KubeFM cover image

KubeFM

Learned it the hard way: don't use Cilium's default Pod CIDR, with Isala Piyarisi

Feb 25, 2025
32:30

This episode examines how a default configuration in Cilium CNI led to silent packet drops in production after 8 months of stable operations.

Isala Piyarisi, Senior Software Engineer at WSO2, shares how his team discovered that Cilium's default Pod CIDR (10.0.0.0/8) was conflicting with their Azure Firewall subnet assignments, causing traffic disruptions in their staging environment.

You will learn:

  • How Cilium's default CIDR allocation can create routing conflicts with existing infrastructure

  • A methodical process for debugging network issues using packet tracing, routing table analysis, and firewall logs

  • The procedure for safely changing Pod CIDR ranges in production clusters

Sponsor

This episode is sponsored by Learnk8s — get started on your Kubernetes journey through comprehensive online, in-person or remote training.

More info

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner