Services advertised to other CNFs should utilize VIPs on the SPK that are part of the platform. This creation of external services is done via pushing a configmap with F5 AS3 formatted configuration tocreation of CRDs for SPK into the Kubernetes API.
Creation of IPv6 external services and mapping them to IPv4 internal services within the clusters is possible and happens automatically. The SPK will terminate the IPv6 traffic destined to the pods in the cluster and translate the traffic to an IPv4 Pod destination IP address and source NAT the traffic to an IPv4 address on the load balancer.
In order to reach an IPv6 external service from an IPv4 pod, the service must be configured in Verizon’s external DNS systems to the cluster. Once this is done reachability is achieved by the pod generating a DNS A and/or AAAA query for the IPv6 external service. This query is forwarded by the cluster through the SPK which consumes the request and re-originates a request on behalf of the cluster. When a DNS response comes back with only a AAAA record response, the F5 will reserve an IPv4 address local to it that is reachable from the cluster and return to the pod via the cluster DNS both an A and the external AAAA record. This IPv4 address that is reserved is a 1 to 1 mapping to the IPv6 destination. Because the pods only have an IPv4 address and socket they attempt to reach the IPv4 address that is resident on the SPK, when the load balancer receives traffic destined to that IPv4 address it translates the traffic to the IPv6 destination address that was in the AAAA response and source NATs the pod’s IPv4 address to an IPv6 source NAT address that will allow the traffic to reach the IPv6 destination.