Quick notes before I forget, it might help someone too.

I’ve been wrestling with Cilium and single stack IPv6 Kubernetes clusters for weeks. Pods were unable to talk to pods in other nodes but are able to within the same node and I couldn’t figure out why.

This cluster is running on a dual stack host but the cluster is configured for single stack IPv6.

I believe I may have run into https://github.com/cilium/cilium/issues/17240. The workaround was to enable native routing and configure IPv6 native routing CIDR to the pod network1. All nodes were in the same L2 segment so enabling auto-direct-node-routes is okay. I am forced to use IPv6 masquerading my ISP changes the delegated prefix on each connect-disconnect cycle.

This was probably the cause of some applications occasionally stalling on some requests too.

Don’t forget to run kubectl rollout restart on cilium-envoy and cilium-operator or else none of these will work.

Tayga runs on the network gateway providing NAT64 services. The missing piece now is having incoming IPv4 traffic flow into the cluster, translated into IPv6.

https://docs.cilium.io/en/stable/network/concepts/routing/#native-routing