Hello,
I’ll try to keep this as simple as possible. I have a strange behavior with pod network traffic. I’ve a new deployment of Kubernetes managed and deployed by Rancher, I have couple of K8S clusters, with LONGHORN deployed, and one or two wordPress test statefulsets. I know that this community is mainly focused on K8S, and not Rancher, but I thought this community would help me better since my issue is a networking issue. My issue is that the network security team are reporting that millions of packets are hitting our datacenter core firewall every hour, and both the source and destination IPs lay in the range 10.42.x.x, so, I guess that the pods try to go through the proxy server (internet proxy), or the gateway used by the Linux node. Calico was deployed by default, and I’ve deployed Flannel later for the other clusters I’ve deployed. My question is, why is the traffic leaving the overlay network and hits our firewall seeking the other pods, and how to fix this please as this behavior is overwhelming the firewall and will lead to canceling the entire project. Thank you,
Cluster information:
Kubernetes version: 1.19.4
Cloud being used: (put bare-metal if not on a public cloud)
Installation method: Rancher
Host OS: Oracle Linux 7.8
CNI and version: Docker
CRI and version: