Bugfix: fix incorrect Pod eth0 MTU when using WireGuard

When the WireGuard tunnel is enabled, the Pod eth0's MTU is not correct. The MTU only deducts Geneve overhead because the default tunnel type is Geneve. This patch check the TrafficEncryptionMode when calculate the MTU deduction, when the TrafficEncryptionMode is WireGuard, then it will deducts the WG overhead.
antrea-io · Jan 15, 2024 · c928995 · c928995
1 parent 48d7f7b
commit c928995
Showing 1 changed file with 12 additions and 6 deletions.
diff --git a/pkg/agent/config/node_config.go b/pkg/agent/config/node_config.go
@@ -268,12 +268,18 @@ func (nc *NetworkConfig) CalculateMTUDeduction(isIPv6 bool) int {
 	var mtuDeduction int
 	// When Multi-cluster Gateway is enabled, we need to reduce MTU for potential cross-cluster traffic.
 	if nc.TrafficEncapMode.SupportsEncap() || nc.EnableMulticlusterGW {
-		if nc.TunnelType == ovsconfig.VXLANTunnel {
-			mtuDeduction = vxlanOverhead
-		} else if nc.TunnelType == ovsconfig.GeneveTunnel {
-			mtuDeduction = geneveOverhead
-		} else if nc.TunnelType == ovsconfig.GRETunnel {
-			mtuDeduction = greOverhead
+		if nc.TrafficEncryptionMode == TrafficEncryptionModeWireGuard {
+			mtuDeduction = WireGuardOverhead
+		} else if nc.TrafficEncryptionMode == TrafficEncryptionModeIPSec {
+			mtuDeduction = IPSecESPOverhead
+		} else {
+			if nc.TunnelType == ovsconfig.VXLANTunnel {
+				mtuDeduction = vxlanOverhead
+			} else if nc.TunnelType == ovsconfig.GeneveTunnel {
+				mtuDeduction = geneveOverhead
+			} else if nc.TunnelType == ovsconfig.GRETunnel {
+				mtuDeduction = greOverhead
+			}
 		}
 	}