mirrors/kube-router
1
0
Fork 0
mirror of https://github.com/cloudnativelabs/kube-router.git synced 2025-11-18 19:41:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix DSR(tunneling) mode mtu limit

Browse Source 
https://github.com/cloudnativelabs/kube-router/issues/630
This commit is contained in:
icefed 2019-08-13 14:36:15 +08:00 committed by Aaron U'Ren
parent 45b7fd1d94
commit e223ea80a1
1 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
pkg/controllers/proxy/network_services_controller.go
View File

@ -2040,6 +2040,18 @@ func setupMangleTableRule(ip string, protocol string, port string, fwmark string
if err != nil {
return errors.New("Failed to run iptables command to set up FWMARK due to " + err.Error())
}
// setup iptables rule TCPMSS for DSR mode to fix mtu problem
mtuArgs := []string{"-d", ip, "-m", "tcp", "-p", "tcp", "--tcp-flags", "SYN,RST", "SYN", "-j", "TCPMSS", "--set-mss", "1440"}
err = iptablesCmdHandler.AppendUnique("mangle", "PREROUTING", mtuArgs...)
if err != nil {
return errors.New("Failed to run iptables command to set up TCPMSS due to " + err.Error())
}
mtuArgs[0] = "-s"
err = iptablesCmdHandler.AppendUnique("mangle", "POSTROUTING", mtuArgs...)
if err != nil {
return errors.New("Failed to run iptables command to set up TCPMSS due to " + err.Error())
}
return nil
}
@ -2070,6 +2082,30 @@ func (ln *linuxNetworking) cleanupMangleTableRule(ip string, protocol string, po
}
}
// cleanup iptables rule TCPMSS
mtuArgs := []string{"-d", ip, "-m", "tcp", "-p", "tcp", "--tcp-flags", "SYN,RST", "SYN", "-j", "TCPMSS", "--set-mss", "1440"}
exists, err = iptablesCmdHandler.Exists("mangle", "PREROUTING", mtuArgs...)
if err != nil {
return errors.New("Failed to cleanup iptables command to set up TCPMSS due to " + err.Error())
}
if exists {
err = iptablesCmdHandler.Delete("mangle", "PREROUTING", mtuArgs...)
if err != nil {
return errors.New("Failed to cleanup iptables command to set up TCPMSS due to " + err.Error())
}
}
mtuArgs[0] = "-s"
exists, err = iptablesCmdHandler.Exists("mangle", "POSTROUTING", mtuArgs...)
if err != nil {
return errors.New("Failed to cleanup iptables command to set up TCPMSS due to " + err.Error())
}
if exists {
err = iptablesCmdHandler.Delete("mangle", "POSTROUTING", mtuArgs...)
if err != nil {
return errors.New("Failed to cleanup iptables command to set up TCPMSS due to " + err.Error())
}
}
return nil
}