Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add an iptable rule to allow icmp for antrea-gw0 for NodeLatencyMonitor feature #6952

Open
luolanzone opened this issue Jan 24, 2025 · 0 comments
Open

Add an iptable rule to allow icmp for antrea-gw0 for NodeLatencyMonitor feature #6952

luolanzone opened this issue Jan 24, 2025 · 0 comments
Assignees
@Dhruv-J
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@luolanzone
Copy link
Contributor

luolanzone commented Jan 24, 2025
edited
Loading

Describe the problem/challenge you have

When I tried the NodeLatencyMonitor feature in a local testbed where the ICMP query is blocked by default, the feature will not work as expected because it relys on ICMP request to get the latency between Nodes.

Describe the solution you'd like

When I added an iptable rule 'iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT' on the Node, the feature is back to normal.
We can add a new rule to limit it to antrea-gw0 only with iptables -A INPUT -i antrea-gw0 -p icmp --icmp-type echo-request -j ACCEPT from Antrea side to make the feature work when the Node ICMP is blocked by default.
@luolanzone luolanzone added the kind/feature Categorizes issue or PR as related to a new feature. label Jan 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Dhruv-J Dhruv-J

Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Dhruv-J @luolanzone