There is currently a very small risk of collisions in the BPF maps used with UDNs:

If two pods share the same IP from two different UDNs, and those two pods communicate to exactly the same IP on same port, same protocol, and they use the same source port, and they are located on the same node, and they generate traffic roughly at the same time (+/- 5s) => that would generate a collision, and observed traffic from those two pods would be mixed up.

As you can imagine, this is quite unlikely.

(Although it's more likely when using a protocol like ICMP without ports.)

We may:

• Either avoid entirely these collisions, e.g. by sharing the interface-to-UDN map between user-space and kernel-space, and add the udn id (or interface id) into the BPF flow_id key when it's found.
• Or we consider it's a known limitation.
  • In that case we could also alert when we detect mixed-up data ; which may be detected based on the number of involved UDNs in the flow.