Iptables Usage

Depending on the Linux kernel version being used, the eBPF datapath can implement a varying feature set fully in eBPF. If certain required capabilities are not available, the functionality is provided using a legacy iptables implementation. See Requirements for IPsec for more details.

kube-proxy Interoperability

The following diagram shows the integration of iptables rules as installed by kube-proxy and the iptables rules as installed by Cilium.

../../../_images/kubernetes_iptables.svg