Description of problem: EgressNetworkPolicy works as expected when setting the Allow rule to a cidrSelector, but when setting the Allow rule to a dnsName, the access to the dnsName is blocked. After checking the ovs rules in the ovs pod, the Allow rule is added to the ovs rules in the cidrSelector case but is not added to the ovs rules in the dnsName case. Will upload the checking results later. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Create an EgressNetworkPolicy with an Allow rule to a dnsName. 2. Check whether the access to the dnsName can get through 3. Actual results: The access is blocked Expected results: The access can get through Additional info:
*** Bug 1812333 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633