I tried doing a quick search or this topic, but couldn’t find anything. So sorry if it is a duplicate.
I know 25.04 implemented the ability to bind an app to a host IP for incoming requests. Is there any functionality to handle the routing for return traffic or outbound based traffic?
I have a test 25.04 instance that I spun up to do some basic testing on before I upgrade my 24.10 instance. In my test the system has two IPs, 192.168.1.20/24 and 172.16.0.20/24. It only allows to specify a single gateway to be configured. So if the management network and gateway is setup as 192.168.1.1, but I specify an app to listen for traffic on 172.16.0.20, response traffic will be on the 192.168.1.20 IP if the request originated from the 192.168.1.0/24 network or from a separate network. Outgoing traffic originating from the container will also use the 192.168.1.20 IP and it’s gateway.
I currently solve this problem on 24.10 with some custom routing table rules through IPTABLES.
I have certain containers that I want isolated and be subject to traffic inspection through a firewall. With these custom rules, the return traffic and any outgoing traffic is required to route up to the firewall before being able to reach a different network.