1741499 – [4.1] EgressIP doesn't work with NetworkPolicy unless traffic from default project is allowed

Bug 1741499 - [4.1] EgressIP doesn't work with NetworkPolicy unless traffic from default project is allowed

Summary: [4.1] EgressIP doesn't work with NetworkPolicy unless traffic from default pr...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	---
Target Release:	4.1.z
Assignee:	Dan Winship
QA Contact:	zhaozhanqi
Docs Contact:
URL:
Whiteboard:
Depends On:	1700431
Blocks:	1741477 1766583
TreeView+	depends on / blocked

Reported:	2019-08-15 10:04 UTC by Dan Winship
Modified:	2019-10-29 13:04 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1700431
Environment:
Last Closed:	2019-09-10 15:59:27 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift origin pull 23609	0	None	closed	Bug 1741499: [4.1] Pass egress IP packets to conntrack	2020-07-23 13:28:07 UTC
Red Hat Product Errata	RHSA-2019:2594	0	None	None	None	2019-09-10 15:59:38 UTC

Comment 2 zhaozhanqi 2019-08-26 08:52:49 UTC

Verified this bug on 4.1.0-0.nightly-2019-08-25-164016

pod with in egress ip namespaces and networkpolicy (can only access by itself) can access the public internet

Comment 4 errata-xmlrpc 2019-09-10 15:59:27 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:2594

Note You need to log in before you can comment on or make changes to this bug.