We had faced this issue in our AWS EKS cluster; I wrote an article about that incident. See it here. CIDR Conflict When Moving from AWS CNI to Cilium
TL;DR
This entire debugging experience reminded us how low-level networking issues can surface in unexpected ways sometimes months after a change is made.
If you’re using Cilium in a cloud environment like EKS:
- Always define non-overlapping IP ranges for Cilium’s IPAM.
- Be cautious with large CIDRs like 10.0.0.0/8.
- Use tools like Hubble and Wireshark in combination to debug packet flows.
- Document your VPC-wide CIDR usage especially when you use multiple clusters or peered networks.
Hope this post helps you avoid days of frustration and maybe even saves your cluster someday.
Top comments (0)