-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
4.12.z, 4.14.z, 4.16.z
Description of problem:
UDP packet larger than MTU size can not be sent to its' own end point via the service. MTU here means "MTU size - OVNK header (100) - IP header (20)"
A pod ----(UDP)---> service IP ----------> A pod
Version-Release number of selected component (if applicable):
OCP 4.12.z 4.14.z 4.16.z
How reproducible:
Always
Steps to Reproduce:
1. create a pod and a service with an open UDP port (19765). e.g.
$ cat service.yaml apiVersion: v1 kind: Service metadata: name: udp-service spec: selector: app: udp ports: - name: udp-port protocol: UDP port: 19765 targetPort: 19765 type: ClusterIP $ cat udp-pod.yaml apiVersion: v1 kind: Pod metadata: labels: app: udp name: udppod spec: containers: - name: udp resources: securityContext: privileged: true capabilities: add: ["NET_RAW"] image: docker.io/dokken/centos-8 args: - bash - -c - sleep INF
2. In the pod, create a binary file that is bigger than the MTU size. If the MTU is 1500:
# yes 1 | head -n 10000 | tr '\n' ' ' | dd of=datafile bs=1373 count=1
2. Send the file in UDP protocol via the service IP of the same pod
# nc -lu 19765 & # nc -u <service IP> 19765 < datafile
Actual results:
It fails to send the data
Expected results:
It can send the data
Additional info:
1. The same works when sending UDP packet smaller than MTU size.
e.g.
# yes 1 | head -n 10000 | tr '\n' ' ' | dd of=datafile4 bs=1372 count=1
2. Using the pod IP instead of the service IP works regardless of the packet size
3. Communication between different pods works fine regardless of the packet size
B pod/node_A –--- (UDP) ----> service IP ----------> A pod/node_A
It is originally reported by a telco partner
Affected Platforms:
- is blocked by
-
-
- Verified
-
