Enable IPv6 optimistic_dad for interfaces

Without it, DAD is enabled and it takes more than a second for an IPv6 address to be no longer tentative and become usable. This affects announceIPs(), which fails to send IPv6 NA. I assume, this also meant that the container already started at a point when IPv6 is not yet fully usable. For example, binding to the address would fail. Instead, enable optimistic_dad, so that we can use the address right away.
k8snetworkplumbingwg · Aug 6, 2024 · a6e46a4 · a6e46a4
1 parent 176bd65
commit a6e46a4
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 2 deletions.
diff --git a/pkg/sriov/mocks/pci_utils_mock.go b/pkg/sriov/mocks/pci_utils_mock.go
diff --git a/pkg/sriov/sriov.go b/pkg/sriov/sriov.go
@@ -16,6 +16,7 @@ type pciUtils interface {
 	GetVFLinkNamesFromVFID(pfName string, vfID int) ([]string, error)
 	GetPciAddress(ifName string, vf int) (string, error)
 	EnableArpAndNdiscNotify(ifName string) error
+	EnableOptimisticDad(ifName string) error
 }
 
 type pciUtilsImpl struct{}
@@ -36,6 +37,10 @@ func (p *pciUtilsImpl) EnableArpAndNdiscNotify(ifName string) error {
 	return utils.EnableArpAndNdiscNotify(ifName)
 }
 
+func (p *pciUtilsImpl) EnableOptimisticDad(ifName string) error {
+	return utils.EnableOptimisticDad(ifName)
+}
+
 // Manager provides interface invoke sriov nic related operations
 type Manager interface {
 	SetupVF(conf *sriovtypes.NetConf, podifName string, netns ns.NetNS) error
@@ -147,8 +152,12 @@ func (s *sriovManager) SetupVF(conf *sriovtypes.NetConf, podifName string, netns
 			}
 		}
 
-		// 8. Bring IF up in Pod netns
-		logging.Debug("8. Bring IF up in Pod netns",
+		logging.Debug("8. Enable Optimistic DAD for IPv6 addresses", "func", "SetupVF",
+			"linkObj", linkObj)
+		_ = s.utils.EnableOptimisticDad(podifName)
+
+		// 9. Bring IF up in Pod netns
+		logging.Debug("9. Bring IF up in Pod netns",
 			"func", "SetupVF",
 			"linkObj", linkObj)
 		if err := s.nLink.LinkSetUp(linkObj); err != nil {

diff --git a/pkg/sriov/sriov_test.go b/pkg/sriov/sriov_test.go
@@ -70,6 +70,7 @@ var _ = Describe("Sriov", func() {
 			mocked.On("LinkSetNsFd", fakeLink, mock.AnythingOfType("int")).Return(nil)
 			mocked.On("LinkSetUp", fakeLink).Return(nil)
 			mockedPciUtils.On("EnableArpAndNdiscNotify", mock.AnythingOfType("string")).Return(nil)
+			mockedPciUtils.On("EnableOptimisticDad", mock.AnythingOfType("string")).Return(nil)
 			sm := sriovManager{nLink: mocked, utils: mockedPciUtils}
 			err = sm.SetupVF(netconf, podifName, targetNetNS)
 			Expect(err).NotTo(HaveOccurred())
@@ -121,6 +122,7 @@ var _ = Describe("Sriov", func() {
 			mocked.On("LinkSetNsFd", net2Link, mock.AnythingOfType("int")).Return(nil)
 			mocked.On("LinkSetUp", net2Link).Return(nil)
 			mockedPciUtils.On("EnableArpAndNdiscNotify", mock.AnythingOfType("string")).Return(nil)
+			mockedPciUtils.On("EnableOptimisticDad", mock.AnythingOfType("string")).Return(nil)
 			sm := sriovManager{nLink: mocked, utils: mockedPciUtils}
 			err = sm.SetupVF(netconf, podifName, targetNetNS)
 			Expect(err).NotTo(HaveOccurred())
@@ -174,6 +176,7 @@ var _ = Describe("Sriov", func() {
 			mocked.On("LinkSetNsFd", net2Link, mock.AnythingOfType("int")).Return(nil)
 			mocked.On("LinkSetUp", net2Link).Return(nil)
 			mockedPciUtils.On("EnableArpAndNdiscNotify", mock.AnythingOfType("string")).Return(nil)
+			mockedPciUtils.On("EnableOptimisticDad", mock.AnythingOfType("string")).Return(nil)
 			sm := sriovManager{nLink: mocked, utils: mockedPciUtils}
 			err = sm.SetupVF(netconf, podifName, targetNetNS)
 			Expect(err).NotTo(HaveOccurred())
@@ -228,6 +231,7 @@ var _ = Describe("Sriov", func() {
 			mocked.On("LinkSetNsFd", net2Link, mock.AnythingOfType("int")).Return(nil)
 			mocked.On("LinkSetUp", net2Link).Return(nil)
 			mockedPciUtils.On("EnableArpAndNdiscNotify", mock.AnythingOfType("string")).Return(nil)
+			mockedPciUtils.On("EnableOptimisticDad", mock.AnythingOfType("string")).Return(nil)
 			sm := sriovManager{nLink: mocked, utils: mockedPciUtils}
 			err = sm.SetupVF(netconf, podifName, targetNetNS)
 			Expect(err).NotTo(HaveOccurred())

diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go
@@ -51,6 +51,16 @@ func EnableArpAndNdiscNotify(ifName string) error {
 	return nil
 }
 
+// EnableOptimisticDad enables IPv6 /proc/sys/net/ipv6/conf/$ifName/optimistic_dad
+func EnableOptimisticDad(ifName string) error {
+	path := filepath.Join(SysV6NdiscNotify, ifName, "optimistic_dad")
+	err := os.WriteFile(path, []byte("1"), os.ModeAppend)
+	if err != nil {
+		return fmt.Errorf("failed to write optimistic_dad=1 for interface %s: %v", ifName, err)
+	}
+	return nil
+}
+
 // GetSriovNumVfs takes in a PF name(ifName) as string and returns number of VF configured as int
 func GetSriovNumVfs(ifName string) (int, error) {
 	var vfTotal int