Skip to content

The pod does not respond to the SYN packet. #2415

Open
Open
The pod does not respond to the SYN packet.#2415
@jedi201321

Description

@jedi201321
jedi201321
opened on Apr 3, 2026

Environment:

  • k8s version v1.22.3
  • flannel version: image: docker.io/flannel/flannel:v0.22.3
  • flannel configmap:
apiVersion: v1
data:
  cni-conf.json: |
    {
      "name": "cbr0",
      "cniVersion": "0.3.1",
      "plugins": [
        {
          "type": "flannel",
          "delegate": {
            "hairpinMode": true,
            "isDefaultGateway": true
          }
        },
        {
          "type": "portmap",
          "capabilities": {
            "portMappings": true
          }
        }
      ]
    }
  net-conf.json: |
    {
      "Network": "192.244.0.0/16",
      "Backend": {
        "Type": "vxlan"
      }
    }
kind: ConfigMap

Problem:

I added a new node A (a physical machine) to the K8s cluster, while the old node B was a virtual machine. When I was on the new machine A, I used the command "ping" to reach the pod on node B, and it worked fine. However, when I used the curl command, it was abnormal.

Ping test is ok.

Image

Curl test is not ok. This pod is listening on port 80. On other older machines, the curl test can be performed successfully.

Image

This is the package I captured on this pod.
Image

After I executed "netstat -s" in the pod's net ns, I found that these two indicators would increase along with my curl test.

Image

This seems to be a TCP checksum issue. Could you please tell me if there are any relevant solutions?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions