Skip to content

Remove node address from VPP tap0 #854

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sknat wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Remove node address from VPP tap0 #854

sknat wants to merge 1 commit into from

Conversation

@sknat
Copy link
Collaborator

@sknat sknat commented Dec 5, 2025
edited
Loading

This patch removes the nodeIP from the tap0 interface in VPP.
With this patch, for each uplink interface eth0 with IP 192.168.0.1/24
we create a corresponding tap0 set up the following way:

  • In VRF:0
    • we create the af_packet interface with IP 192.168.0.1/24
    • we receive 192.168.0.1/32 locally, traffic to 192.168.0.1 without listeners
      will end up in punt
  • In the punt table
    • we route 192.168.0.1/24 via tap0 192.168.0.1
  • In linux
    • tap0 has the 192.168.0.1/24 address
    • tap0 will respond to ARPs as VPP has arp proxy enabled
  • In a host-tap-eth0-v4 VRF
    • we place the tap0 interface
    • we give it the 169.254.0.1/32 address, overridable with CALICOVPP_TAP0_ADDR
    • we enable IP6 without setting an address
    • we add a static neighbor for 192.168.0.1 to the MAC of the linux side of the tap
  • If we specify a rule in redirectToHostRules (e.g. for DNS in kind)
    • we will have the classifier entry redirect to tap0 192.168.0.1

Signed-off-by: Nathan Skrzypczak [email protected]

@sknat sknat requested a review from aritrbas December 5, 2025 18:01
aritrbas
aritrbas reviewed Dec 6, 2025
View reviewed changes
@sknat sknat self-assigned this Dec 8, 2025
@sknat
Remove node address from VPP tap0
04af345 
This patch removes the nodeIP from the tap0 interface in VPP.
With this patch, for each uplink interface eth0 with IP 192.168.0.1/24
we create a corresponding tap0 set up the following way:

* In VRF:0
  * we create the af_packet interface with IP 192.168.0.1/24
  * we receive 192.168.0.1/32 locally, traffic to 192.168.0.1 without listeners
    will end up in punt
* In the punt table
  * we route 192.168.0.1/24 via tap0 192.168.0.1
* In linux
  * tap0 has the 192.168.0.1/24 address
  * tap0 will respond to ARPs as VPP has arp proxy enabled
* In a host-tap-eth0-v4 VRF
  * we place the tap0 interface
  * we give it the 169.254.0.1/32 address, overridable with CALICOVPP_TAP0_ADDR
  * we enable IP6 without setting an address
  * we add a static neighbor for 192.168.0.1 to the MAC of the linux side of the tap
* If we specify a rule in redirectToHostRules (e.g. for DNS in kind)
  * we will have the classifier entry redirect to tap0 192.168.0.1

Signed-off-by: Nathan Skrzypczak <[email protected]>
@sknat sknat force-pushed the nsk-tap0-networking-fix branch from a3057c7 to 04af345 Compare December 9, 2025 17:24
@sknat sknat changed the title No nodeIP on VPP tap0 Remove node address from VPP tap0 Dec 9, 2025
@sknat sknat marked this pull request as ready for review December 9, 2025 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aritrbas aritrbas aritrbas approved these changes

Assignees

@sknat sknat

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sknat @aritrbas