You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PR: #2911
The addition of the -o net1 parameter in this PR will cause pods within the VPC that use SNAT to be unable to access pods binding with fip. Considering the description of this PR, is it intended to address the issue of vpc-nat-gateway pods being unable to access other pods within the VPC? It seems that removing the -o net1 parameter during testing does not lead to this issue.
It is unable to access, and upon packet capture, it is observed that only the DNAT transformation of the NAT postrouting chain is completed, while the SNAT rules seem to remain unchanged due to the -o net1 parameter.
08:29:42.304406 eth0 In IP 10.116.80.141.42624 > 10.122.195.20.9640: Flags [S], seq 2568096467, win 64240, options [mss 1460,sackOK,TS val 2353869530 ecr 0,nop,wscale 7], length 0
08:29:42.304429 eth0 Out IP 10.116.80.141.42624 > 10.116.80.9.9640: Flags [S], seq 2568096467, win 64240, options [mss 1460,sackOK,TS val 2353869530 ecr 0,nop,wscale 7], length 0
Expected Behavior
The text was updated successfully, but these errors were encountered:
Kube-OVN Version
v1.12.12
Kubernetes Version
v1.24.1
Operation-system/Kernel Version
CentOS Stream 8
5.4.236-1.el8.elrepo.x86_64
Description
PR: #2911
The addition of the
-o net1
parameter in this PR will cause pods within the VPC that use SNAT to be unable to access pods binding with fip. Considering the description of this PR, is it intended to address the issue of vpc-nat-gateway pods being unable to access other pods within the VPC? It seems that removing the-o net1
parameter during testing does not lead to this issue.Steps To Reproduce
podA access podB fip 10.122.195.20
10.116.80.141 > 10.122.195.20
Current Behavior
It is unable to access, and upon packet capture, it is observed that only the DNAT transformation of the NAT postrouting chain is completed, while the SNAT rules seem to remain unchanged due to the -o net1 parameter.
Expected Behavior
The text was updated successfully, but these errors were encountered: