Skip to content

Commit

Permalink
fix mss rule
Browse files Browse the repository at this point in the history
  • Loading branch information
@fanriming
fanriming committed May 9, 2021
1 parent d0ca5b0 commit 0708920
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion pkg/daemon/gateway.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -451,7 +451,12 @@ func (c *Controller) getOtherNodes(protocol string) ([]string, error) {
//The network application in pod will calculate the TCP MSS according to the MTU of docker0, and then initiate communication with others. After the other party sends a response, the kernel protocol stack of Linux host will send ICMP unreachable message to the other party, indicating that IP fragmentation is needed, which is not supported by the other party, resulting in communication failure.
func (c *Controller) appendMssRule() {
if c.config.Iface != "" && c.config.MSS > 0 {
rule := fmt.Sprintf("-p tcp --tcp-flags SYN,RST SYN -o %s -j TCPMSS --set-mss %d", c.config.Iface, c.config.MSS)
iface, err := findInterface(c.config.Iface)
if err != nil {
klog.Errorf("failed to findInterface, %v", err)
return
}
rule := fmt.Sprintf("-p tcp --tcp-flags SYN,RST SYN -o %s -j TCPMSS --set-mss %d", iface.Name, c.config.MSS)
MssMangleRule := util.IPTableRule{
Table: "mangle",
Chain: "POSTROUTING",
Expand Down

0 comments on commit 0708920

Please sign in to comment.