# Host to Kind routing When we subnetwork inside a VM (e.g. WSL), you won't get a connection from the host (e.g. Windows) to the kind network inside the VM. ### tldr; Add a route in windows to your docker network (e.g. 192.168.199.0/24) over the vm network connector: ```powershell # in windows admin mode PS C:\Users\stl> route add 192.168.199.0/24 172.29.216.239 ``` #### Outcome Now in windows you can reach Docker network addresses inside your VM: ```powershell PS C:\Users\stl> ping 192.168.199.33 Ping wird ausgeführt für 192.168.199.33 mit 32 Bytes Daten: Antwort von 192.168.199.33: Bytes=32 Zeit<1ms TTL=64 ``` ## Intro So let' say you created a edp setup by ```bash # in WSL $ ./edpbuilder.sh --type kind --stacks all --domain client-192-168-199-35.traefik.me --domain-gitea gitea-client-192-168-199-35.traefik.me ``` you will not be able to send tcp/ip packets from the host (windows) to the kind network gateway, which is inside the docker network of your vm: ```powershell # in windows PS C:\Users\stl> ping gitea-client-192-168-199-35.traefik.me Ping wird ausgeführt für gitea-client-192-168-199-35.traefik.me [192.168.199.35] mit 32 Bytes Daten: Zeitüberschreitung der Anforderung. ``` ## Goal: Windows can access EDP So what we want is a situation like the following: In the following screenshot we have at left a browser in windows, and at the right a terminal in wsl. In both a request to `client-192-168-199-35.traefik.me`is working: ![alt text](windows.png) ## Setup Route from windows to WSL What we need is a route from windows to the docker containers inside the WSL. So first check your docker network address: ```bash # in wsl $ ip r default via 172.29.208.1 dev eth0 proto kernel 172.29.208.0/20 dev eth0 proto kernel scope link src 172.29.216.239 192.168.199.0/28 dev docker0 proto kernel scope link src 192.168.199.1 192.168.199.32/27 dev br-8e96da84337e proto kernel scope link src 192.168.199.33 ``` What you see is * the network connection to the host with the gateway `172.29.216.239` * the docker network `192.168.199.0/28` ranging from 192.168.199.1 to 192.168.199.14 (28 = 255.255.240.0) * and the kind network `192.168.199.32/27` ranging from 192.168.199.33 to 192.168.199.62 (27 = 255.255.224). In Windows we see that the docker network is reachabel via gateway `172.29.208.1` which is inside network `172.29.208.0/20`: ```powershell PS C:\Users\stl> ipconfig ... Ethernet-Adapter vEthernet (WSL): Verbindungsspezifisches DNS-Suffix: IPv4-Adresse . . . . . . . . . . : 172.29.208.1 Subnetzmaske . . . . . . . . . . : 255.255.240.0 Standardgateway . . . . . . . . . : ... ``` ## add route Now we add the route: ```powershell # in windows PS C:\Users\stl> route add 192.168.199.0/24 172.29.216.239 OK! ``` and can check it with ```powershell # in windows PS C:\Users\stl> route print ... =========================================================================== Aktive Routen: Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik 0.0.0.0 0.0.0.0 10.34.216.1 10.34.219.176 25 ... 192.168.199.0 255.255.255.0 172.29.216.239 172.29.208.1 16 ... =========================================================================== ``` and have network `192.168.199.0/24` to be routed by `172.29.216.239` over `172.29.208.1`. ## Test Now you should be able to ping from windows to wsl: ```powershell # in windows, send ping PS C:\Users\stl> ping gitea-client-192-168-199-35.traefik.me Ping wird ausgeführt für gitea-client-192-168-199-35.traefik.me [192.168.199.35] mit 32 Bytes Daten: Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63 Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63 Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63 Antwort von 192.168.199.35: Bytes=32 Zeit<1ms TTL=63 Ping-Statistik für 192.168.199.35: Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust), Ca. Zeitangaben in Millisek.: Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms ``` ```bash # in wsl, receive ping tcpdump -n -i eth0 icmp and src host 172.29.208.1 ``` ![alt text](pings.png) ## Trouble shooting If icmp or http doesn't work check that a fw is off: ```bash # in wsl sudo ufw diable ``` Also be sure that ip forwarding is on in wsl: ```bash # in wsl echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward ```