-
Bug
-
Resolution: Unresolved
-
Critical
-
netobserv-1.7-candidate
-
None
-
None
-
False
-
None
-
False
-
-
-
NetObserv - Sprint 259, NetObserv - Sprint 260
-
Important
Description of problem:
With SRIOV interfaces, same IP subnet could be reused for secondary interfaces by multiple pods and IP annotations could be present for Pods having secondary interfaces in which case enrichment could be incorrect.
See slack discussion here: https://redhat-internal.slack.com/archives/C02939DP5L5/p1725415328316999
Enriching solely from MAC is not desirable because the observed MAC is not always the pod MAC (especially on traffic observed from geneve interface).
Here's what we can do:
- Continue to index by IP. In case of overlapping IPs, a lookup will return a shortlist of pods
- Look into that shortlist if there's a pod advertizing the observed MAC
- if true, use that pod
- if false, I guess it's better to not try to enrich at all, rather than risking a wrong enrichment
- is related to
-
NETOBSERV-1867 Ensure UDN are correctly tracked in netobserv / identify gaps
- To Do
-
NETOBSERV-1875 Make secondary network pod indexing configurable
- Closed
- relates to
-
NETOBSERV-1790 Manage enrichment via "k8s.v1.cni.cncf.io/network-status"
- Closed
- links to