Hello! I have test environment with two servers over l3 network (bird). For server communication I have dummy interface (modprobe dummy). After setup k3s I have problem with firewall, for example:
- nc -v <kubernetes_api_svc> 443
- We have two node, thats two endpoint for ClusterIP svc inside default namespace, when request go to current server, working ok
- When request go to other server MASQUERADE use ip address of phisical interface, but other side want src ip of dummy interface.
Why kube-proxy not have parameter for use SNAT --to-source instead of MASQUERADE?
This is looks like a problem with my approach. Where is true way to setup kubernetes inside l3 network on bare metal?