Description:
The is a known issue on the 4.18 release-notes regarding masquerade subnet (look for "There is a known issue in OpenShift Container Platform 4.18 which causes the cluster's masquerade subnet to be set to 169.254.169.0/29 if the ovnkube-node daemon set is deleted"
The workaround depicted on the docs is not clear, this is what I did that did not work:

Reproduce:
100% of times

The setup: # upgrade from 4.16->4.17>4.18.rc->4.18.1

1. deploy these manifests [1], [2].
2. console vm-a and ping 8.8.8.8. (while same ping from regular vm on pod network works)
   1. checking the ovn-nbdb it seems that the UDN GR router is not created, ovn-kubenode controller says it's related to no masq subnet available.

The workaround we tried is: # delete the UDN CR oc delete UserDefinedNetwork namespace-scoped -n green  (and all other relevant workloads)

1. manually set the subnet to be larger: oc patch }}{{networks.operator.openshift.io{{ cluster --type=merge -p '{"spec":{"defaultNetwork":{"ovnKubernetesConfig":{"gatewayConfig":{"ipv4": {"internalMasqueradeSubnet": "169.254.0.0/17"}

   ,"ipv6":{"internalMasqueradeSubnet": "fd69::/125"}}}}}}'}}

1. restart OVNKube-node pods oc delete pod -l app=ovnkube-node -n openshift-ovn-kubernetes

Expected result: # egress connectivity works on primary UDN network

1. UDN GR router created
    
   01-namespace-isolation-l2-persistent.yaml
   maiqueb/fosdem2025-p-udn | Added by GitHub
    
   02-namespace-isolation-workloads.yaml
   maiqueb/fosdem2025-p-udn | Added by GitHub