fix: enable ip forward on transparent vlan network create (#2335)

* Enable ipv4 forwarding on network creation * Add multitenancy transparent vlan conflist to dropgz * Test if applying fix each time works * Address linter issues * Revert "Test if applying fix each time works" This reverts commit 8989ded. * Remove overlap in adding dropgz conflist * Add unit test if forwarding fails * Make error handling consistent with ipv6 forwarding * Address linter issue
Azure · Nov 2, 2023 · 428edb9 · 428edb9
1 parent 8a80c8e
commit 428edb9
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 0 deletions.
diff --git a/network/network_linux.go b/network/network_linux.go
@@ -93,6 +93,11 @@ func (nm *networkManager) newNetworkImpl(nwInfo *NetworkInfo, extIf *externalInt
 	case opModeTransparentVlan:
 		logger.Info("Transparent vlan mode")
 		ifName = extIf.Name
+		nu := networkutils.NewNetworkUtils(nm.netlink, nm.plClient)
+		if err := nu.EnableIPV4Forwarding(); err != nil {
+			return nil, fmt.Errorf("Ipv4 forwarding failed: %w", err)
+		}
+		logger.Info("Ipv4 forwarding enabled")
 	default:
 		return nil, errNetworkModeInvalid
 	}

diff --git a/network/network_test.go b/network/network_test.go
@@ -181,6 +181,26 @@ var _ = Describe("Test Network", func() {
 				Expect(nw.Id).To(Equal(nwInfo.Id))
 			})
 		})
+
+		Context("When we cannot enable ipv4 forwarding", func() {
+			It("Should error when ipv4 forwarding failed", func() {
+				nm := &networkManager{
+					ExternalInterfaces: map[string]*externalInterface{},
+					plClient:           platform.NewMockExecClient(true),
+				}
+				nm.ExternalInterfaces["eth0"] = &externalInterface{
+					Networks: map[string]*network{},
+				}
+				nwInfo := &NetworkInfo{
+					Id:           "nw",
+					MasterIfName: "eth0",
+					Mode:         opModeTransparentVlan,
+				}
+				nw, err := nm.newNetwork(nwInfo)
+				Expect(err).To(MatchError(platform.ErrMockExec))
+				Expect(nw).To(BeNil())
+			})
+		})
 	})
 
 	Describe("Test deleteNetwork", func() {

diff --git a/network/networkutils/networkutils_linux.go b/network/networkutils/networkutils_linux.go
@@ -34,6 +34,7 @@ const (
 	enableIPForwardCmd   = "sysctl -w net.ipv4.ip_forward=1"
 	toggleIPV6Cmd        = "sysctl -w net.ipv6.conf.all.disable_ipv6=%d"
 	enableIPV6ForwardCmd = "sysctl -w net.ipv6.conf.all.forwarding=1"
+	enableIPV4ForwardCmd = "sysctl -w net.ipv4.conf.all.forwarding=1"
 	disableRACmd         = "sysctl -w net.ipv6.conf.%s.accept_ra=0"
 	acceptRAV6File       = "/proc/sys/net/ipv6/conf/%s/accept_ra"
 )
@@ -220,6 +221,16 @@ func (nu NetworkUtils) EnableIPForwarding(ifName string) error {
 	return nil
 }
 
+func (nu NetworkUtils) EnableIPV4Forwarding() error {
+	_, err := nu.plClient.ExecuteCommand(enableIPV4ForwardCmd)
+	if err != nil {
+		logger.Error("Enable ipv4 forwarding failed with", zap.Error(err))
+		return errors.Wrap(err, "enable ipv4 forwarding failed")
+	}
+
+	return nil
+}
+
 func (nu NetworkUtils) EnableIPV6Forwarding() error {
 	cmd := fmt.Sprint(enableIPV6ForwardCmd)
 	_, err := nu.plClient.ExecuteCommand(cmd)