gvisor
gvisor copied to clipboard
google
Fix returned MTU of interfaces in gVisor
Description
ip link returns MTUs which doesn't match the respective MTU that are set for interfaces.
For example, loopback's MTU is always 65536 https://github.com/google/gvisor/blob/d59375d82e6301c08634e5d38c424fcf728ccda5/pkg/tcpip/link/loopback/loopback.go#L61-L63 ip link returns 65522
veth device's default MTU is set to 1500 per https://github.com/google/gvisor/blob/d59375d82e6301c08634e5d38c424fcf728ccda5/pkg/sentry/socket/netstack/stack.go#L200 ip link returns 1486
Steps to reproduce
$ docker run --runtime clean-d -it --rm --privileged --name docker-in-gvisor docker-in-gvisor bash
root@d9df48518b04:/# ip netns add test
root@d9df48518b04:/# ip link add name veth1234 type veth peer name eth0 netns test
root@d9df48518b04:/# ip link
3: veth1234: <UP,LOWER_UP> mtu 1486
link/ether 0a:0e:3d:89:c1:59 brd ff:ff:ff:ff:ff:ff
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65522
link/loopback 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
2: eth0: <UP,LOWER_UP> mtu 1460
link/ether 02:42:c0:a8:09:02 brd ff:ff:ff:ff:ff:ff
root@d9df48518b04:/#
runsc version
build from HEAD
docker version (if using docker)
$ docker version
Client: Docker Engine - Community
Version: 27.0.2
API version: 1.46
Go version: go1.21.11
Git commit: 912c1dd
Built: Wed Jun 26 18:47:46 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.0.2
API version: 1.46 (minimum version 1.24)
Go version: go1.21.11
Git commit: e953d76
Built: Wed Jun 26 18:47:46 2024
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: 1.7.18
GitCommit: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc:
Version: 1.7.18
GitCommit: v1.1.13-0-g58aa920
docker-init:
Version: 0.19.0
GitCommit: de40ad0
### uname
_No response_
### kubectl (if using Kubernetes)
_No response_
### repo state (if built from source)
_No response_
### runsc debug logs (if available)
_No response_
iiuc, there are some header sizes gVisor may not take into consideration.