Description of problem:

Issue accessing Service externalTrafficPolicy: Local on multitenant isolated project

Version-Release number of selected component (if applicable):

4.12

How reproducible:

$ oc new-project foo
$ oc new-app httpd --name foo
$ oc patch svc foo --type merge --patch '{"spec":{"type":"NodePort"}}'
$ oc patch svc foo --type merge --patch '{"spec":{"externalTrafficPolicy":"Local"}}'
$ curl <node-ip-of-pod>:<node-port>

Configuring multitenant isolation with network policy [1].
[1] https://docs.openshift.com/container-platform/4.12/networking/network_policy/multitenant-network-policy.html#multitenant-network-policy

$ curl <node-ip>:<node-port>

Actual results:

Not accessible after multitenant isolation.

Expected results:

Expect access like OpenShiftSDN.

Additional info: