Set source IP with Cloud NAT then route traffic over Cloud VPN?

383 Views Asked by At

Is it possible to set the source IP on packets originating from a Kubernetes Cluster using Cloud NAT and THEN route the traffic over a Cloud VPN?

The issue I'm running into when routing traffic from the Kubernetes cluster over Cloud VPN is the source IP is set to one of the pod IPs (in the 10.30 range) NOT the Cloud NAT IP so the server on the other end rejects the packets.

Any advice would be greatly appreciated.

1

There are 1 best solutions below

0
On

Is it possible to set the source IP on packets ...

No, you cannot change the source IP address. The TCP/IP stack would not receive the return packets.

In addition, IP routing does not work that way. If your source network is 10.30.0.0 and the destination network does not overlap, then you have a simple route configuration problem. If the networks do overlap, then some routing tricks are necessary which is not always possible.

Note: there is a potential issue since you mention Kubernetes. Google Cloud VPC subnets have a private address range. Pods can have a different private IP address range. There must be a router or proxy or load balancer deployed in some cases (NAT is a type of proxy).

However, your question is about changing the source IP address and the answer is NO.