Please, put Service out of your mind until you have the lower-level routing sorted. Service doesn’t work unless your pod can reach the database.
It sounds to me like you need to either ensure routability from your larger network into your worker node for the pod IPs on that node, or you need to masquerade all pod traffic when it leaves the node.
Only once your pods can actually reach the database at an IP level can we talk about whether Service is useful to you.