Documentation
Introduction
- Overview
- Getting Started
- Support for K8s Installers
- Deploying on Kind
- Deploying on Minikube
- Configuration
- Installing with Helm
Cloud Deployment
Reference
- Antrea Network Policy
- Antctl
- Architecture
- Traffic Encryption (Ipsec / WireGuard)
- Securing Control Plane
- Security considerations
- Troubleshooting
- OS-specific Known Issues
- OVS Pipeline
- Feature Gates
- Antrea Proxy
- Network Flow Visibility
- Traceflow Guide
- NoEncap and Hybrid Traffic Modes
- Egress Guide
- NodePortLocal Guide
- Antrea IPAM Guide
- Exposing Services of type LoadBalancer
- Traffic Control
- BGP Support
- Versioning
- Antrea API Groups
- Antrea API Reference
Windows
Integrations
Cookbooks
Multicluster
Developer Guide
Project Information
Network Requirements
Antrea has a few network requirements to get started, ensure that your hosts and firewalls allow the necessary traffic based on your configuration.
Configuration | Host(s) | Protocols/Ports | Other |
---|---|---|---|
Antrea with VXLAN enabled | All | UDP 4789 | |
Antrea with Geneve enabled | All | UDP 6081 | |
Antrea with STT enabled | All | TCP 7471 | |
Antrea with GRE enabled | All | IP Protocol ID 47 | No support for IPv6 clusters |
Antrea with IPsec ESP enabled | All | IP protocol ID 50 and 51, UDP 500 and 4500 | |
Antrea with WireGuard enabled | All | UDP 51820 | |
Antrea Multi-cluster with WireGuard encryption | Multi-cluster Gateway Node | UDP 51821 | |
Antrea with feature BGPPolicy enabled | Selected by user-provided BGPPolicies | TCP 179[1] | |
All | Kube-apiserver host | TCP 443 or 6443[2] | |
All | All | TCP 10349, 10350, 10351, UDP 10351 |
[1] The default value is 179, but a user created BGPPolicy can assign a different port number.
[2] The value is passed to kube-apiserver --secure-port
flag. You can find the port
number from the output of kubectl get svc kubernetes -o yaml
.