Hey everyone!
I am trying to configure an Ingress Gateway to redirect incoming SMPP (unencrypted) traffic to an Egress Gateway, then to encapsulate it with TLS, and lastly, send it through the Egress Gateway to an external endpoint (external as in outside the cluster).
I figured that it would work because Istio supports encrypting data in transit and also supports any TCP-based protocol (SMPP ‘rides’ on TCP).
Nevertheless, whenever I test that connection via a simple telnet command to the Ingress Gateway’s external IP (since it is only in development, we haven’t incorporated a DNS for it), the connection is stopped as soon as it succeeds in connecting to the external IP, meaning it doesn’t perform the traffic routing rules as per my configuration.
I’m adding screenshots of my configuration (I’ve already installed all of the prerequisites in order to utilize Egress/Ingress Gateways):
Ingress (and a corresponding VirtualService): Imgur: The magic of the Internet
Egress (and corresponding VirtualService & DestinationRule): Imgur: The magic of the Internet
I forgot to take a picture of the corresponding ServiceEntry while I was at work, so I’ll add the manifest I’ve created for it here as plain text:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: cnn
spec:
hosts:
- edition.cnn.com
ports:
- number: 2775
name: tls
protocol: TLS
resolution: DNS
Thanks in advance for your help! I’d appreciate any and all feedback.