kube-proxy: internal config: consolidate SyncPeriod and MinSyncPeriod

Consolidate SyncPeriod and MinSyncPeriod for internal configuration of kube-proxy adhering to the v1alpha2 version specifications as detailed in https://kep.k8s.io/784. Signed-off-by: Daman Arora <aroradaman@gmail.com>
2025-07-25 04:33:26 +00:00 · 2024-07-17 22:20:15 +05:30 · 2024-07-17 22:20:15 +05:30 · 380adb93cc
commit 380adb93cc
parent 1854839ff0
15 changed files with 224 additions and 298 deletions
--- a/cmd/kube-proxy/app/options.go
+++ b/cmd/kube-proxy/app/options.go
@ -21,6 +21,7 @@ import (
 	"fmt"
 	"os"
 	"strings"
 	"time"
 	"github.com/fsnotify/fsnotify"
 	"github.com/spf13/pflag"
@ -79,6 +80,13 @@ type Options struct {
 	hostnameOverride string
 	logger klog.Logger
 	// The fields below here are placeholders for flags that can't be directly mapped into
 	// config.KubeProxyConfiguration.
 	iptablesSyncPeriod    time.Duration
 	iptablesMinSyncPeriod time.Duration
 	ipvsSyncPeriod        time.Duration
 	ipvsMinSyncPeriod     time.Duration
 }
 // AddFlags adds flags to fs and binds them to options.
@ -120,11 +128,11 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) {
 	fs.Int32Var(o.config.IPTables.MasqueradeBit, "iptables-masquerade-bit", ptr.Deref(o.config.IPTables.MasqueradeBit, 14), "If using the iptables or ipvs proxy mode, the bit of the fwmark space to mark packets requiring SNAT with.  Must be within the range [0, 31].")
 	fs.BoolVar(&o.config.Linux.MasqueradeAll, "masquerade-all", o.config.Linux.MasqueradeAll, "SNAT all traffic sent via Service cluster IPs. This may be required with some CNI plugins. Only supported on Linux.")
 	fs.BoolVar(o.config.IPTables.LocalhostNodePorts, "iptables-localhost-nodeports", ptr.Deref(o.config.IPTables.LocalhostNodePorts, true), "If false, kube-proxy will disable the legacy behavior of allowing NodePort services to be accessed via localhost. (Applies only to iptables mode and IPv4; localhost NodePorts are never allowed with other proxy modes or with IPv6.)")
-	fs.DurationVar(&o.config.IPTables.SyncPeriod.Duration, "iptables-sync-period", o.config.IPTables.SyncPeriod.Duration, "An interval (e.g. '5s', '1m', '2h22m') indicating how frequently various re-synchronizing and cleanup operations are performed. Must be greater than 0.")
+	fs.DurationVar(&o.iptablesSyncPeriod, "iptables-sync-period", o.config.SyncPeriod.Duration, "An interval (e.g. '5s', '1m', '2h22m') indicating how frequently various re-synchronizing and cleanup operations are performed. Must be greater than 0.")
-	fs.DurationVar(&o.config.IPTables.MinSyncPeriod.Duration, "iptables-min-sync-period", o.config.IPTables.MinSyncPeriod.Duration, "The minimum period between iptables rule resyncs (e.g. '5s', '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will result in an immediate iptables resync.")
+	fs.DurationVar(&o.iptablesMinSyncPeriod, "iptables-min-sync-period", o.config.MinSyncPeriod.Duration, "The minimum period between iptables rule resyncs (e.g. '5s', '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will result in an immediate iptables resync.")
-	fs.DurationVar(&o.config.IPVS.SyncPeriod.Duration, "ipvs-sync-period", o.config.IPVS.SyncPeriod.Duration, "An interval (e.g. '5s', '1m', '2h22m') indicating how frequently various re-synchronizing and cleanup operations are performed. Must be greater than 0.")
+	fs.DurationVar(&o.ipvsSyncPeriod, "ipvs-sync-period", o.config.SyncPeriod.Duration, "An interval (e.g. '5s', '1m', '2h22m') indicating how frequently various re-synchronizing and cleanup operations are performed. Must be greater than 0.")
-	fs.DurationVar(&o.config.IPVS.MinSyncPeriod.Duration, "ipvs-min-sync-period", o.config.IPVS.MinSyncPeriod.Duration, "The minimum period between IPVS rule resyncs (e.g. '5s', '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will result in an immediate IPVS resync.")
+	fs.DurationVar(&o.ipvsMinSyncPeriod, "ipvs-min-sync-period", o.config.MinSyncPeriod.Duration, "The minimum period between IPVS rule resyncs (e.g. '5s', '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will result in an immediate IPVS resync.")
 	fs.StringVar(&o.config.IPVS.Scheduler, "ipvs-scheduler", o.config.IPVS.Scheduler, "The ipvs scheduler type when proxy mode is ipvs")
 	fs.StringSliceVar(&o.config.IPVS.ExcludeCIDRs, "ipvs-exclude-cidrs", o.config.IPVS.ExcludeCIDRs, "A comma-separated list of CIDRs which the ipvs proxier should not touch when cleaning up IPVS rules.")
 	fs.BoolVar(&o.config.IPVS.StrictARP, "ipvs-strict-arp", o.config.IPVS.StrictARP, "Enable strict ARP by setting arp_ignore to 1 and arp_announce to 2")
@ -216,6 +224,8 @@ func (o *Options) Complete(fs *pflag.FlagSet) error {
 		if err := o.initWatcher(); err != nil {
 			return err
 		}
 	} else {
 		o.processV1Alpha1Flags(fs)
 	}
 	o.platformApplyDefaults(o.config)
@ -302,6 +312,22 @@ func (o *Options) processHostnameOverrideFlag() error {
 	return nil
 }
 // processV1Alpha1Flags processes v1alpha1 flags which can't be directly mapped to internal config.
 func (o *Options) processV1Alpha1Flags(fs *pflag.FlagSet) {
 	if fs.Changed("iptables-sync-period") && o.config.Mode != kubeproxyconfig.ProxyModeIPVS {
 		o.config.SyncPeriod.Duration = o.iptablesSyncPeriod
 	}
 	if fs.Changed("iptables-min-sync-period") && o.config.Mode != kubeproxyconfig.ProxyModeIPVS {
 		o.config.MinSyncPeriod.Duration = o.iptablesMinSyncPeriod
 	}
 	if fs.Changed("ipvs-sync-period") && o.config.Mode == kubeproxyconfig.ProxyModeIPVS {
 		o.config.SyncPeriod.Duration = o.ipvsSyncPeriod
 	}
 	if fs.Changed("ipvs-min-sync-period") && o.config.Mode == kubeproxyconfig.ProxyModeIPVS {
 		o.config.MinSyncPeriod.Duration = o.ipvsMinSyncPeriod
 	}
 }
 // Validate validates all the required options.
 func (o *Options) Validate() error {
 	if errs := validation.Validate(o.config); len(errs) != 0 {
--- a/cmd/kube-proxy/app/options_test.go
+++ b/cmd/kube-proxy/app/options_test.go
@ -195,6 +195,8 @@ nodePortAddresses:
 					QPS:                7,
 				},
 				ClusterCIDR:      tc.clusterCIDR,
 				MinSyncPeriod:    metav1.Duration{Duration: 10 * time.Second},
 				SyncPeriod:       metav1.Duration{Duration: 60 * time.Second},
 				ConfigSyncPeriod: metav1.Duration{Duration: 15 * time.Second},
 				Linux: kubeproxyconfig.KubeProxyLinuxConfiguration{
 					Conntrack: kubeproxyconfig.KubeProxyConntrackConfiguration{
@ -212,18 +214,12 @@ nodePortAddresses:
 				IPTables: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 					MasqueradeBit:      ptr.To[int32](17),
 					LocalhostNodePorts: ptr.To(true),
 					MinSyncPeriod:      metav1.Duration{Duration: 10 * time.Second},
 					SyncPeriod:         metav1.Duration{Duration: 60 * time.Second},
 				},
 				IPVS: kubeproxyconfig.KubeProxyIPVSConfiguration{
-					MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
+					ExcludeCIDRs: []string{"10.20.30.40/16", "fd00:1::0/64"},
 					SyncPeriod:    metav1.Duration{Duration: 60 * time.Second},
 					ExcludeCIDRs:  []string{"10.20.30.40/16", "fd00:1::0/64"},
 				},
 				NFTables: kubeproxyconfig.KubeProxyNFTablesConfiguration{
 					MasqueradeBit: ptr.To[int32](18),
 					MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
 					SyncPeriod:    metav1.Duration{Duration: 60 * time.Second},
 				},
 				MetricsBindAddress: tc.metricsBindAddress,
 				Mode:               kubeproxyconfig.ProxyMode(tc.mode),
@ -377,6 +373,90 @@ func TestProcessHostnameOverrideFlag(t *testing.T) {
 	}
 }
 // TestProcessV1Alpha1Flags tests processing v1alpha1 flags.
 func TestProcessV1Alpha1Flags(t *testing.T) {
 	testCases := []struct {
 		name     string
 		flags    []string
 		validate func(*kubeproxyconfig.KubeProxyConfiguration) bool
 	}{
 		{
 			name: "iptables configuration",
 			flags: []string{
 				"--iptables-sync-period=36s",
 				"--iptables-min-sync-period=3s",
 				"--proxy-mode=iptables",
 			},
 			validate: func(config *kubeproxyconfig.KubeProxyConfiguration) bool {
 				return config.SyncPeriod == metav1.Duration{Duration: 36 * time.Second} &&
 					config.MinSyncPeriod == metav1.Duration{Duration: 3 * time.Second}
 			},
 		},
 		{
 			name: "iptables + ipvs configuration with iptables mode",
 			flags: []string{
 				"--iptables-sync-period=36s",
 				"--iptables-min-sync-period=3s",
 				"--ipvs-sync-period=16s",
 				"--ipvs-min-sync-period=7s",
 				"--proxy-mode=iptables",
 			},
 			validate: func(config *kubeproxyconfig.KubeProxyConfiguration) bool {
 				return config.SyncPeriod == metav1.Duration{Duration: 36 * time.Second} &&
 					config.MinSyncPeriod == metav1.Duration{Duration: 3 * time.Second}
 			},
 		},
 		{
 			name: "winkernel configuration",
 			flags: []string{
 				"--iptables-sync-period=36s",
 				"--iptables-min-sync-period=3s",
 				"--proxy-mode=kernelspace",
 			},
 			validate: func(config *kubeproxyconfig.KubeProxyConfiguration) bool {
 				return config.SyncPeriod == metav1.Duration{Duration: 36 * time.Second} &&
 					config.MinSyncPeriod == metav1.Duration{Duration: 3 * time.Second}
 			},
 		},
 		{
 			name: "ipvs + iptables configuration with ipvs mode",
 			flags: []string{
 				"--iptables-sync-period=36s",
 				"--iptables-min-sync-period=3s",
 				"--ipvs-sync-period=16s",
 				"--ipvs-min-sync-period=7s",
 				"--proxy-mode=ipvs",
 			},
 			validate: func(config *kubeproxyconfig.KubeProxyConfiguration) bool {
 				return config.SyncPeriod == metav1.Duration{Duration: 16 * time.Second} &&
 					config.MinSyncPeriod == metav1.Duration{Duration: 7 * time.Second}
 			},
 		},
 		{
 			name: "ipvs configuration",
 			flags: []string{
 				"--ipvs-sync-period=16s",
 				"--ipvs-min-sync-period=7s",
 				"--proxy-mode=ipvs",
 			},
 			validate: func(config *kubeproxyconfig.KubeProxyConfiguration) bool {
 				return config.SyncPeriod == metav1.Duration{Duration: 16 * time.Second} &&
 					config.MinSyncPeriod == metav1.Duration{Duration: 7 * time.Second}
 			},
 		},
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			options := NewOptions()
 			fs := new(pflag.FlagSet)
 			options.AddFlags(fs)
 			require.NoError(t, fs.Parse(tc.flags))
 			options.processV1Alpha1Flags(fs)
 			require.True(t, tc.validate(options.config))
 		})
 	}
 }
 // TestOptionsComplete checks that command line flags are combined with a
 // config properly.
 func TestOptionsComplete(t *testing.T) {
--- a/cmd/kube-proxy/app/server.go
+++ b/cmd/kube-proxy/app/server.go
@ -222,7 +222,7 @@ func newProxyServer(ctx context.Context, config *kubeproxyconfig.KubeProxyConfig
 	}
 	if len(config.HealthzBindAddress) > 0 {
-		s.HealthzServer = healthcheck.NewProxierHealthServer(config.HealthzBindAddress, 2*config.IPTables.SyncPeriod.Duration)
+		s.HealthzServer = healthcheck.NewProxierHealthServer(config.HealthzBindAddress, 2*config.SyncPeriod.Duration)
 	}
 	err = s.platformSetup(ctx)
--- a/cmd/kube-proxy/app/server_linux.go
+++ b/cmd/kube-proxy/app/server_linux.go
@ -178,8 +178,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 				ipt,
 				utilsysctl.New(),
 				exec.New(),
-				config.IPTables.SyncPeriod.Duration,
+				config.SyncPeriod.Duration,
-				config.IPTables.MinSyncPeriod.Duration,
+				config.MinSyncPeriod.Duration,
 				config.Linux.MasqueradeAll,
 				*config.IPTables.LocalhostNodePorts,
 				int(*config.IPTables.MasqueradeBit),
@ -202,8 +202,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 				iptInterface,
 				utilsysctl.New(),
 				exec.New(),
-				config.IPTables.SyncPeriod.Duration,
+				config.SyncPeriod.Duration,
-				config.IPTables.MinSyncPeriod.Duration,
+				config.MinSyncPeriod.Duration,
 				config.Linux.MasqueradeAll,
 				*config.IPTables.LocalhostNodePorts,
 				int(*config.IPTables.MasqueradeBit),
@ -238,8 +238,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 				ipsetInterface,
 				utilsysctl.New(),
 				execer,
-				config.IPVS.SyncPeriod.Duration,
+				config.SyncPeriod.Duration,
-				config.IPVS.MinSyncPeriod.Duration,
+				config.MinSyncPeriod.Duration,
 				config.IPVS.ExcludeCIDRs,
 				config.IPVS.StrictARP,
 				config.IPVS.TCPTimeout.Duration,
@ -266,8 +266,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 				ipsetInterface,
 				utilsysctl.New(),
 				execer,
-				config.IPVS.SyncPeriod.Duration,
+				config.SyncPeriod.Duration,
-				config.IPVS.MinSyncPeriod.Duration,
+				config.MinSyncPeriod.Duration,
 				config.IPVS.ExcludeCIDRs,
 				config.IPVS.StrictARP,
 				config.IPVS.TCPTimeout.Duration,
@ -295,8 +295,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 			// TODO this has side effects that should only happen when Run() is invoked.
 			proxier, err = nftables.NewDualStackProxier(
 				ctx,
-				config.NFTables.SyncPeriod.Duration,
+				config.SyncPeriod.Duration,
-				config.NFTables.MinSyncPeriod.Duration,
+				config.MinSyncPeriod.Duration,
 				config.Linux.MasqueradeAll,
 				int(*config.NFTables.MasqueradeBit),
 				localDetectors,
@ -313,8 +313,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 			proxier, err = nftables.NewProxier(
 				ctx,
 				s.PrimaryIPFamily,
-				config.NFTables.SyncPeriod.Duration,
+				config.SyncPeriod.Duration,
-				config.NFTables.MinSyncPeriod.Duration,
+				config.MinSyncPeriod.Duration,
 				config.Linux.MasqueradeAll,
 				int(*config.NFTables.MasqueradeBit),
 				localDetectors[s.PrimaryIPFamily],
--- a/cmd/kube-proxy/app/server_windows.go
+++ b/cmd/kube-proxy/app/server_windows.go
@ -91,8 +91,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 	if dualStackMode {
 		proxier, err = winkernel.NewDualStackProxier(
-			config.IPTables.SyncPeriod.Duration,
+			config.SyncPeriod.Duration,
-			config.IPTables.MinSyncPeriod.Duration,
+			config.MinSyncPeriod.Duration,
 			s.Hostname,
 			s.NodeIPs,
 			s.Recorder,
@ -103,8 +103,8 @@ func (s *ProxyServer) createProxier(ctx context.Context, config *proxyconfigapi.
 	} else {
 		proxier, err = winkernel.NewProxier(
 			s.PrimaryIPFamily,
-			config.IPTables.SyncPeriod.Duration,
+			config.SyncPeriod.Duration,
-			config.IPTables.MinSyncPeriod.Duration,
+			config.MinSyncPeriod.Duration,
 			s.Hostname,
 			s.NodeIPs[s.PrimaryIPFamily],
 			s.Recorder,
--- a/pkg/proxy/apis/config/scheme/testdata/KubeProxyConfiguration/after/v1alpha1.yaml
+++ b/pkg/proxy/apis/config/scheme/testdata/KubeProxyConfiguration/after/v1alpha1.yaml
@ -35,7 +35,7 @@ ipvs:
  minSyncPeriod: 0s
  scheduler: ""
  strictARP: false
-  syncPeriod: 30s
+  syncPeriod: 0s
  tcpFinTimeout: 0s
  tcpTimeout: 0s
  udpTimeout: 0s
@ -54,8 +54,8 @@ mode: ""
 nftables:
  masqueradeAll: false
  masqueradeBit: 14
-  minSyncPeriod: 1s
+  minSyncPeriod: 0s
-  syncPeriod: 30s
+  syncPeriod: 0s
 nodePortAddresses: null
 oomScoreAdj: -999
 portRange: ""
--- a/pkg/proxy/apis/config/scheme/testdata/KubeProxyConfiguration/roundtrip/default/v1alpha1.yaml
+++ b/pkg/proxy/apis/config/scheme/testdata/KubeProxyConfiguration/roundtrip/default/v1alpha1.yaml
@ -35,7 +35,7 @@ ipvs:
  minSyncPeriod: 0s
  scheduler: ""
  strictARP: false
-  syncPeriod: 30s
+  syncPeriod: 0s
  tcpFinTimeout: 0s
  tcpTimeout: 0s
  udpTimeout: 0s
@ -54,8 +54,8 @@ mode: ""
 nftables:
  masqueradeAll: false
  masqueradeBit: 14
-  minSyncPeriod: 1s
+  minSyncPeriod: 0s
-  syncPeriod: 30s
+  syncPeriod: 0s
 nodePortAddresses: null
 oomScoreAdj: -999
 portRange: ""
--- a/pkg/proxy/apis/config/types.go
+++ b/pkg/proxy/apis/config/types.go
@ -53,27 +53,11 @@ type KubeProxyIPTablesConfiguration struct {
 	// iptables mode and IPv4; localhost NodePorts are never allowed with other proxy
 	// modes or with IPv6.)
 	LocalhostNodePorts *bool
 	// syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
 	// various re-synchronizing and cleanup operations are performed. Must be greater
 	// than 0.
 	SyncPeriod metav1.Duration
 	// minSyncPeriod is the minimum period between iptables rule resyncs (e.g. '5s',
 	// '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will
 	// result in an immediate iptables resync.
 	MinSyncPeriod metav1.Duration
 }
 // KubeProxyIPVSConfiguration contains ipvs-related configuration
 // details for the Kubernetes proxy server.
 type KubeProxyIPVSConfiguration struct {
 	// syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
 	// various re-synchronizing and cleanup operations are performed. Must be greater
 	// than 0.
 	SyncPeriod metav1.Duration
 	// minSyncPeriod is the minimum period between IPVS rule resyncs (e.g. '5s', '1m',
 	// '2h22m'). A value of 0 means every Service or EndpointSlice change will result
 	// in an immediate IPVS resync.
 	MinSyncPeriod metav1.Duration
 	// scheduler is the IPVS scheduler to use
 	Scheduler string
 	// excludeCIDRs is a list of CIDRs which the ipvs proxier should not touch
@ -99,14 +83,6 @@ type KubeProxyNFTablesConfiguration struct {
 	// masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
 	// the nftables proxy mode. Values must be within the range [0, 31].
 	MasqueradeBit *int32
 	// syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
 	// various re-synchronizing and cleanup operations are performed. Must be greater
 	// than 0.
 	SyncPeriod metav1.Duration
 	// minSyncPeriod is the minimum period between iptables rule resyncs (e.g. '5s',
 	// '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will
 	// result in an immediate iptables resync.
 	MinSyncPeriod metav1.Duration
 }
 // KubeProxyConntrackConfiguration contains conntrack settings for
@ -251,6 +227,14 @@ type KubeProxyConfiguration struct {
 	// object. If unset, NodePort connections will be accepted on all local IPs.
 	NodePortAddresses []string
 	// syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
 	// various re-synchronizing and cleanup operations are performed. Must be greater
 	// than 0.
 	SyncPeriod metav1.Duration
 	// minSyncPeriod is the minimum period between proxier rule resyncs (e.g. '5s',
 	// '1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will
 	// result in an immediate proxier resync.
 	MinSyncPeriod metav1.Duration
 	// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
 	// than 0.
 	ConfigSyncPeriod metav1.Duration
--- a/pkg/proxy/apis/config/v1alpha1/conversion.go
+++ b/pkg/proxy/apis/config/v1alpha1/conversion.go
@ -36,6 +36,18 @@ func Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in
 	default:
 		out.IPTables.MasqueradeAll = in.Linux.MasqueradeAll
 	}
 	switch in.Mode {
 	case config.ProxyModeIPVS:
 		out.IPVS.SyncPeriod = in.SyncPeriod
 		out.IPVS.MinSyncPeriod = in.MinSyncPeriod
 	case config.ProxyModeNFTables:
 		out.NFTables.SyncPeriod = in.SyncPeriod
 		out.NFTables.MinSyncPeriod = in.MinSyncPeriod
 	default:
 		out.IPTables.SyncPeriod = in.SyncPeriod
 		out.IPTables.MinSyncPeriod = in.MinSyncPeriod
 	}
 	return nil
 }
@ -53,6 +65,18 @@ func Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(in
 	default:
 		out.Linux.MasqueradeAll = in.IPTables.MasqueradeAll
 	}
 	switch config.ProxyMode(in.Mode) {
 	case config.ProxyModeIPVS:
 		out.SyncPeriod = in.IPVS.SyncPeriod
 		out.MinSyncPeriod = in.IPVS.MinSyncPeriod
 	case config.ProxyModeNFTables:
 		out.SyncPeriod = in.NFTables.SyncPeriod
 		out.MinSyncPeriod = in.NFTables.MinSyncPeriod
 	default:
 		out.SyncPeriod = in.IPTables.SyncPeriod
 		out.MinSyncPeriod = in.IPTables.MinSyncPeriod
 	}
 	return nil
 }
@ -61,6 +85,11 @@ func Convert_v1alpha1_KubeProxyIPTablesConfiguration_To_config_KubeProxyIPTables
 	return autoConvert_v1alpha1_KubeProxyIPTablesConfiguration_To_config_KubeProxyIPTablesConfiguration(in, out, scope)
 }
 // Convert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration is defined here, because public conversion is not auto-generated due to existing warnings.
 func Convert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(in *v1alpha1.KubeProxyIPVSConfiguration, out *config.KubeProxyIPVSConfiguration, scope conversion.Scope) error {
 	return autoConvert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(in, out, scope)
 }
 // Convert_v1alpha1_KubeProxyNFTablesConfiguration_To_config_KubeProxyNFTablesConfiguration is defined here, because public conversion is not auto-generated due to existing warnings.
 func Convert_v1alpha1_KubeProxyNFTablesConfiguration_To_config_KubeProxyNFTablesConfiguration(in *v1alpha1.KubeProxyNFTablesConfiguration, out *config.KubeProxyNFTablesConfiguration, scope conversion.Scope) error {
 	return autoConvert_v1alpha1_KubeProxyNFTablesConfiguration_To_config_KubeProxyNFTablesConfiguration(in, out, scope)
--- a/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go
+++ b/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go
@ -64,11 +64,6 @@ func RegisterConversions(s *runtime.Scheme) error {
 	}); err != nil {
 		return err
 	}
 	if err := s.AddGeneratedConversionFunc((*v1alpha1.KubeProxyIPVSConfiguration)(nil), (*config.KubeProxyIPVSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(a.(*v1alpha1.KubeProxyIPVSConfiguration), b.(*config.KubeProxyIPVSConfiguration), scope)
 	}); err != nil {
 		return err
 	}
 	if err := s.AddGeneratedConversionFunc((*config.KubeProxyIPVSConfiguration)(nil), (*v1alpha1.KubeProxyIPVSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_config_KubeProxyIPVSConfiguration_To_v1alpha1_KubeProxyIPVSConfiguration(a.(*config.KubeProxyIPVSConfiguration), b.(*v1alpha1.KubeProxyIPVSConfiguration), scope)
 	}); err != nil {
@ -104,6 +99,11 @@ func RegisterConversions(s *runtime.Scheme) error {
 	}); err != nil {
 		return err
 	}
 	if err := s.AddConversionFunc((*v1alpha1.KubeProxyIPVSConfiguration)(nil), (*config.KubeProxyIPVSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(a.(*v1alpha1.KubeProxyIPVSConfiguration), b.(*config.KubeProxyIPVSConfiguration), scope)
 	}); err != nil {
 		return err
 	}
 	if err := s.AddConversionFunc((*v1alpha1.KubeProxyNFTablesConfiguration)(nil), (*config.KubeProxyNFTablesConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_v1alpha1_KubeProxyNFTablesConfiguration_To_config_KubeProxyNFTablesConfiguration(a.(*v1alpha1.KubeProxyNFTablesConfiguration), b.(*config.KubeProxyNFTablesConfiguration), scope)
 	}); err != nil {
@ -208,6 +208,8 @@ func autoConvert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguratio
 	}
 	out.ClusterCIDR = in.ClusterCIDR
 	out.NodePortAddresses = *(*[]string)(unsafe.Pointer(&in.NodePortAddresses))
 	// WARNING: in.SyncPeriod requires manual conversion: does not exist in peer-type
 	// WARNING: in.MinSyncPeriod requires manual conversion: does not exist in peer-type
 	out.ConfigSyncPeriod = in.ConfigSyncPeriod
 	out.PortRange = in.PortRange
 	return nil
@ -249,16 +251,14 @@ func autoConvert_v1alpha1_KubeProxyIPTablesConfiguration_To_config_KubeProxyIPTa
 	out.MasqueradeBit = (*int32)(unsafe.Pointer(in.MasqueradeBit))
 	// WARNING: in.MasqueradeAll requires manual conversion: does not exist in peer-type
 	out.LocalhostNodePorts = (*bool)(unsafe.Pointer(in.LocalhostNodePorts))
-	out.SyncPeriod = in.SyncPeriod
+	// WARNING: in.SyncPeriod requires manual conversion: does not exist in peer-type
-	out.MinSyncPeriod = in.MinSyncPeriod
+	// WARNING: in.MinSyncPeriod requires manual conversion: does not exist in peer-type
 	return nil
 }
 func autoConvert_config_KubeProxyIPTablesConfiguration_To_v1alpha1_KubeProxyIPTablesConfiguration(in *config.KubeProxyIPTablesConfiguration, out *v1alpha1.KubeProxyIPTablesConfiguration, s conversion.Scope) error {
 	out.MasqueradeBit = (*int32)(unsafe.Pointer(in.MasqueradeBit))
 	out.LocalhostNodePorts = (*bool)(unsafe.Pointer(in.LocalhostNodePorts))
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	return nil
 }
@ -268,8 +268,8 @@ func Convert_config_KubeProxyIPTablesConfiguration_To_v1alpha1_KubeProxyIPTables
 }
 func autoConvert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(in *v1alpha1.KubeProxyIPVSConfiguration, out *config.KubeProxyIPVSConfiguration, s conversion.Scope) error {
-	out.SyncPeriod = in.SyncPeriod
+	// WARNING: in.SyncPeriod requires manual conversion: does not exist in peer-type
-	out.MinSyncPeriod = in.MinSyncPeriod
+	// WARNING: in.MinSyncPeriod requires manual conversion: does not exist in peer-type
 	out.Scheduler = in.Scheduler
 	out.ExcludeCIDRs = *(*[]string)(unsafe.Pointer(&in.ExcludeCIDRs))
 	out.StrictARP = in.StrictARP
@ -279,14 +279,7 @@ func autoConvert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConf
 	return nil
 }
 // Convert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration is an autogenerated conversion function.
 func Convert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(in *v1alpha1.KubeProxyIPVSConfiguration, out *config.KubeProxyIPVSConfiguration, s conversion.Scope) error {
 	return autoConvert_v1alpha1_KubeProxyIPVSConfiguration_To_config_KubeProxyIPVSConfiguration(in, out, s)
 }
 func autoConvert_config_KubeProxyIPVSConfiguration_To_v1alpha1_KubeProxyIPVSConfiguration(in *config.KubeProxyIPVSConfiguration, out *v1alpha1.KubeProxyIPVSConfiguration, s conversion.Scope) error {
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	out.Scheduler = in.Scheduler
 	out.ExcludeCIDRs = *(*[]string)(unsafe.Pointer(&in.ExcludeCIDRs))
 	out.StrictARP = in.StrictARP
@ -304,15 +297,13 @@ func Convert_config_KubeProxyIPVSConfiguration_To_v1alpha1_KubeProxyIPVSConfigur
 func autoConvert_v1alpha1_KubeProxyNFTablesConfiguration_To_config_KubeProxyNFTablesConfiguration(in *v1alpha1.KubeProxyNFTablesConfiguration, out *config.KubeProxyNFTablesConfiguration, s conversion.Scope) error {
 	out.MasqueradeBit = (*int32)(unsafe.Pointer(in.MasqueradeBit))
 	// WARNING: in.MasqueradeAll requires manual conversion: does not exist in peer-type
-	out.SyncPeriod = in.SyncPeriod
+	// WARNING: in.SyncPeriod requires manual conversion: does not exist in peer-type
-	out.MinSyncPeriod = in.MinSyncPeriod
+	// WARNING: in.MinSyncPeriod requires manual conversion: does not exist in peer-type
 	return nil
 }
 func autoConvert_config_KubeProxyNFTablesConfiguration_To_v1alpha1_KubeProxyNFTablesConfiguration(in *config.KubeProxyNFTablesConfiguration, out *v1alpha1.KubeProxyNFTablesConfiguration, s conversion.Scope) error {
 	out.MasqueradeBit = (*int32)(unsafe.Pointer(in.MasqueradeBit))
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	return nil
 }
--- a/pkg/proxy/apis/config/validation/validation.go
+++ b/pkg/proxy/apis/config/validation/validation.go
@ -61,6 +61,15 @@ func Validate(config *kubeproxyconfig.KubeProxyConfiguration) field.ErrorList {
 	if config.ConfigSyncPeriod.Duration <= 0 {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("ConfigSyncPeriod"), config.ConfigSyncPeriod, "must be greater than 0"))
 	}
 	if config.SyncPeriod.Duration <= 0 {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("SyncPeriod"), config.SyncPeriod, "must be greater than 0"))
 	}
 	if config.MinSyncPeriod.Duration < 0 {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("MinSyncPeriod"), config.MinSyncPeriod, "must be greater than or equal to 0"))
 	}
 	if config.MinSyncPeriod.Duration > config.SyncPeriod.Duration {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("SyncPeriod"), config.MinSyncPeriod, fmt.Sprintf("must be greater than or equal to %s", newPath.Child("MinSyncPeriod").String())))
 	}
 	if netutils.ParseIPSloppy(config.BindAddress) == nil {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("BindAddress"), config.BindAddress, "not a valid textual representation of an IP address"))
@ -115,37 +124,12 @@ func validateKubeProxyIPTablesConfiguration(config kubeproxyconfig.KubeProxyIPTa
 	if config.MasqueradeBit != nil && (*config.MasqueradeBit < 0 || *config.MasqueradeBit > 31) {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("MasqueradeBit"), config.MasqueradeBit, "must be within the range [0, 31]"))
 	}
 	if config.SyncPeriod.Duration <= 0 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("SyncPeriod"), config.SyncPeriod, "must be greater than 0"))
 	}
 	if config.MinSyncPeriod.Duration < 0 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("MinSyncPeriod"), config.MinSyncPeriod, "must be greater than or equal to 0"))
 	}
 	if config.MinSyncPeriod.Duration > config.SyncPeriod.Duration {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("SyncPeriod"), config.MinSyncPeriod, fmt.Sprintf("must be greater than or equal to %s", fldPath.Child("MinSyncPeriod").String())))
 	}
 	return allErrs
 }
 func validateKubeProxyIPVSConfiguration(config kubeproxyconfig.KubeProxyIPVSConfiguration, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 	if config.SyncPeriod.Duration <= 0 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("SyncPeriod"), config.SyncPeriod, "must be greater than 0"))
 	}
 	if config.MinSyncPeriod.Duration < 0 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("MinSyncPeriod"), config.MinSyncPeriod, "must be greater than or equal to 0"))
 	}
 	if config.MinSyncPeriod.Duration > config.SyncPeriod.Duration {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("SyncPeriod"), config.MinSyncPeriod, fmt.Sprintf("must be greater than or equal to %s", fldPath.Child("MinSyncPeriod").String())))
 	}
 	allErrs = append(allErrs, validateIPVSTimeout(config, fldPath)...)
 	allErrs = append(allErrs, validateIPVSExcludeCIDRs(config.ExcludeCIDRs, fldPath.Child("ExcludeCidrs"))...)
@ -159,18 +143,6 @@ func validateKubeProxyNFTablesConfiguration(config kubeproxyconfig.KubeProxyNFTa
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("MasqueradeBit"), config.MasqueradeBit, "must be within the range [0, 31]"))
 	}
 	if config.SyncPeriod.Duration <= 0 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("SyncPeriod"), config.SyncPeriod, "must be greater than 0"))
 	}
 	if config.MinSyncPeriod.Duration < 0 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("MinSyncPeriod"), config.MinSyncPeriod, "must be greater than or equal to 0"))
 	}
 	if config.MinSyncPeriod.Duration > config.SyncPeriod.Duration {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("SyncPeriod"), config.MinSyncPeriod, fmt.Sprintf("must be greater than or equal to %s", fldPath.Child("MinSyncPeriod").String())))
 	}
 	return allErrs
 }
--- a/pkg/proxy/apis/config/validation/validation_other_test.go
+++ b/pkg/proxy/apis/config/validation/validation_other_test.go
@ -1,42 +0,0 @@
 //go:build !windows
 // +build !windows
 /*
 Copyright 2024 The Kubernetes Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package validation
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/config"
 )
 var (
 	kubeProxyConfigNewPath     = field.NewPath("KubeProxyConfiguration")
 	osKubeProxyConfigTestCases = map[string]struct {
 		mutateConfigFunc func(*kubeproxyconfig.KubeProxyConfiguration)
 		expectedErrs     field.ErrorList
 	}{
 		// Windows doesn't support IPVS, so this test will fail.
 		"IPVS mode selected without providing required SyncPeriod": {
 			mutateConfigFunc: func(config *kubeproxyconfig.KubeProxyConfiguration) {
 				config.Mode = kubeproxyconfig.ProxyModeIPVS
 			},
 			expectedErrs: field.ErrorList{field.Invalid(kubeProxyConfigNewPath.Child("KubeProxyIPVSConfiguration.SyncPeriod"), metav1.Duration{Duration: 0}, "must be greater than 0")},
 		},
 	}
 )
--- a/pkg/proxy/apis/config/validation/validation_test.go
+++ b/pkg/proxy/apis/config/validation/validation_test.go
@ -37,11 +37,10 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
 		HealthzBindAddress: "0.0.0.0:10256",
 		MetricsBindAddress: "127.0.0.1:10249",
 		ClusterCIDR:        "192.168.59.0/24",
 		SyncPeriod:         metav1.Duration{Duration: 5 * time.Second},
 		MinSyncPeriod:      metav1.Duration{Duration: 2 * time.Second},
 		ConfigSyncPeriod:   metav1.Duration{Duration: 1 * time.Second},
-		IPTables: kubeproxyconfig.KubeProxyIPTablesConfiguration{
+		IPTables:           kubeproxyconfig.KubeProxyIPTablesConfiguration{},
 			SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 			MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
 		},
 		Linux: kubeproxyconfig.KubeProxyLinuxConfiguration{
 			Conntrack: kubeproxyconfig.KubeProxyConntrackConfiguration{
 				MaxPerCore:            ptr.To[int32](1),
@ -70,10 +69,6 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
 					config.Mode = kubeproxyconfig.ProxyModeKernelspace
 				} else {
 					config.Mode = kubeproxyconfig.ProxyModeIPVS
 					config.IPVS = kubeproxyconfig.KubeProxyIPVSConfiguration{
 						SyncPeriod:    metav1.Duration{Duration: 10 * time.Second},
 						MinSyncPeriod: metav1.Duration{Duration: 5 * time.Second},
 					}
 				}
 			},
 		},
@ -157,6 +152,26 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("ConfigSyncPeriod"), metav1.Duration{Duration: -1 * time.Second}, "must be greater than 0")},
 		},
 		"SyncPeriod must be > 0": {
 			mutateConfigFunc: func(config *kubeproxyconfig.KubeProxyConfiguration) {
 				config.SyncPeriod = metav1.Duration{Duration: -5 * time.Second}
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("SyncPeriod"), metav1.Duration{Duration: -5 * time.Second}, "must be greater than 0"),
 				field.Invalid(newPath.Child("SyncPeriod"), metav1.Duration{Duration: 2 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.MinSyncPeriod")},
 		},
 		"MinSyncPeriod must be > 0": {
 			mutateConfigFunc: func(config *kubeproxyconfig.KubeProxyConfiguration) {
 				config.MinSyncPeriod = metav1.Duration{Duration: -2 * time.Second}
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("MinSyncPeriod"), metav1.Duration{Duration: -2 * time.Second}, "must be greater than or equal to 0")},
 		},
 		"SyncPeriod must be >= MinSyncPeriod": {
 			mutateConfigFunc: func(config *kubeproxyconfig.KubeProxyConfiguration) {
 				config.SyncPeriod = metav1.Duration{Duration: 1 * time.Second}
 				config.MinSyncPeriod = metav1.Duration{Duration: 5 * time.Second}
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("SyncPeriod"), metav1.Duration{Duration: 5 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.MinSyncPeriod")},
 		},
 		"interfacePrefix is empty": {
 			mutateConfigFunc: func(config *kubeproxyconfig.KubeProxyConfiguration) {
 				config.DetectLocalMode = kubeproxyconfig.LocalModeInterfaceNamePrefix
@ -191,10 +206,6 @@ func TestValidateKubeProxyConfiguration(t *testing.T) {
 		},
 	}
 	for name, testCase := range osKubeProxyConfigTestCases {
 		testCases[name] = testCase
 	}
 	for name, testCase := range testCases {
 		t.Run(name, func(t *testing.T) {
 			config := baseConfig.DeepCopy()
@ -216,53 +227,18 @@ func TestValidateKubeProxyIPTablesConfiguration(t *testing.T) {
 		config       kubeproxyconfig.KubeProxyIPTablesConfiguration
 		expectedErrs field.ErrorList
 	}{
 		"valid iptables config": {
 			config: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
 			},
 			expectedErrs: field.ErrorList{},
 		},
 		"valid custom MasqueradeBit": {
 			config: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 				MasqueradeBit: ptr.To[int32](5),
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
 			},
 			expectedErrs: field.ErrorList{},
 		},
 		"SyncPeriod must be > 0": {
 			config: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: -5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPTablesConfiguration.SyncPeriod"), metav1.Duration{Duration: -5 * time.Second}, "must be greater than 0"),
 				field.Invalid(newPath.Child("KubeIPTablesConfiguration.SyncPeriod"), metav1.Duration{Duration: 2 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.KubeIPTablesConfiguration.MinSyncPeriod")},
 		},
 		"MinSyncPeriod must be > 0": {
 			config: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 				MasqueradeBit: ptr.To[int32](5),
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: -1 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPTablesConfiguration.MinSyncPeriod"), metav1.Duration{Duration: -1 * time.Second}, "must be greater than or equal to 0")},
 		},
 		"MasqueradeBit cannot be < 0": {
 			config: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 				MasqueradeBit: ptr.To[int32](-10),
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPTablesConfiguration.MasqueradeBit"), ptr.To[int32](-10), "must be within the range [0, 31]")},
 		},
 		"SyncPeriod must be >= MinSyncPeriod": {
 			config: kubeproxyconfig.KubeProxyIPTablesConfiguration{
 				MasqueradeBit: ptr.To[int32](5),
 				SyncPeriod:    metav1.Duration{Duration: 1 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 5 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPTablesConfiguration.SyncPeriod"), metav1.Duration{Duration: 5 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.KubeIPTablesConfiguration.MinSyncPeriod")},
 		},
 	} {
 		t.Run(name, func(t *testing.T) {
 			errs := validateKubeProxyIPTablesConfiguration(testCase.config, newPath.Child("KubeIPTablesConfiguration"))
@ -277,60 +253,8 @@ func TestValidateKubeProxyIPVSConfiguration(t *testing.T) {
 		config       kubeproxyconfig.KubeProxyIPVSConfiguration
 		expectedErrs field.ErrorList
 	}{
 		"SyncPeriod is not greater than 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: -5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 2 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPVSConfiguration.SyncPeriod"), metav1.Duration{Duration: -5 * time.Second}, "must be greater than 0"),
 				field.Invalid(newPath.Child("KubeIPVSConfiguration.SyncPeriod"), metav1.Duration{Duration: 2 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.KubeIPVSConfiguration.MinSyncPeriod")},
 		},
 		"SyncPeriod cannot be 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 0 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPVSConfiguration.SyncPeriod"), metav1.Duration{Duration: 0}, "must be greater than 0"),
 				field.Invalid(newPath.Child("KubeIPVSConfiguration.SyncPeriod"), metav1.Duration{Duration: 10 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.KubeIPVSConfiguration.MinSyncPeriod")},
 		},
 		"MinSyncPeriod cannot be less than 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: -1 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPVSConfiguration.MinSyncPeriod"), metav1.Duration{Duration: -1 * time.Second}, "must be greater than or equal to 0")},
 		},
 		"SyncPeriod must be greater than MinSyncPeriod": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 1 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 5 * time.Second},
 			},
 			expectedErrs: field.ErrorList{field.Invalid(newPath.Child("KubeIPVSConfiguration.SyncPeriod"), metav1.Duration{Duration: 5 * time.Second}, "must be greater than or equal to KubeProxyConfiguration.KubeIPVSConfiguration.MinSyncPeriod")},
 		},
 		"SyncPeriod == MinSyncPeriod": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 10 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 10 * time.Second},
 			},
 			expectedErrs: field.ErrorList{},
 		},
 		"SyncPeriod should be > MinSyncPeriod": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 10 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 5 * time.Second},
 			},
 			expectedErrs: field.ErrorList{},
 		},
 		"MinSyncPeriod can be 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				MinSyncPeriod: metav1.Duration{Duration: 0 * time.Second},
 			},
 			expectedErrs: field.ErrorList{},
 		},
 		"IPVS Timeout can be 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				TCPTimeout:    metav1.Duration{Duration: 0 * time.Second},
 				TCPFinTimeout: metav1.Duration{Duration: 0 * time.Second},
 				UDPTimeout:    metav1.Duration{Duration: 0 * time.Second},
@ -339,7 +263,6 @@ func TestValidateKubeProxyIPVSConfiguration(t *testing.T) {
 		},
 		"IPVS Timeout > 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				TCPTimeout:    metav1.Duration{Duration: 1 * time.Second},
 				TCPFinTimeout: metav1.Duration{Duration: 2 * time.Second},
 				UDPTimeout:    metav1.Duration{Duration: 3 * time.Second},
@ -348,7 +271,6 @@ func TestValidateKubeProxyIPVSConfiguration(t *testing.T) {
 		},
 		"TCP,TCPFin,UDP Timeouts < 0": {
 			config: kubeproxyconfig.KubeProxyIPVSConfiguration{
 				SyncPeriod:    metav1.Duration{Duration: 5 * time.Second},
 				TCPTimeout:    metav1.Duration{Duration: -1 * time.Second},
 				UDPTimeout:    metav1.Duration{Duration: -1 * time.Second},
 				TCPFinTimeout: metav1.Duration{Duration: -1 * time.Second},
--- a/pkg/proxy/apis/config/validation/validation_windows_test.go
+++ b/pkg/proxy/apis/config/validation/validation_windows_test.go
@ -1,32 +0,0 @@
 //go:build windows
 // +build windows
 /*
 Copyright 2024 The Kubernetes Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package validation
 import (
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/config"
 )
 var (
 	osKubeProxyConfigTestCases = map[string]struct {
 		mutateConfigFunc func(*kubeproxyconfig.KubeProxyConfiguration)
 		expectedErrs     field.ErrorList
 	}{}
 )
--- a/pkg/proxy/apis/config/zz_generated.deepcopy.go
+++ b/pkg/proxy/apis/config/zz_generated.deepcopy.go
@ -67,6 +67,8 @@ func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) {
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	out.ConfigSyncPeriod = in.ConfigSyncPeriod
 	return
 }
@ -140,8 +142,6 @@ func (in *KubeProxyIPTablesConfiguration) DeepCopyInto(out *KubeProxyIPTablesCon
 		*out = new(bool)
 		**out = **in
 	}
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	return
 }
@ -158,8 +158,6 @@ func (in *KubeProxyIPTablesConfiguration) DeepCopy() *KubeProxyIPTablesConfigura
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *KubeProxyIPVSConfiguration) DeepCopyInto(out *KubeProxyIPVSConfiguration) {
 	*out = *in
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	if in.ExcludeCIDRs != nil {
 		in, out := &in.ExcludeCIDRs, &out.ExcludeCIDRs
 		*out = make([]string, len(*in))
@ -211,8 +209,6 @@ func (in *KubeProxyNFTablesConfiguration) DeepCopyInto(out *KubeProxyNFTablesCon
 		*out = new(int32)
 		**out = **in
 	}
 	out.SyncPeriod = in.SyncPeriod
 	out.MinSyncPeriod = in.MinSyncPeriod
 	return
 }