Network Tests: bind host network udp listeners to hostIPs

When listening on udp, the reply is sent using a src address which is the address of the gateway interface. This means that when listening to any, the reply can be sent out with a src ip which is different from the request's target ip. This confuses natting and "connectionful" udp services do not work. Here, we force the endpoint to listen from the hostIP and from podIPs, to cover both dual stack and legacy clusters. Signed-off-by: Federico Paolinelli <fpaoline@redhat.com>
2025-07-21 19:01:49 +00:00 · 2021-02-08 14:54:06 +01:00 · 2021-02-08 14:54:06 +01:00 · a0ca1fd63f
commit a0ca1fd63f
parent 9780d88cb6
1 changed files with 34 additions and 5 deletions
--- a/test/e2e/framework/network/utils.go
+++ b/test/e2e/framework/network/utils.go
@ -540,6 +540,18 @@ func (config *NetworkingTestConfig) executeCurlCmd(cmd string, expected string)
 }

 func (config *NetworkingTestConfig) createNetShellPodSpec(podName, hostname string) *v1.Pod {
+	netexecArgs := []string{
+		"netexec",
+		fmt.Sprintf("--http-port=%d", EndpointHTTPPort),
+		fmt.Sprintf("--udp-port=%d", EndpointUDPPort),
+	}
+	// In case of hostnetwork endpoints, we want to bind the udp listener to specific ip addresses.
+	// In order to cover legacy AND dualstack, we pass both the host ip and the two pod ips. Agnhost
+	// removes duplicates and so this will listen on both addresses (or on the single existing one).
+	if config.EndpointsHostNetwork {
+		netexecArgs = append(netexecArgs, "--udp-listen-addresses=$(HOST_IP),$(POD_IPS)")
+	}
+
 	probe := &v1.Probe{
 		InitialDelaySeconds: 10,
 		TimeoutSeconds:      30,
@ -568,11 +580,7 @@ func (config *NetworkingTestConfig) createNetShellPodSpec(podName, hostname stri
 					Name:            "webserver",
 					Image:           NetexecImageName,
 					ImagePullPolicy: v1.PullIfNotPresent,
-					Args: []string{
-						"netexec",
-						fmt.Sprintf("--http-port=%d", EndpointHTTPPort),
-						fmt.Sprintf("--udp-port=%d", EndpointUDPPort),
-					},
+					Args:            netexecArgs,
 					Ports: []v1.ContainerPort{
 						{
 							Name:          "http",
@ -602,6 +610,27 @@ func (config *NetworkingTestConfig) createNetShellPodSpec(podName, hostname stri
 			Protocol:      v1.ProtocolSCTP,
 		})
 	}
+
+	if config.EndpointsHostNetwork {
+		pod.Spec.Containers[0].Env = []v1.EnvVar{
+			{
+				Name: "HOST_IP",
+				ValueFrom: &v1.EnvVarSource{
+					FieldRef: &v1.ObjectFieldSelector{
+						FieldPath: "status.hostIP",
+					},
+				},
+			},
+			{
+				Name: "POD_IPS",
+				ValueFrom: &v1.EnvVarSource{
+					FieldRef: &v1.ObjectFieldSelector{
+						FieldPath: "status.podIPs",
+					},
+				},
+			},
+		}
+	}
 	return pod
 }