You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When k8s snap is bootstrapped it moves rule 0: from all lookup local to 100: from all lookup local.
However if there is already a rule with priority 100 it causes issues like not able to reach machine's own IP address
These are rules before k8s bootstrap
0: from all lookup local
100: from 10.241.32.0/21 lookup 1 proto static
32764: from 10.241.32.0/21 to 10.241.32.0/21 lookup main proto static
32766: from all lookup main
32767: from all lookup default
and when bootstrap started
9: from all fwmark 0x200/0xf00 lookup 2004
100: from 10.241.32.0/21 lookup 1 proto static
100: from all lookup local
32764: from 10.241.32.0/21 to 10.241.32.0/21 lookup main proto static
32766: from all lookup main
32767: from all lookup default
This causes also bootstrap noit to be able to finish becasue it cannot use local sockets.
What Should Happen Instead?
It should check what priorities already exists and set new accordingly
Reproduction Steps
Have a netplan with routing policy which sets priority 100. Then try to bootstrap k8s snap
System information
ubuntu 22.04 and 24.04
Can you suggest a fix?
No response
Are you interested in contributing with a fix?
No response
The text was updated successfully, but these errors were encountered:
The current workaround is to adjust the priority of the user defined routing policy to be larger than 100 since cilium uses 100 for 100: from all lookup local. Upstream does not seem to have an easy way to adjust this value currently, for the short term solution the case can be added to our docs for potential pitfalls.
Summary
When k8s snap is bootstrapped it moves rule
0: from all lookup local
to100: from all lookup local
.However if there is already a rule with priority 100 it causes issues like not able to reach machine's own IP address
These are rules before k8s bootstrap
and when bootstrap started
This causes also bootstrap noit to be able to finish becasue it cannot use local sockets.
What Should Happen Instead?
It should check what priorities already exists and set new accordingly
Reproduction Steps
Have a netplan with routing policy which sets priority 100. Then try to bootstrap k8s snap
System information
ubuntu 22.04 and 24.04
Can you suggest a fix?
No response
Are you interested in contributing with a fix?
No response
The text was updated successfully, but these errors were encountered: