edp-doc/docs/technical-documentation/solution/scenarios/local-development/host-to-kind-network-routing/index.md

# Host to Kind routing

When we subnetwork inside a VM (e.g. WSL), you won't get a connection from the host (e.g. Windows) to the kind network inside the VM.

### tldr;

Add a route in windows to your docker network (e.g. 192.168.199.0/24) over the vm network connector:
```powershell
# in windows admin mode

PS C:\Users\stl> route add 192.168.199.0/24 172.29.216.239
```

#### Outcome

Now in windows you can reach Docker network addresses inside your VM:

```powershell
PS C:\Users\stl> ping 192.168.199.33

Ping wird ausgeführt für 192.168.199.33 mit 32 Bytes Daten:
Antwort von 192.168.199.33: Bytes=32 Zeit<1ms TTL=64
```

## Intro 


So let' say you created a edp setup by 

```bash
# in WSL

$ ./edpbuilder.sh --type kind --stacks all --domain client-192-168-199-35.traefik.me --domain-gitea gitea-client-192-168-199-35.traefik.me
```

you will not be able to send tcp/ip packets from the host (windows) to the kind network gateway, which is inside the docker network of your vm:

```powershell
# in windows

PS C:\Users\stl> ping gitea-client-192-168-199-35.traefik.me

Ping wird ausgeführt für gitea-client-192-168-199-35.traefik.me [192.168.199.35] mit 32 Bytes Daten:
Zeitüberschreitung der Anforderung.
```

## Goal: Windows can access EDP

So what we want is a situation like the following:

In the following screenshot we have at left a browser in windows, and at the right a terminal in wsl. In both a request to `client-192-168-199-35.traefik.me`is working:

![alt text](windows.png)

## Setup Route from windows to WSL

What we need is a route from windows to the docker containers inside the WSL.

So first check your docker network address: 

```bash
# in wsl

$ ip r
default via 172.29.208.1 dev eth0 proto kernel
172.29.208.0/20 dev eth0 proto kernel scope link src 172.29.216.239
192.168.199.0/28 dev docker0 proto kernel scope link src 192.168.199.1
192.168.199.32/27 dev br-8e96da84337e proto kernel scope link src 192.168.199.33
```

What you see is 

* the network connection to the host with the gateway `172.29.216.239`
* the docker network `192.168.199.0/28` ranging from 192.168.199.1 to 192.168.199.14 (28 = 255.255.240.0) 
* and the kind network `192.168.199.32/27` ranging from 192.168.199.33 to 192.168.199.62 (27 = 255.255.224).

In Windows we see that the docker network is reachabel via gateway `172.29.208.1` which is inside network `172.29.208.0/20`:

```powershell
PS C:\Users\stl> ipconfig
...
Ethernet-Adapter vEthernet (WSL):

   Verbindungsspezifisches DNS-Suffix:
   IPv4-Adresse  . . . . . . . . . . : 172.29.208.1
   Subnetzmaske  . . . . . . . . . . : 255.255.240.0
   Standardgateway . . . . . . . . . :
...
```

## add route

Now we add the route:

```powershell
# in windows

PS C:\Users\stl> route add 192.168.199.0/24 172.29.216.239
 OK!
```

and can check it with

```powershell
# in windows

PS C:\Users\stl> route print
...
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      10.34.216.1    10.34.219.176     25
...
    192.168.199.0    255.255.255.0   172.29.216.239     172.29.208.1     16
...
===========================================================================
```

and have network `192.168.199.0/24` to be routed by `172.29.216.239` over `172.29.208.1`.

## Test

Now you should be able to ping from windows to wsl:

```powershell
# in windows, send ping

PS C:\Users\stl> ping gitea-client-192-168-199-35.traefik.me

Ping wird ausgeführt für gitea-client-192-168-199-35.traefik.me [192.168.199.35] mit 32 Bytes Daten:
Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63
Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63
Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63
Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63

Ping-Statistik für 192.168.199.35:
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
```

```bash
# in wsl, receive ping

tcpdump -n -i eth0 icmp and src host 172.29.208.1
```

![alt text](pings.png)

## Trouble shooting

If icmp or http doesn't work check that a fw is off:

```bash
# in wsl

sudo ufw diable
```

Also be sure that ip forwarding is on in wsl:

```bash
# in wsl

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

```
doc(local-development): added host to docker network routing 2025-03-12 16:13:51 +00:00			`# Host to Kind routing`

			`When we subnetwork inside a VM (e.g. WSL), you won't get a connection from the host (e.g. Windows) to the kind network inside the VM.`

			`### tldr;`

			`Add a route in windows to your docker network (e.g. 192.168.199.0/24) over the vm network connector:`
			```powershell
			`# in windows admin mode`

			`PS C:\Users\stl> route add 192.168.199.0/24 172.29.216.239`
			```

			`#### Outcome`

			`Now in windows you can reach Docker network addresses inside your VM:`

			```powershell
			`PS C:\Users\stl> ping 192.168.199.33`

			`Ping wird ausgeführt für 192.168.199.33 mit 32 Bytes Daten:`
			`Antwort von 192.168.199.33: Bytes=32 Zeit<1ms TTL=64`
			```

			`## Intro`


			`So let' say you created a edp setup by`

			```bash
			`# in WSL`

			`$ ./edpbuilder.sh --type kind --stacks all --domain client-192-168-199-35.traefik.me --domain-gitea gitea-client-192-168-199-35.traefik.me`
			```

			`you will not be able to send tcp/ip packets from the host (windows) to the kind network gateway, which is inside the docker network of your vm:`

			```powershell
			`# in windows`

			`PS C:\Users\stl> ping gitea-client-192-168-199-35.traefik.me`

			`Ping wird ausgeführt für gitea-client-192-168-199-35.traefik.me [192.168.199.35] mit 32 Bytes Daten:`
			`Zeitüberschreitung der Anforderung.`
			```

			`## Goal: Windows can access EDP`

			`So what we want is a situation like the following:`

			In the following screenshot we have at left a browser in windows, and at the right a terminal in wsl. In both a request to `client-192-168-199-35.traefik.me`is working:

			`![alt text](windows.png)`

			`## Setup Route from windows to WSL`

			`What we need is a route from windows to the docker containers inside the WSL.`

			`So first check your docker network address:`

			```bash
			`# in wsl`

			`$ ip r`
			`default via 172.29.208.1 dev eth0 proto kernel`
			`172.29.208.0/20 dev eth0 proto kernel scope link src 172.29.216.239`
			`192.168.199.0/28 dev docker0 proto kernel scope link src 192.168.199.1`
			`192.168.199.32/27 dev br-8e96da84337e proto kernel scope link src 192.168.199.33`
			```

			`What you see is`

			* the network connection to the host with the gateway `172.29.216.239`
			* the docker network `192.168.199.0/28` ranging from 192.168.199.1 to 192.168.199.14 (28 = 255.255.240.0)
			* and the kind network `192.168.199.32/27` ranging from 192.168.199.33 to 192.168.199.62 (27 = 255.255.224).

			In Windows we see that the docker network is reachabel via gateway `172.29.208.1` which is inside network `172.29.208.0/20`:

			```powershell
			`PS C:\Users\stl> ipconfig`
			`...`
			`Ethernet-Adapter vEthernet (WSL):`

			`Verbindungsspezifisches DNS-Suffix:`
			`IPv4-Adresse . . . . . . . . . . : 172.29.208.1`
			`Subnetzmaske . . . . . . . . . . : 255.255.240.0`
			`Standardgateway . . . . . . . . . :`
			`...`
			```

			`## add route`

			`Now we add the route:`

			```powershell
			`# in windows`

			`PS C:\Users\stl> route add 192.168.199.0/24 172.29.216.239`
			`OK!`
			```

			`and can check it with`

			```powershell
			`# in windows`

			`PS C:\Users\stl> route print`
			`...`
			`===========================================================================`
			`Aktive Routen:`
			`Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik`
			`0.0.0.0 0.0.0.0 10.34.216.1 10.34.219.176 25`
			`...`
			`192.168.199.0 255.255.255.0 172.29.216.239 172.29.208.1 16`
			`...`
			`===========================================================================`
			```

			and have network `192.168.199.0/24` to be routed by `172.29.216.239` over `172.29.208.1`.

			`## Test`

			`Now you should be able to ping from windows to wsl:`

			```powershell
			`# in windows, send ping`

			`PS C:\Users\stl> ping gitea-client-192-168-199-35.traefik.me`

			`Ping wird ausgeführt für gitea-client-192-168-199-35.traefik.me [192.168.199.35] mit 32 Bytes Daten:`
			`Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63`
			`Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63`
			`Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63`
			`Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63`

			`Ping-Statistik für 192.168.199.35:`
			`Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0`
			`(0% Verlust),`
			`Ca. Zeitangaben in Millisek.:`
			`Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms`
			```

			```bash
			`# in wsl, receive ping`

			`tcpdump -n -i eth0 icmp and src host 172.29.208.1`
			```

			`![alt text](pings.png)`

			`## Trouble shooting`

			`If icmp or http doesn't work check that a fw is off:`

			```bash
			`# in wsl`

			`sudo ufw diable`
			```

			`Also be sure that ip forwarding is on in wsl:`

			```bash
			`# in wsl`

			`echo 1 \| sudo tee /proc/sys/net/ipv4/ip_forward`

			```