The instruction to set routingViaHost to true is not working as expected anyany longer comparing with earlier OCP version like 4.12/4.13: https://docs.openshift.com/container-platform/4.14/networking/cluster-network-operator.html

4.14.0-rc.6

Found in partner lab

1. Install SNO 4.14.0-rc6 with agent based installer
2. Deploy vDU's application, one of the pods had a secondary network which earlier rely on host's route to communicate with other services.
3. Check network connectivities which used the host route

Pod failed to communicate via host route as exepcted

The pod should be able to connect to the service via host route if routingViaHost is set as true in defaultNetwork -> ovnKubernetesConfig -> gatewayConfig-> routingViaHost

#route on the host:
root@api ~]# ip route
default via 10.114.124.129 dev br-ex proto static metric 48
10.49.220.0/24 via 10.114.122.129 dev ens1f0.507 proto static metric 400
10.114.122.128/25 dev ens1f0.507 proto kernel scope link src 10.114.122.167 metric 401
10.114.124.128/27 dev br-ex proto kernel scope link src 10.114.124.150 metric 48
10.128.0.0/23 dev ovn-k8s-mp0 proto kernel scope link src 10.128.0.2
10.128.0.0/14 via 10.128.0.1 dev ovn-k8s-mp0
169.254.169.0/29 dev br-ex proto kernel scope link src 169.254.169.2
169.254.169.1 dev br-ex src 10.114.124.150
169.254.169.3 via 10.128.0.1 dev ovn-k8s-mp0
172.30.0.0/16 via 169.254.169.4 dev br-ex mtu 1400O

#test on the host:
[root@api ~]# nc -vz 10.49.220.73 8091
Ncat: Version 7.91 ( https://nmap.org/ncat )
Ncat: Connected to 10.49.220.73:8091.
Ncat: 0 bytes sent, 0 bytes received in 0.16 seconds.


#test inside pod:
[root@api ~]# sudo nsenter -t $(crictl inspect --output go-template --template="{{.info.pid}}" $(crictl ps --name certm -q)) -n bash
[root@api roothome]# nc -vz 10.49.220.73 8091
Ncat: Version 7.91 ( https://nmap.org/ncat )
Ncat: TIMEOUT.