From c735e76033dc84357b10193e038c7ee00aa7e745 Mon Sep 17 00:00:00 2001
From: Troy Benson <troybensonsa@gmail.com>
Date: Tue, 15 Oct 2024 17:21:25 +0000
Subject: [PATCH] fix: internal ipv6 being used as external

This change undoes a check for internal IPv6 addresses to be used when
ExternalIP has been requested.
---
 source/compatibility.go |  6 ++----
 source/node.go          |  9 ---------
 source/pod.go           |  4 ++--
 source/service.go       | 10 +++-------
 4 files changed, 7 insertions(+), 22 deletions(-)

diff --git a/source/compatibility.go b/source/compatibility.go
index 1953b76ca9..3db189ff55 100644
--- a/source/compatibility.go
+++ b/source/compatibility.go
@@ -158,11 +158,9 @@ func legacyEndpointsFromDNSControllerNodePortService(svc *v1.Service, sc *servic
 			}
 			for _, address := range node.Status.Addresses {
 				recordType := suitableType(address.Address)
-				// IPv6 addresses are labeled as NodeInternalIP despite being usable externally as well.
-				if isExternal && (address.Type == v1.NodeExternalIP || (address.Type == v1.NodeInternalIP && recordType == endpoint.RecordTypeAAAA)) {
+				if isExternal && address.Type == v1.NodeExternalIP {
 					endpoints = append(endpoints, endpoint.NewEndpoint(hostname, recordType, address.Address))
-				}
-				if isInternal && address.Type == v1.NodeInternalIP {
+				} else if isInternal && address.Type == v1.NodeInternalIP {
 					endpoints = append(endpoints, endpoint.NewEndpoint(hostname, recordType, address.Address))
 				}
 			}
diff --git a/source/node.go b/source/node.go
index c35b3883e2..5f155636e7 100644
--- a/source/node.go
+++ b/source/node.go
@@ -174,18 +174,9 @@ func (ns *nodeSource) nodeAddresses(node *v1.Node) ([]string, error) {
 		v1.NodeExternalIP: {},
 		v1.NodeInternalIP: {},
 	}
-	var ipv6Addresses []string
 
 	for _, addr := range node.Status.Addresses {
 		addresses[addr.Type] = append(addresses[addr.Type], addr.Address)
-		// IPv6 addresses are labeled as NodeInternalIP despite being usable externally as well.
-		if addr.Type == v1.NodeInternalIP && suitableType(addr.Address) == endpoint.RecordTypeAAAA {
-			ipv6Addresses = append(ipv6Addresses, addr.Address)
-		}
-	}
-
-	if len(addresses[v1.NodeExternalIP]) > 0 {
-		return append(addresses[v1.NodeExternalIP], ipv6Addresses...), nil
 	}
 
 	if len(addresses[v1.NodeInternalIP]) > 0 {
diff --git a/source/pod.go b/source/pod.go
index 4a5ea4c3bf..4ca0fe1faa 100644
--- a/source/pod.go
+++ b/source/pod.go
@@ -112,7 +112,7 @@ func (ps *podSource) Endpoints(ctx context.Context) ([]*endpoint.Endpoint, error
 					for _, address := range node.Status.Addresses {
 						recordType := suitableType(address.Address)
 						// IPv6 addresses are labeled as NodeInternalIP despite being usable externally as well.
-						if address.Type == corev1.NodeExternalIP || (address.Type == corev1.NodeInternalIP && recordType == endpoint.RecordTypeAAAA) {
+						if address.Type == corev1.NodeExternalIP {
 							addToEndpointMap(endpointMap, domain, recordType, address.Address)
 						}
 					}
@@ -139,7 +139,7 @@ func (ps *podSource) Endpoints(ctx context.Context) ([]*endpoint.Endpoint, error
 					for _, address := range node.Status.Addresses {
 						recordType := suitableType(address.Address)
 						// IPv6 addresses are labeled as NodeInternalIP despite being usable externally as well.
-						if address.Type == corev1.NodeExternalIP || (address.Type == corev1.NodeInternalIP && recordType == endpoint.RecordTypeAAAA) {
+						if address.Type == corev1.NodeExternalIP {
 							addToEndpointMap(endpointMap, domain, recordType, address.Address)
 						}
 					}
diff --git a/source/service.go b/source/service.go
index ac63f9c5b1..dce23f0a9f 100644
--- a/source/service.go
+++ b/source/service.go
@@ -307,7 +307,7 @@ func (sc *serviceSource) extractHeadlessEndpoints(svc *v1.Service, hostname stri
 							return endpoints
 						}
 						for _, address := range node.Status.Addresses {
-							if address.Type == v1.NodeExternalIP || (address.Type == v1.NodeInternalIP && suitableType(address.Address) == endpoint.RecordTypeAAAA) {
+							if address.Type == v1.NodeExternalIP {
 								targets = append(targets, address.Address)
 								log.Debugf("Generating matching endpoint %s with NodeExternalIP %s", headlessDomain, address.Address)
 							}
@@ -579,7 +579,6 @@ func (sc *serviceSource) extractNodePortTargets(svc *v1.Service) (endpoint.Targe
 	var (
 		internalIPs endpoint.Targets
 		externalIPs endpoint.Targets
-		ipv6IPs     endpoint.Targets
 		nodes       []*v1.Node
 		err         error
 	)
@@ -650,22 +649,19 @@ func (sc *serviceSource) extractNodePortTargets(svc *v1.Service) (endpoint.Targe
 				externalIPs = append(externalIPs, address.Address)
 			case v1.NodeInternalIP:
 				internalIPs = append(internalIPs, address.Address)
-				if suitableType(address.Address) == endpoint.RecordTypeAAAA {
-					ipv6IPs = append(ipv6IPs, address.Address)
-				}
 			}
 		}
 	}
 
 	access := getAccessFromAnnotations(svc.Annotations)
 	if access == "public" {
-		return append(externalIPs, ipv6IPs...), nil
+		return externalIPs, nil
 	}
 	if access == "private" {
 		return internalIPs, nil
 	}
 	if len(externalIPs) > 0 {
-		return append(externalIPs, ipv6IPs...), nil
+		return externalIPs, nil
 	}
 	return internalIPs, nil
 }