Hello,
I’m using Rancher v2.5.8 and I have a RKE cluster in version 1.19.13 deployed. Nodes are on RancherOS v1.5.8. On my network (outside the cluster), I have specific routing of TCP flow when port used is in Node port range (30000-32767).
I have pods which try to access external resources (external API for example). Sometimes, I get timeout. The reason is that the request can use, as dynamic local port, a port in the Node port range (which have specific routing on my network). I can see that when I execute a tcpdump on the node which hosts the pods.
According to the value of the kernel parameter net.ipv4.ip_local_port_range (by default: 32768 - 60999), it must not use a port in the node port range as a dynamic port. So I’m wondering why it can takes port outside the range 32768 - 60999. Any ideas? Is there a bug somewhere?
I’m using canal.
Thx
Yannaël