sbr: Move source interface rule creation out of ipCfg loop

The outbound interface rule does not reference anything from ipCfg so should not be
in the loop.

Signed-off-by: Neil Cook <[email protected]>

Author: neilcook

plugins/meta/sbr/main.go

@@ -259,17 +259,6 @@ func doRoutes(ipCfgs []*current.IPConfig, iface string) error {
 			return fmt.Errorf("Failed to add src rule: %v", err)
 		}
 
-		// Only add an interface rule if there is 1 IP address configured on the interface
-		if len(ipCfgs) == 1 {
-			interfaceRule := netlink.NewRule()
-			interfaceRule.Table = table
-			log.Printf("Interface to use %s", iface)
-			interfaceRule.OifName = iface
-
-			if err = netlink.RuleAdd(interfaceRule); err != nil {
-				return fmt.Errorf("Failed to add interface rule: %v", err)
-			}
-		}
 		// Add a default route, since this may have been removed by previous
 		// plugin.
 		if ipCfg.Gateway != nil {
@@ -330,6 +319,18 @@ func doRoutes(ipCfgs []*current.IPConfig, iface string) error {
 		table = getNextTableID(rules, routes, table)
 	}
 
+	// Add an interface rule, only if there is a single IP address configured on the interface
+	if len(ipCfgs) == 1 {
+		interfaceRule := netlink.NewRule()
+		interfaceRule.Table = table
+		log.Printf("Interface to use %s", iface)
+		interfaceRule.OifName = iface
+
+		if err = netlink.RuleAdd(interfaceRule); err != nil {
+			return fmt.Errorf("Failed to add interface rule: %v", err)
+		}
+	}
+
 	// Delete all the interface routes in the default routing table, which were
 	// copied to source based routing tables.
 	// Not deleting them while copying to accommodate for multiple ipCfgs from