dns cache and tcp pipelining

enable dns cache by default, it has the proper guardrails to avoid to
break clusters, if anything fails processing the packet it falls back to
the dataplane.

cmd/kindnetd/main.go

@@ -88,7 +88,7 @@ func init() {
 	flag.BoolVar(&networkpolicies, "network-policy", true, "If set, enable Network Policies (default true)")
 	flag.BoolVar(&adminNetworkPolicy, "admin-network-policy", false, "If set, enable Admin Network Policies (default false)")
 	flag.BoolVar(&baselineAdminNetworkPolicy, "baseline-admin-network-policy", false, "If set, enable Baseline Admin Network Policies (default false)")
-	flag.BoolVar(&dnsCaching, "dns-caching", false, "If set, enable Kubernetes DNS caching (default false)")
+	flag.BoolVar(&dnsCaching, "dns-caching", true, "If set, enable Kubernetes DNS caching (default true)")
 	flag.BoolVar(&nat64, "nat64", true, "If set, enable NAT64 using the reserved prefix 64:ff9b::/96 on IPv6 only clusters (default true)")
 	flag.StringVar(&hostnameOverride, "hostname-override", "", "If non-empty, will be used as the name of the Node that kube-network-policies is running on. If unset, the node name is assumed to be the same as the node's hostname.")
 	flag.BoolVar(&masquerading, "masquerading", true, "masquerade with the Node IP the cluster to external traffic (default true)")
@@ -262,9 +262,7 @@ func main() {
 	}
 
 	// create a dnsCacheAgent
-	// TODO: support IPv6
-	dnsCaching = false // EXPERIMENTAL: it does not work fine
-	if dnsCaching && ipFamily == IPv4Family {
+	if dnsCaching {
 		klog.Infof("caching DNS cluster traffic")
 		dnsCacheAgent, err := dnscache.NewDNSCacheAgent(nodeName, nodeInformer)
 		if err != nil {

cmd/test/main.go

@@ -0,0 +1,55 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"sort"
+
+	"github.com/vishvananda/netlink"
+)
+
+func main() {
+	fmt.Println("DEFAULT GW", GetDefaultGwInterface(netlink.FAMILY_ALL))
+
+	fmt.Println("DEFAULT MTU", getDefaultGwInterfaceMTU())
+
+}
+
+func GetDefaultGwInterface(ipFamily int) string {
+	routes, err := netlink.RouteList(nil, ipFamily)
+	if err != nil {
+		return ""
+	}
+
+	for _, r := range routes {
+		fmt.Printf("1 route %s\n", r.String())
+	}
+	return ""
+}
+
+func getDefaultGwInterfaceMTU() int {
+	_, defaultDst, _ := net.ParseCIDR("0.0.0.0/0")
+	routes, err := netlink.RouteListFiltered(netlink.FAMILY_ALL, &netlink.Route{Dst: defaultDst}, netlink.RT_FILTER_DST)
+	if err != nil {
+		return 0
+	}
+	if len(routes) == 0 {
+		return 0
+	}
+	// use the route with higher priority
+	sort.Slice(routes, func(i, j int) bool {
+		return routes[i].Priority < routes[j].Priority
+	})
+	// use the mtu of the first interface
+	for _, r := range routes {
+		fmt.Printf("2 route %s\n", r.String())
+
+		intfLink, err := netlink.LinkByIndex(r.LinkIndex)
+		if err != nil {
+			fmt.Printf("Failed to get interface link for route %v : %v", r, err)
+			continue
+		}
+		return intfLink.Attrs().MTU
+	}
+	return 0
+}

install-kindnet.yaml

@@ -95,7 +95,7 @@ spec:
       containers:
       - name: kindnet-cni
         image: ghcr.io/aojea/kindnetd:stable
-        args:
+        command:
         - /bin/kindnetd
         - --hostname-override=$(NODE_NAME)
         - --v=2