How to set egress > ipBlock for multiple IPs and ports?

Question

Here is a section of my network policy:

egress:
   -to:
     - ipBlock: 
         cidr: 10.0.0.0/32
     - ipBlock:
         cidr: 10.0.0.1/32
    ports:
     - protocol: TCP
       port: 5978

I have a doubt whether these IPs will be allowed to connect to the same port.

Basically, if we want to have a different port for a different IP, what can we do?

score 4 · Answer 1 · answered May 24 '22 at 13:12

4

I assume the snippet you shared is a portion of a NetworkPolicy.

If so, you can have multiple entries in the egress field, like this for example:

egress:
  - to:
    - ipBlock: 
        cidr: 10.0.0.1/32
    ports:
    - protocol: TCP
      port: 5978
  - to:
    - ipBlock: 
        cidr: 10.0.0.2/32
    ports:
    - protocol: TCP
      port: 1234

answered May 24 '22 at 13:12

whites11

12,008
3
36
53

What happens when I specify a port for a IP will the traffic only be allowed to that port only or I can hit other ports – Anonymous May 27 '22 at 05:40
Only for that port. Depending on kubernetes version and CNI version you might be able to specify a range of ports – whites11 May 27 '22 at 06:06

How to set egress > ipBlock for multiple IPs and ports?

1 Answers1