iptables drops packets from pods to host pod is running on

[fozboz]

Expected Behavior

A pod is able to send packets to the host the pod is running on.

Current Behavior

Pods are able to send traffic to any other host in the cluster, but not to the host on which the pod is running. The traffic is dropped by the firewall.

Here is my iptables log.

Input-dropped: IN=cni0 OUT= PHYSIN=veth57177775 MAC=62:05:cb:58:1a:0b:16:06:6a:73:90:c5:08:00 SRC=10.244.5.51 DST=192.168.50.12 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID
=53307 DF PROTO=TCP SPT=49720 DPT=10250 WINDOW=64860 RES=0x00 SYN URGP=0

Possible Solution

I could add the necessary rules, but I'm wondering if this is something that flannel should already have set up for me.

Steps to Reproduce (for bugs)

1. Initialize cluster with kubeadm
2. Install flannel kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
3. Start a pod
4. Attempt to send traffic from the pod to the pod's host, observe that the traffic is dropped

Your Environment

• Flannel version: 0.26.0
• Backend used (e.g. vxlan or udp): vxlan
• Etcd version: 3.5.15
• Kubernetes version (if used): 1.31.2
• Operating System and version: Ubuntu 22.04

[rbrtbnfgl]

Flannel adds the ACCEPT rule at the end of the chain so if your firewall has some rules that drops the traffic for any reason Flannel doesn't override any others created rules.