Hi all, I am not sure this is the right place to ask about this here I go. I was wondering if ovn-kubernetes has some similar way to achieve what the Calico CNI does to disable NAT in egress.
The Calico CNI or the AWS CNI have a way to disable NAT for a given CIDR like this https:// github.ibm.com/palmetto/gateway/blob/develop/doc/k8s/vm.md#identity-ip-preservation-cni. And basically, you can play with couple of environment variables: * AWS_VPC_K8S_CNI_EXCLUDE_SNAT_CIDRS * AWS_VPC_K8S_CNI_EXTERNALSNAT I have been playing with openvswitch and the ovn CNI and I cannot find an equivalent. Sure you can play with the northbound database, remove the pod snat that you want to remove and add some policies to the ovn_cluster_router, but packets seem to eventually drop when exiting the node. Would you have some pointers for me to achieve the same functionality than calico or aws CNI but with OVN? Thanks in advance, and best regards, Charles
_______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
