Lab3.3: Step 6 Check for tunnel interfaces

ehj52n

I am using the following setup:

• OS: Ubuntu 22.04.3 LTS with 4vCPUs and 8GB RAM
• k8s: v1.27.1
• cilium: v1.14.1

I see the following network interfaceson the control plane VM:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:9f:9e:3e brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.85/24 metric 100 brd 192.168.122.255 scope global dynamic enp1s0
       valid_lft 2784sec preferred_lft 2784sec
    inet6 fe80::5054:ff:fe9f:9e3e/64 scope link 
       valid_lft forever preferred_lft forever
3: cilium_net@cilium_host: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 76:84:ba:db:63:11 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::7484:baff:fedb:6311/64 scope link 
       valid_lft forever preferred_lft forever
4: cilium_host@cilium_net: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 56:e1:59:c7:bf:7a brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.20/32 scope global cilium_host
       valid_lft forever preferred_lft forever
    inet6 fe80::54e1:59ff:fec7:bf7a/64 scope link 
       valid_lft forever preferred_lft forever
5: cilium_vxlan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether ae:a5:7a:7d:e7:54 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::aca5:7aff:fe7d:e754/64 scope link 
       valid_lft forever preferred_lft forever
7: lxc_health@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 2a:29:b8:57:ca:ea brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::2829:b8ff:fe57:caea/64 scope link 
       valid_lft forever preferred_lft forever
9: lxc903dbdf31637@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether e2:0d:bd:02:3b:d7 brd ff:ff:ff:ff:ff:ff link-netns cni-5cacffd1-f3f2-f707-45ea-2da93f0ef327
    inet6 fe80::e00d:bdff:fe02:3bd7/64 scope link 
       valid_lft forever preferred_lft forever
11: lxc61433227e22c@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether e6:37:ec:9c:db:46 brd ff:ff:ff:ff:ff:ff link-netns cni-17fe8e6c-3747-5871-62d5-7095926209cc
    inet6 fe80::e437:ecff:fe9c:db46/64 scope link 
       valid_lft forever preferred_lft forever

Is there no tun0 because cilium's implementation changed, or did I do something wrong?

How can I verify, that my set-up is working correctly?

fazlur.khan

Hello,

Calico used tunl0 is an IPIP tunnel for encapsulating pod traffic. We will update the labs to remove the Calico and tunl0 reference from the lab section. We are currently using the Cilium as CNI.

You can use sudo tcpdump -i cilium_host or sudo tcpdump -i cilium_vxlan as well to verify.

From the output I see above, everything looks fine.

thank you

ehj52n

In one of the next steps, I used sudo tcpdump -i cilium_vxlan and it worked like a charm.

Hence, everything is okay. Thank you very much for your response!