Network connection failed from external network to slirp network

[cheungsuifai]

It seems I can not ping from host to slirp network, but reverse it's OK.

And this prevent external user to access Load Balance Service in u7s cluster.

It there any solution?

[AkihiroSuda]

See https://github.com/rootless-containers/usernetes/tree/v20221007.0#expose-netns-ports-to-the-host

$ ./rootlessctl.sh add-ports 0.0.0.0:30080:30080/tcp

[cheungsuifai]

but load balance is different from nodeport.

For nodeport service, external user use the host node IP and service port to access the service.
After the traffic arrived at the host, it will be forwarded due to the port-forwarding which provider by rootlessctl(socat).

But for load balances service, an external IP must be assigned to the service. so that external user can accessed the service via this IP. But this external IP connection is broken due to no route from external network to slirp network crossing the host network.