can only ping remote pod ip in gateway node from each side

[zero2hj]

What happened:
After join the two clusters, It seems I can only ping remote pod IP in submariner gateway nodes although diagnose show no errors besides kube-proxy mode issue.
What you expected to happen:

How to reproduce it (as minimally and precisely as possible):
I was connecting two clusters A,B.
For A, its cluster version is 1.19, calico version 3.15.
For B, it's 1.28 & 3.25.
Thing was built in an unconventional way, because A has been running for a long time with calico in ipip mode and kube-proxy in ipvs mode which submariner doesn't support.I have try to change the situations by migrating the mode of calico and kube-proxy.
I didn't not rebuild existing svc so you may see ipvs device in gather result.
Anything else we need to know?:

Environment:

• Diagnose information (use subctl diagnose all):

subctl diagnose all --context A
 ✓ Checking Submariner support for the Kubernetes version
 ✓ Kubernetes version "v1.19.10" is supported

 ✓ Non-Globalnet deployment detected - checking that cluster CIDRs do not overlap
 ✓ Checking DaemonSet "submariner-gateway"
 ✓ Checking DaemonSet "submariner-routeagent"
 ✓ Checking DaemonSet "submariner-metrics-proxy"
 ✓ Checking the status of all Submariner pods
 ✓ Checking that gateway metrics are accessible from non-gateway nodes

 ✓ Checking Submariner support for the CNI network plugin
 ✓ The detected CNI network plugin ("calico") is supported
 ✓ Calico CNI detected, checking if the Submariner IPPool pre-requisites are configured
 ✓ Checking gateway connections
 ✓ Checking route agent connections
 ✗ Checking Submariner support for the kube-proxy mode
 ✗ The cluster is deployed with kube-proxy ipvs mode which Submariner does not support
 ✓ Checking that firewall configuration allows intra-cluster VXLAN traffic

• Gather information (use subctl gather):
  gather-a.zip

• Cloud provider or hardware configuration:

• Install tools:
  subctl 0.19.1

• Others:

Thanks for your work.

[yboaron]

Hi @zero2hj ,

Did you follow the instructions in Submariner with Calico ?

I can see [1] error in atatched logs

[1]
`�[90m2025-01-15T01:44:51.101Z�[0m �[31mERR�[0m ../endpoint_created.go:44 �[1mEventController Error handling created endpoint�[0m �[36merror=�[0m�[31m�[1m"failed to handle RemoteEndpointCreated event: [error creating Calico IPPool for ClusterID "kubernetes-73" subnet "10.86.0.0/12" (is Calico API server running?): the server could not find the requested resource (post ippools.projectcalico.org), error creating Calico IPPool for ClusterID "kubernetes-73" subnet "172.15.0.0/16" (is Calico API server running?): the server could not find the requested resource (post ippools.projectcalico.org)]"�[0m�[0m
�[90m2025-01-15T01:44:51.306Z�[0m �[31mERR�[0m ../endpoint_created.go:44 �[1mEventController Error handling created endpoint�[0m �[36merror=�[0m�[31m�[1m"failed to handle RemoteEndpointCreated event: [error creating Calico IPPool for ClusterID "kubernetes-73" subnet "10.86.0.0/12" (is Calico API server running?): the server could not find the requested resource (post ippools.projectcalico.org), error creating Calico IPPool for ClusterID "kubernetes-73" subnet "172.15.0.0/16" (is Calico API server running?): the server could not find the requested resource (post ippools.projectcalico.org)]"�[0m�[0m

�`

[zero2hj]

@yboaron Yes, I did. I have created the two ippools manually in each cluster as the required ippools.projectcalico.org resource type didn't exist in my calico version.

kubectl get ippools.projectcalico.org
error: the server doesn't have a resource type "ippools"
kubectl get ippools.crd.projectcalico.org
NAME                  AGE
default-ipv4-ippool   59d
podwestcluster        52m
svcwestcluster        52m

[yboaron]

@zero2hj , thanks for the feedback.

Yes, submariner has not been tested with kube-proxy in ipvs mode.
Could you deploy the clusters with kube-proxy in iptables mode ?