Mastodawn

One last oddity from my NetworkPolicy project over the last few days.....

I am getting the following in my hubble logs:

Feb 22 20:48:28.333: :: (ID:16777244) <> ff02::1:ff99:2a81 (ID:16777244) Unknown L3 target address DROPPED (ICMPv6 NeighborSolicitation)
Feb 22 20:48:29.325: fe80::b85f:80ff:fed7:6193 (ID:2435) <> ff02::16 (ID:16777244) Invalid source ip DROPPED (ICMPv6 143(0))
Feb 22 20:48:29.325: fe80::b85f:80ff:fed7:6193 (ID:2435) <> ff02::2 (ID:16777244) Invalid source ip DROPPED (ICMPv6 RouterSolicitation)
Feb 22 20:49:43.117: :: (ID:9705) <> ff02::16 (ID:16777244) Invalid source ip DROPPED (ICMPv6 143(0))
Feb 22 20:49:43.213: :: (ID:16777244) <> ff02::1:ffaf:3d08 (ID:16777244) Unknown L3 target address DROPPED (ICMPv6 NeighborSolicitation)

I haven't quite gotten to the bottom of this one, I found some cilium issues that look almost relevant, but didn't get me anywhere.

I feel like I must be missing something with my cilium config?

#Homelab #Kubernetes #Cilium #IPv6

Show thread

Rachel Feb 22

The lower number IDs map to seemingly random pods, while 16777244 is world-ipv6. I am not even sure why those are being sent, Cilium doesn't provide L2 connectivity between pods?

Show thread

JPL Feb 22

@rachel Are you sure the fe80::b85f:80ff:fed7:6193 isn't the address of your router? Because it sure tries to act as one.

The ff02::1:... are just usual multicast addresses used for neighbor solicitations. Since they are coming from ::, it's probably actually DAD.

All in all, this sounds like Cilium is dropping traffic from your external network interface, not from a pod's. Or that pod is very confused and doesn't expect to be a pod.