I am trying to set up srv6 as documented https://segment-routing.org/index.php/Implementation/Configuration in Kubernetes containerenvironment between the Pods. As per the link "Note: all SRv6 configuration parameters are defined per-namespace." So I assume that it should work fine in containers.

Host kernel version - 5.8.0-41, Host OS Ubuntu 20.10

network setup -

1. There are two ipv6 subnet fcff:fffe::0E01:2000/123 and fcff:fffe::0E01:2020/123

Source pod has having IP fcff:fffe::e01:2010 from first subnet fcff:fffe::0E01:2000/123 will send packet to destination IPfcff:fffe::e01:2031 from second subnet fcff:fffe::0E01:2020/123 via Srv6 ingress node/transit node and 4 endpoint nodes.

So flow of traffic should be - sender -> ingress node -> end_point_1 ->end_point_2 -> end_point_3 -> egress node -> destination

in all the Pods/nodes, following kernel parameters are setupsysctl -w net.ipv6.conf.<all/default/lo/all interface>.seg6_enabled=1sysctl -w net.ipv6.conf.<all/default/lo/all interface>.forwarding=1

On the Ingress node/Pod which will receive the packet from source, I setup the following routeip -6 route add fcff:fffe::e01:2020/123 encap seg6 mode encap segs 2001:0:0:3::,2001:0:0:4::,2001:0:0:5::,2001:0:0:2:: dev eth1

Here fcff:fffe::e01:2020/123 is the destination subnet.2001:0:0:3::,2001:0:0:4::,2001:0:0:5::,2001:0:0:2:: are the /64 segment id of 4 end points

For each of the end point nodes/pods, local sid is created

end_point_1echo 100 localsid >> /etc/iproute2/rt_tablesip -6 rule add to 2001:0:0:3::/64 lookup localsidip -6 route add blackhole default table localsidip -6 route add 2001:0:0:3::/64 encap seg6local action End dev eth1 table localsid

end_point_2echo 100 localsid >> /etc/iproute2/rt_tablesip -6 rule add to 2001:0:0:4::/64 lookup localsidip -6 route add blackhole default table localsidip -6 route add 2001:0:0:4::/64 encap seg6local action End dev eth1 table localsid

end_point_3echo 100 localsid >> /etc/iproute2/rt_tablesip -6 rule add to 2001:0:0:5::/64 lookup localsidip -6 route add blackhole default table localsidip -6 route add 2001:0:0:5::/64 encap seg6local action End dev eth1 table localsid

Egress

echo 100 localsid >> /etc/iproute2/rt_tablesip -6 rule add to 2001:0:0:2::/64 lookup localsidip -6 route add blackhole default table localsidip -6 route add 2001:0:0:2::/64 encap seg6local action End.DX6 nh6 fcff:fffe::e01:2031 dev eth1 table localsid

Here fcff:fffe::e01:2031 is the destination address.

I did a ping test from source IP to destination IP. tcpdump collected from ingress node shows ping received from source to thisnode but although srv6 enabled along with following route is set, it's not encapsulating the received IPv6 packet and sending tothe next endpoint having SID 2001:0:0:3::/64.

ip -6 route

fcff:fffe::e01:2020/123 encap seg6 mode encap segs 4 [ 2001:0:0:3:: 2001:0:0:4:: 2001:0:0:5:: 2001:0:0:2:: ] dev eth1 metric 1024 pref medium

Can anyone point me out what is missing in the configuration?