fix dualnic windows duplicated routes issue #4136
Open
+82
−13
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Copilot finished reviewing on behalf of
paulyufan2
November 20, 2025 16:23
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR addresses duplicated route issues in dual NIC Windows scenarios by introducing a conditional check on the SkipDefaultRoutes flag before adding default routes in multitenancy configurations. The fix refactors the routing logic to be more defensive about when routes are added, preventing HNS (Host Network Service) from receiving duplicate default routes.
Key Changes:
- Introduced new
addDefaultRoutemethod on theMultitenancystruct with IPv4 gateway validation and proper error handling - Added conditional route addition based on
SkipDefaultRoutesflag to prevent duplicate routes in dual NIC scenarios - Enhanced test coverage with a new test case verifying that routes are not added when
SkipDefaultRoutes=true
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| cni/network/multitenancy.go | Added new receiver method addDefaultRoute with IP validation; refactored SetupRoutingForMultitenancy to check SkipDefaultRoutes before adding default routes; removed DNS SNAT route handling from the non-SNAT path |
| cni/network/multitenancy_test.go | Updated existing test case name for clarity; added new test case for SkipDefaultRoutes=true scenario; improved code formatting and added missing multitenancyClient initialization |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
paulyufan2
commented
Nov 24, 2025
Co-authored-by: Copilot <[email protected]> Signed-off-by: Paul Yu <[email protected]>
Co-authored-by: Copilot <[email protected]> Signed-off-by: Paul Yu <[email protected]>
Contributor
Author
|
/azp run Azure Container Networking PR |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
/azp run Azure Container Networking PR |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
/azp run Azure Container Networking PR |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
/azp run Azure Container Networking PR |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reason for Change:
This PR is to fix dualnic windows duplicated route issues
Once DNS config sets skipDefaultRoute to True, then do not set default route on this interface. For example:
eth0(skipDefaultRoute=False) -> CNI sets default route to eth0 interface
eth1(skipDefaultRoute=True) -> CNI does not set default route to eth1 interface and leave Routes field as empty.
We are providing two HCN endpoints to HNS:
Endpoint 1 (eth0) – includes a default route.
Endpoint 2 (eth1) – the Routes field is empty, i.e. we are not supplying any route for this endpoint. The only default route we configure is on the first HCN endpoint.
Issue Fixed:
Requirements:
Notes: