From f3a67015572f2d2c0e8158ae88474c0c3a382e86 Mon Sep 17 00:00:00 2001
From: Dominic Ayre <domayre@outlook.com>
Date: Thu, 24 Jul 2025 08:18:07 +0000
Subject: [PATCH] Fix running Confidential ContainerPlat

---
 internal/uvm/network.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/internal/uvm/network.go b/internal/uvm/network.go
index a4ec71d9f9..b4b115f401 100644
--- a/internal/uvm/network.go
+++ b/internal/uvm/network.go
@@ -39,6 +39,13 @@ var (
 	ErrNICNotFound = errors.New("NIC not found in network namespace")
 )
 
+const (
+	ipv4GwDestination = "0.0.0.0/0"
+	ipv4EmptyGw       = "0.0.0.0"
+	ipv6GwDestination = "::/0"
+	ipv6EmptyGw       = "::"
+)
+
 func sortEndpoints(endpoints []*hcn.HostComputeEndpoint) {
 	cmp := func(a, b *hcn.HostComputeEndpoint) int {
 		if strings.HasSuffix(a.Name, "eth0") {
@@ -573,6 +580,15 @@ func convertToLCOWReq(id string, endpoint *hcn.HostComputeEndpoint, policyBasedR
 	}
 
 	for _, r := range endpoint.Routes {
+
+		if (r.DestinationPrefix == ipv4GwDestination || r.DestinationPrefix == ipv6GwDestination) &&
+			r.NextHop == "" {
+			// This is the default route
+			// But NextHop should either specify a gateway or be equal to 0.0.0.0 to be on-link
+			// The fact that it's empty makes this an invalid route
+			continue
+		}
+
 		newRoute := guestresource.LCOWRoute{
 			DestinationPrefix: r.DestinationPrefix,
 			NextHop:           r.NextHop,