in controllers/daemon/staticgatewayconfiguration_controller.go [781:856]
func (r *StaticGatewayConfigurationReconciler) reconcileVethPair(
ctx context.Context,
gwns ns.NetNS,
vmPrimaryIP string,
vmSecondaryIP string,
) error {
log := log.FromContext(ctx)
if err := r.reconcileVethPairInHost(ctx, gwns, vmSecondaryIP); err != nil {
return fmt.Errorf("failed to reconcile veth pair in host namespace: %w", err)
}
return gwns.Do(func(nn ns.NetNS) error {
hostLink, err := r.Netlink.LinkByName(consts.HostLinkName)
if err != nil {
return fmt.Errorf("failed to get host link in gateway namespace: %w", err)
}
_, snatIPNet, err := net.ParseCIDR(vmSecondaryIP + "/32")
if err != nil {
return fmt.Errorf("failed to parse SNAT IP(%s) for host interface: %w", vmSecondaryIP+"/32", err)
}
hostLinkAddr := netlink.Addr{IPNet: snatIPNet}
hostLinkAddrs, err := r.Netlink.AddrList(hostLink, nl.FAMILY_ALL)
if err != nil {
return fmt.Errorf("failed to retrieve address list from wireguard link: %w", err)
}
foundLink := false
for _, addr := range hostLinkAddrs {
if addr.Equal(hostLinkAddr) {
log.Info("Found host link address in gateway namespace")
foundLink = true
break
}
}
if !foundLink {
log.Info("Adding host link address in gateway namespace")
err = r.Netlink.AddrAdd(hostLink, &hostLinkAddr)
if err != nil {
return fmt.Errorf("failed to add host link address in gateway namespace: %w", err)
}
}
err = r.Netlink.LinkSetUp(hostLink)
if err != nil {
return fmt.Errorf("failed to set host link up: %w", err)
}
_, vmSnatCidr, err := net.ParseCIDR(vmPrimaryIP + "/32")
if err != nil {
return fmt.Errorf("failed to parse CIDR %s/32: %w", vmPrimaryIP+"/32", err)
}
err = r.addOrReplaceRoute(ctx, &netlink.Route{
LinkIndex: hostLink.Attrs().Index,
Scope: netlink.SCOPE_LINK,
Dst: vmSnatCidr,
})
if err != nil {
return fmt.Errorf("failed to create route to VM primary IP %s via gateway interface: %w", vmPrimaryIP, err)
}
err = r.addOrReplaceRoute(ctx, &netlink.Route{
LinkIndex: hostLink.Attrs().Index,
Scope: netlink.SCOPE_UNIVERSE,
Dst: nil,
Gw: net.ParseIP(vmPrimaryIP),
})
if err != nil {
return fmt.Errorf("failed to create default route via %s: %w", vmPrimaryIP, err)
}
return nil
})
}