google · aman0408 · Nov 12, 2025 · aojea · Nov 12, 2025
diff --git a/pkg/driver/netnamespace.go b/pkg/driver/netnamespace.go
@@ -81,10 +81,34 @@ func applyRoutingConfig(containerNsPAth string, ifName string, routeConfig []api
 		if route.Source != "" {
 			r.Src = net.ParseIP(route.Source)
 		}
+
+		// List existing routes to check for duplicates.
+		existingRoutes, err := nhNs.RouteList(nsLink, netlink.FAMILY_ALL)
+		if err != nil {
+			errorList = append(errorList, fmt.Errorf("failed to list routes for interface %s: %w", ifName, err))
+			continue
+		}
+
+		// Check if the route already exists.
+		alreadyExists := false
+		for _, existingRoute := range existingRoutes {
+			if existingRoute.Dst != nil && r.Dst != nil &&
+				existingRoute.Dst.String() == r.Dst.String() &&
+				existingRoute.Gw.Equal(r.Gw) &&
+				existingRoute.Src.Equal(r.Src) &&
+				existingRoute.Scope == r.Scope {
+				alreadyExists = true
+				break
+			}
+		}
+
+		if alreadyExists {
+			continue
+		}
+
 		if err := nhNs.RouteAdd(&r); err != nil && !errors.Is(err, syscall.EEXIST) {
 			errorList = append(errorList, fmt.Errorf("fail to add route %s for interface %s on namespace %s: %w", r.String(), ifName, containerNsPAth, err))
 		}
-
 	}
 	return errors.Join(errorList...)
 }

diff --git a/pkg/driver/netnamespace_test.go b/pkg/driver/netnamespace_test.go
@@ -17,9 +17,147 @@ limitations under the License.
 package driver
 
 import (
+	"fmt"
+	"runtime"
 	"testing"
+
+	"github.com/google/dranet/internal/nlwrap"
+	"github.com/google/dranet/pkg/apis"
+	"github.com/vishvananda/netlink"
+	"github.com/vishvananda/netns"
 )
 
-func Test_applyRoutingConfig(t *testing.T) {
-	// TODO: see hostdevice_test.go and ethtool_test.go
-}
+func TestApplyRoutingConfig(t *testing.T) {
+	if runtime.GOOS != "linux" {
+		t.Skip("Skipping test on non-linux platform")
+	}
+
+	tests := []struct {
+		name          string
+		preAddrs      []string
+		routeConfig   []apis.RouteConfig
+		family        int
+		expectedDest  string
+		expectedCount int
+		expectErr     bool
+	}{
+		{
+			name:     "IPv6 route already exists",
+			preAddrs: []string{"fd36::3:0:e:0:0/96"},
+			routeConfig: []apis.RouteConfig{
+				{Destination: "fd36::3:0:e:0:0/96"},
+			},
+			family:        netlink.FAMILY_V6,
+			expectedDest:  "fd36::3:0:e:0:0/96",
+			expectedCount: 1,
+		},
+		{
+			name:     "IPv6 route does not exist",
+			preAddrs: []string{},
+			routeConfig: []apis.RouteConfig{
+				{Destination: "fd36:3:0:f::/64"},
+			},
+			family:        netlink.FAMILY_V6,
+			expectedDest:  "fd36:3:0:f::/64",
+			expectedCount: 1,
+		},
+		{
+			name:     "IPv4 route already exists",
+			preAddrs: []string{"192.168.1.1/24"},
+			routeConfig: []apis.RouteConfig{
+				{Destination: "192.168.1.0/24"},
+			},
+			family:        netlink.FAMILY_V4,
+			expectedDest:  "192.168.1.0/24",
+			expectedCount: 1,
+		},
+		{
+			name:     "IPv4 route does not exist",
+			preAddrs: []string{},
+			routeConfig: []apis.RouteConfig{
+				{Destination: "10.0.0.0/8"},
+			},
+			family:        netlink.FAMILY_V4,
+			expectedDest:  "10.0.0.0/8",
+			expectedCount: 1,
+		},
+		{
+			name:          "Empty route config",
+			preAddrs:      []string{"192.168.1.1/24"},
+			routeConfig:   []apis.RouteConfig{},
+			family:        netlink.FAMILY_V4,
+			expectedDest:  "192.168.1.0/24",
+			expectedCount: 1,
+		},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			ns, err := netns.New()
+			if err != nil {
+				t.Fatalf("failed to create new netns: %v", err)
+			}
+			defer ns.Close()
+
+			ifName := "test-eth0"
+			dummy := &netlink.Dummy{
+				LinkAttrs: netlink.LinkAttrs{
+					Name:      ifName,
+					Namespace: netlink.NsFd(ns),
+				},
+			}
+			if err := netlink.LinkAdd(dummy); err != nil {
+				t.Fatalf("failed to add dummy link: %v", err)
+			}
+
+			nhNs, err := nlwrap.NewHandleAt(ns)
+			if err != nil {
+				t.Fatalf("failed to get netlink handle in namespace: %v", err)
+			}
+			defer nhNs.Close()
+
+			nsLink, err := nhNs.LinkByName(ifName)
+			if err != nil {
+				t.Fatalf("failed to find link %q in namespace: %v", ifName, err)
+			}
+
+			if err := nhNs.LinkSetUp(nsLink); err != nil {
+				t.Fatalf("failed to set link up: %v", err)
+			}
+
+			for _, addrStr := range tc.preAddrs {
+				addr, err := netlink.ParseAddr(addrStr)
+				if err != nil {
+					t.Fatalf("failed to parse address %q: %v", addrStr, err)
+				}
+				if err := nhNs.AddrAdd(nsLink, addr); err != nil {
+					t.Fatalf("failed to add address to link: %v", err)
+				}
+			}
+
+			err = applyRoutingConfig(fmt.Sprintf("/proc/self/fd/%d", ns), ifName, tc.routeConfig)
+			if (err != nil) != tc.expectErr {
+				t.Fatalf("applyRoutingConfig() error = %v, wantErr %v", err, tc.expectErr)
+			}
+			if err != nil {
+				return
+			}
+
+			routes, err := nhNs.RouteList(nsLink, tc.family)
+			if err != nil {
+				t.Fatalf("failed to list routes: %v", err)
+			}
+
+			routeCount := 0
+			for _, r := range routes {
+				if r.Dst != nil && r.Dst.String() == tc.expectedDest {
+					routeCount++
+				}
+			}
+
+			if routeCount != tc.expectedCount {
+				t.Errorf("found %d routes for dest %s, expected %d", routeCount, tc.expectedDest, tc.expectedCount)
+			}
+		})
+	}
+}