fix: replace arping with ping

arping command won't update the ARP table as it is not initiated by the kernel. Using ping instead.
For this reason we are switching to ping and checking the ip neighbor to avoid parsing any output for ping or arping commands directly

Signed-off-by: Michael Filanov <[email protected]>

Author: filanov

Dockerfile

@@ -44,7 +44,7 @@ FROM nvcr.io/nvidia/doca/doca:3.1.0-full-rt-host
 
 RUN apt update && apt install -y \
     iproute2 \
-    iputils-arping
+    iputils-ping
 
 WORKDIR /
 COPY --from=builder /workspace/build/flowcontroller .

internal/controller/flows.go

@@ -161,21 +161,18 @@ func (f *Flows) IsBridgeManagedByRailCNI(bridge, podID string) (bool, error) {
 }
 
 func (f *Flows) getTorMac(torIP string) (string, error) {
-	// nsenter --target 1 --net -- arping 2.0.0.3 -c 1
-	// TODO: check why it always return an error
-	_, _ = f.Exec.ExecutePrivileged(fmt.Sprintf(`arping %s -c 1 &> /dev/null`, torIP))
-	// if err != nil {
-	// 	logr.Error(err, fmt.Sprintf("failed to exec: arping %s -c 1", rail.Tor))
-	// 	return "", err
-	// }
-
-	reply, err := f.Exec.ExecutePrivileged(fmt.Sprintf(`ip neighbor | grep %s |  awk '{print $5}'`, torIP))
+	reply, err := f.Exec.ExecutePrivileged(fmt.Sprintf(`ping %s -c 1`, torIP))
+	if err != nil {
+		return "", fmt.Errorf("failed to exec: ping %s -c 1: reply: %s, err: %v", torIP, reply, err)
+	}
+
+	reply, err = f.Exec.ExecutePrivileged(fmt.Sprintf(`ip neighbor | grep %s |  awk '{print $5}'`, torIP))
 	if err != nil {
 		return "", fmt.Errorf("failed to get tor mac for bridge %s: reply: %s, err: %v", torIP, reply, err)
 	}
 
 	if reply == "" {
-		return "", fmt.Errorf("arp reply not found from arping %s", torIP)
+		return "", fmt.Errorf("TOR %s mac not found", torIP)
 	}
 
 	return reply, nil

internal/controller/flows_test.go

@@ -95,7 +95,7 @@ var _ = Describe("Flows", func() {
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
 
 			// Mock getting TOR MAC
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", nil)
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
 
 			// check
 			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("00:11:22:33:44:55", nil)
@@ -122,7 +122,7 @@ var _ = Describe("Flows", func() {
 			execMock.EXPECT().Execute(matchSubstring("ovs-ofctl add-flow br-rail1")).Return("", nil)
 			netlinkMock.EXPECT().LinkByName("br-rail1").Return(mockLink, nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", nil)
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
 			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("00:11:22:33:44:55", nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_uplink").Return("p0", nil)
 			// Second IP flow fails
@@ -138,7 +138,7 @@ var _ = Describe("Flows", func() {
 			execMock.EXPECT().Execute(matchSubstring("ovs-ofctl add-flow br-rail1")).Return("", nil)
 			netlinkMock.EXPECT().LinkByName("br-rail1").Return(mockLink, nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", nil)
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
 			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("00:11:22:33:44:55", nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_uplink").Return("p0", nil)
 			// Second IP flow succeeds
@@ -189,7 +189,7 @@ var _ = Describe("Flows", func() {
 			// Then it checks for TOR IP
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
 			// Then it gets TOR MAC
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", nil)
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
 			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("00:11:22:33:44:55", nil)
 			// Finally it checks for uplink
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_uplink").Return("", nil)
@@ -199,27 +199,40 @@ var _ = Describe("Flows", func() {
 			Expect(err.Error()).Should(ContainSubstring("uplink is empty"))
 		})
 
+		It("should return error if fails to ping", func() {
+			// First ARP flow succeeds
+			execMock.EXPECT().Execute(matchSubstring("ovs-ofctl add-flow br-rail1")).Return("", nil)
+			netlinkMock.EXPECT().LinkByName("br-rail1").Return(mockLink, nil)
+			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
+			// TOR MAC retrieval fails
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", fmt.Errorf("failed to get TOR MAC"))
+
+			err := flows.AddPodRailFlows(0x5, "vf0", "br-rail1", "10.0.0.1", "00:11:22:33:44:66")
+			Expect(err).Should(HaveOccurred())
+			Expect(err.Error()).Should(ContainSubstring("failed to get tor mac for bridge"))
+		})
+
 		It("should return error if fails to get TOR MAC", func() {
 			// First ARP flow succeeds
 			execMock.EXPECT().Execute(matchSubstring("ovs-ofctl add-flow br-rail1")).Return("", nil)
 			netlinkMock.EXPECT().LinkByName("br-rail1").Return(mockLink, nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
 			// TOR MAC retrieval fails
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", fmt.Errorf("failed to get TOR MAC"))
-			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("", fmt.Errorf("failed to get TOR MAC"))
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
+			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("", fmt.Errorf("error"))
 
 			err := flows.AddPodRailFlows(0x5, "vf0", "br-rail1", "10.0.0.1", "00:11:22:33:44:66")
 			Expect(err).Should(HaveOccurred())
 			Expect(err.Error()).Should(ContainSubstring("failed to get tor mac for bridge"))
 		})
 
-		It("should return error if fails to get TOR MAC from arping", func() {
+		It("should return error if fails to get TOR MAC from ping", func() {
 			// First ARP flow succeeds
 			execMock.EXPECT().Execute(matchSubstring("ovs-ofctl add-flow br-rail1")).Return("", nil)
 			netlinkMock.EXPECT().LinkByName("br-rail1").Return(mockLink, nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
 			// TOR MAC retrieval fails
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", fmt.Errorf("failed to get TOR MAC"))
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
 			execMock.EXPECT().ExecutePrivileged("ip neighbor | grep 192.168.1.1 |  awk '{print $5}'").Return("", nil)
 
 			err := flows.AddPodRailFlows(0x5, "vf0", "br-rail1", "10.0.0.1", "00:11:22:33:44:66")
@@ -233,7 +246,7 @@ var _ = Describe("Flows", func() {
 			netlinkMock.EXPECT().LinkByName("br-rail1").Return(mockLink, nil)
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_peer_ip").Return("192.168.1.1", nil)
 			// TOR MAC retrieval succeeds
-			execMock.EXPECT().ExecutePrivileged("arping 192.168.1.1 -c 1 &> /dev/null").Return("", nil)
+			execMock.EXPECT().ExecutePrivileged("ping 192.168.1.1 -c 1").Return("", nil)
 			execMock.EXPECT().ExecutePrivileged(gomock.Any()).Return("00:11:22:33:44:55", nil)
 			// Uplink retrieval fails
 			execMock.EXPECT().Execute("ovs-vsctl br-get-external-id br-rail1 rail_uplink").Return("", fmt.Errorf("failed to get uplink"))