Sorry if the title, and tags, are a bit vague, I couldn't figure out the correct terms for it, yet. Please advise, and I will change it.
I'm implementing a STUN server, boxed in a Docker container, which is hosted on Google Container Engine's Kubernetes. The project utilizes load balancers (forwarding rules on GCE) to field external requests to the appropriate ports in the pod/container,
I've routed all traffic coming into eth0 to 2 virtual interfaces(eth0:1, eth0:2) through:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 61214 -j DNAT --to-destination 172.26.0.6
(for completeness sake, the second destination is 172.26.0.7)
A client application reaches it just fine, and so the NAT determination proceeds. This, however, comes to an abrupt halt when the STUN server needs to create a socket and link back to the client application, since the source IP it got is the internal IP of the host VM instance on Kubernetes (e.g. 10.128.0.4). Since no connection was made, the client and server sockets times out.
Is there any way to preserve the actual source address until reaches my server app? I'm open to scrapping the current setup, as long as my request reaches the server and the server gets to make the return connection to the client.
Thank you.