route: Fix table assignment of nexthop route

tgraf · tgraf · commit 69a2ddaba90a · 2019-06-17T10:37:41.000+02:00
The nexthop route was injected into the default table instead of the table specified. This code path was not used so far, this is a fix for a potential future usage. Fixes: fec5499 ("route: Fix route replacement logic for IPv6") Signed-off-by: Thomas Graf <thomas@cilium.io>
diff --git a/pkg/datapath/linux/route/route_linux.go b/pkg/datapath/linux/route/route_linux.go
@@ -172,12 +172,13 @@ func lookup(route *netlink.Route) *netlink.Route {
 	return nil
 }
 
-func createNexthopRoute(link netlink.Link, routerNet *net.IPNet) *netlink.Route {
+func createNexthopRoute(route Route, link netlink.Link, routerNet *net.IPNet) *netlink.Route {
 	// This is the L2 route which makes router IP available behind the
 	// interface.
 	rt := &netlink.Route{
 		LinkIndex: link.Attrs().Index,
 		Dst:       routerNet,
+		Table:     route.Table,
 	}
 
 	// Known issue: scope for IPv6 routes is not propagated correctly. If
@@ -193,19 +194,17 @@ func createNexthopRoute(link netlink.Link, routerNet *net.IPNet) *netlink.Route
 // replaceNexthopRoute verifies that the L2 route for the router IP which is
 // used as nexthop for all node routes is properly installed. If unavailable or
 // incorrect, it will be replaced with the proper L2 route.
-func replaceNexthopRoute(link netlink.Link, routerNet *net.IPNet) (bool, error) {
-	route := createNexthopRoute(link, routerNet)
-	if err := netlink.RouteReplace(route); err != nil {
+func replaceNexthopRoute(route Route, link netlink.Link, routerNet *net.IPNet) (bool, error) {
+	if err := netlink.RouteReplace(createNexthopRoute(route, link, routerNet)); err != nil {
 		return false, fmt.Errorf("unable to add L2 nexthop route: %s", err)
 	}
 
 	return true, nil
 }
 
 // deleteNexthopRoute deletes
-func deleteNexthopRoute(link netlink.Link, routerNet *net.IPNet) error {
-	route := createNexthopRoute(link, routerNet)
-	if err := netlink.RouteDel(route); err != nil {
+func deleteNexthopRoute(route Route, link netlink.Link, routerNet *net.IPNet) error {
+	if err := netlink.RouteDel(createNexthopRoute(route, link, routerNet)); err != nil {
 		return fmt.Errorf("unable to delete L2 nexthop route: %s", err)
 	}
 
@@ -245,7 +244,7 @@ func Upsert(route Route, mtuConfig *mtu.Configuration) (bool, error) {
 
 	routerNet := route.getNexthopAsIPNet()
 	if routerNet != nil {
-		if _, err := replaceNexthopRoute(link, routerNet); err != nil {
+		if _, err := replaceNexthopRoute(route, link, routerNet); err != nil {
 			return false, fmt.Errorf("unable to add nexthop route: %s", err)
 		}
 
@@ -279,7 +278,7 @@ func Upsert(route Route, mtuConfig *mtu.Configuration) (bool, error) {
 
 	if err != nil {
 		if nexthopRouteCreated {
-			deleteNexthopRoute(link, routerNet)
+			deleteNexthopRoute(route, link, routerNet)
 		}
 		return false, err
 	}
diff --git a/pkg/datapath/linux/route/route_linux_test.go b/pkg/datapath/linux/route/route_linux_test.go
@@ -41,22 +41,25 @@ func parseIP(ip string) *net.IP {
 }
 
 func testReplaceNexthopRoute(c *C, link netlink.Link, routerNet *net.IPNet) {
+	route := Route{
+		Table: 10,
+	}
 	// delete route in case it exists from a previous failed run
-	deleteNexthopRoute(link, routerNet)
+	deleteNexthopRoute(route, link, routerNet)
 
 	// defer cleanup in case of failure
-	defer deleteNexthopRoute(link, routerNet)
+	defer deleteNexthopRoute(route, link, routerNet)
 
-	replaced, err := replaceNexthopRoute(link, routerNet)
+	replaced, err := replaceNexthopRoute(route, link, routerNet)
 	c.Assert(err, IsNil)
 	c.Assert(replaced, Equals, true)
 
 	// We expect routes to always be replaced
-	replaced, err = replaceNexthopRoute(link, routerNet)
+	replaced, err = replaceNexthopRoute(route, link, routerNet)
 	c.Assert(err, IsNil)
 	c.Assert(replaced, Equals, true)
 
-	err = deleteNexthopRoute(link, routerNet)
+	err = deleteNexthopRoute(route, link, routerNet)
 	c.Assert(err, IsNil)
 }
 
