoutes:
  enabled: true
routingMode: "native"
endpointHealthChecking:
  enabled: false
ipv6:
  enabled: true

I updated the cm to match the helms you have, and I am now seeing the V6 IPs as well as the gateway IP getting routed. Thanks!

@ruicao93 Is this ready to be reviewed or do you think something is missing? If the latter, I'd suggest moving it back to draft, for now. 🙏

Converting to draft given the PR title, description, and inactivity. Feel free to mark ready for review when you are ready.

This pull request has been automatically marked as stale because it
has not had recent activity. It will be closed if no further activity
occurs. Thank you for your contributions.

This pull request has not seen any activity since it was marked stale.
Closing.