Skip to content

Instantly share code, notes, and snippets.

@gbrayut
Created February 29, 2024 01:35
Show Gist options
  • Save gbrayut/a5979d57f503129baaf942c84008aba8 to your computer and use it in GitHub Desktop.
Save gbrayut/a5979d57f503129baaf942c84008aba8 to your computer and use it in GitHub Desktop.
GKE NLB Simple UDP Echo Server
# from https://cloud.google.com/load-balancing/docs/network/udp-with-network-load-balancing
apiVersion: v1
kind: Namespace
metadata:
name: udp-echo
---
apiVersion: v1
kind: ConfigMap
metadata:
name: echo
namespace: udp-echo
data:
server.py: |
#!/usr/bin/python3
import socket,struct
def loop_on_socket(s):
while True:
d, ctl, flg, addr = s.recvmsg(1500, 1024)
# ctl contains the destination address information
s.sendmsg(["ECHO: ".encode("utf8"),d], ctl, 0, addr)
if __name__ == "__main__":
HOST, PORT = "0.0.0.0", 60002
s = socket.socket(type=socket.SocketKind.SOCK_DGRAM)
s.setsockopt(0, # level is 0 (IPPROTO_IP)
8, # optname is 8 (IP_PKTINFO)
1)
s.bind((HOST, PORT))
loop_on_socket(s)
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: udp-echo
namespace: udp-echo
labels:
app: udp-echo
spec:
selector:
matchLabels:
app: udp-echo
template:
metadata:
labels:
app: udp-echo
spec:
containers:
- name: udp-echo
image: cgr.dev/chainguard/python:latest-dev
args: ["/scripts/server.py"]
# or for just sleep forever use:
#command: ["/bin/sleep"]
#args: ["infinity"]
ports:
- containerPort: 60002
volumeMounts:
- name: src
mountPath: /scripts
volumes:
- name: src
configMap:
name: echo
defaultMode: 0744
---
apiVersion: v1
kind: Service
metadata:
name: udp-echo
namespace: udp-echo
spec:
#ipFamilyPolicy: RequireDualStack
ports:
- port: 8000
targetPort: 60002
protocol: UDP
name: echo
selector:
app: udp-echo
type: LoadBalancer
# Test using udp client like:
echo hello | nc -vu -m1 35.192.82.200 8000
# apt install tshark inside toolbox on node, and then watch for packets with port 8000
gregbray@gke-gke-iowa-default-pool-fa46c430-p74m ~ $ toolbox
Spawning container gregbray-us.gcr.iocos-cloudtoolbox-v20230615 on /var/lib/toolbox/gregbray-us.gcr.io_cos-cloud_toolbox-v20230615.
Press ^] three times within 1s to kill container.
root@gke-gke-iowa-default-pool-fa46c430-p74m:~# tshark -f "udp port 8000" -T text
Running as user "root" and group "root". This could be dangerous.
Capturing on 'eth0'
1 0.000000000 174.162.248.150 → 35.192.82.200 UDP 48 46872 → 8000 Len=6
2 0.000365026 35.192.82.200 → 174.162.248.150 UDP 54 8000 → 46872 Len=12
# That also shows the return packet src is using NLB ip
# which doesn't seem to match https://cloud.google.com/load-balancing/docs/network/udp-with-network-load-balancing#an_issue_with_udp_return_packets
@gbrayut
Copy link
Author

gbrayut commented Feb 29, 2024

This is follow-up test from STUN example at https://gist.github.com/gbrayut/ee14dbbb7de21c67cdd25065fa67bcc9
after finding https://cloud.google.com/load-balancing/docs/network/udp-with-network-load-balancing which outlines common issue with UDP return packets for NLB on GCE, but I cannot reproduce the results on that GCE documentation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment