flannel: Pod cannot ping each other in multi-host scenario - failed to add vxlanRoute (XXX -> X.Y.0.0): invalid argument

Pod from different host cannot ping each others. Flannel logs as below:

I1018 17:58:53.498781       1 main.go:470] Determining IP address of default interface
I1018 17:58:53.499196       1 main.go:483] Using interface with name eth0 and address 172.28.249.156
I1018 17:58:53.499243       1 main.go:500] Defaulting external address to interface address (172.28.249.156)
I1018 17:58:53.517275       1 kube.go:130] Waiting 10m0s for node controller to sync
I1018 17:58:53.517332       1 kube.go:283] Starting kube subnet manager
I1018 17:58:54.517591       1 kube.go:137] Node controller sync successful
I1018 17:58:54.517652       1 main.go:235] Created subnet manager: Kubernetes Subnet Manager - scarif-admin-2
I1018 17:58:54.517661       1 main.go:238] Installing signal handlers
I1018 17:58:54.517821       1 main.go:348] Found network config - Backend type: vxlan
I1018 17:58:54.517912       1 vxlan.go:119] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false
I1018 17:58:54.573370       1 main.go:295] Wrote subnet file to /run/flannel/subnet.env
I1018 17:58:54.573408       1 main.go:299] Running backend.
I1018 17:58:54.573427       1 main.go:317] Waiting for all goroutines to exit
I1018 17:58:54.573496       1 vxlan_network.go:56] watching for new subnet leases
**E1018 17:58:54.573780       1 vxlan_network.go:158] failed to add vxlanRoute (172.16.0.0/24 -> 172.16.0.0): invalid argument**
I1018 17:58:54.577620       1 ipmasq.go:75] Some iptables rules are missing; deleting and recreating rules
I1018 17:58:54.577673       1 ipmasq.go:97] Deleting iptables rule: -s 172.16.0.0/16 -d 172.16.0.0/16 -j RETURN
I1018 17:58:54.579324       1 ipmasq.go:97] Deleting iptables rule: -s 172.16.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE
I1018 17:58:54.580870       1 ipmasq.go:97] Deleting iptables rule: ! -s 172.16.0.0/16 -d 172.16.1.0/24 -j RETURN
I1018 17:58:54.582349       1 ipmasq.go:97] Deleting iptables rule: ! -s 172.16.0.0/16 -d 172.16.0.0/16 -j MASQUERADE
I1018 17:58:54.583900       1 ipmasq.go:85] Adding iptables rule: -s 172.16.0.0/16 -d 172.16.0.0/16 -j RETURN
I1018 17:58:54.587553       1 ipmasq.go:85] Adding iptables rule: -s 172.16.0.0/16 ! -d 224.0.0.0/4 -j MASQUERADE
I1018 17:58:54.591290       1 ipmasq.go:85] Adding iptables rule: ! -s 172.16.0.0/16 -d 172.16.1.0/24 -j RETURN
I1018 17:58:54.595032       1 ipmasq.go:85] Adding iptables rule: ! -s 172.16.0.0/16 -d 172.16.0.0/16 -j MASQUERADE

Your Environment

Flannel version: 0.9
Backend used (e.g. vxlan or udp): vxlan
Etcd version:
Kubernetes version (if used): 1.8
Operating System and version: Centos 7.3 Docker 17.06

About this issue

Original URL
State: closed
Created 7 years ago
Comments: 21 (4 by maintainers)

Most upvoted comments

@camflan please open a different issue. I suspect you just need “iptables -P FORWARD ACCEPT”

tomdee on Nov 4, 2017

@rthamrin i followed this question: “failed to add vxlanRoute (10.244.2.0/24 -> 10.244.2.0): invalid argument”

dale1202 on Mar 21, 2022