e598102f04
Currently, when a node is behind NAT, it is possible that routes to the node's private IP address, i.e. routes necessary to communicate with the Kubelet and any Pods on the host network, will not be created because the private IP is seen as the same as the location's endpoint and is thus skipped because trying to encapsulate traffic to the endpoint would break communiation with the endpoint itself. This logic is not correct for nodes that are behind NAT, because the endpoin that the node reports may not be the same as the discovered endpoint for the location. Instead, we should compare the private IP address to the discovered endpoint. Signed-off-by: Lucas Servén Marín <lserven@gmail.com> |
||
|---|---|---|
| .. | ||
| calico | ||
| encapsulation | ||
| iproute | ||
| ipset | ||
| iptables | ||
| k8s | ||
| mesh | ||
| route | ||
| version | ||
| wireguard | ||