K3s Flannel interface blocks traffic by overriding routing table entries

Question

I'm installing a k3s agent on a Raspberry Pi 4 (Raspbian GNU/Linux 10) and I face the following problem:

When I start the k3s agent all the network traffic is blocked because flannel adds overriding entries to the routing table (with lower metric)

Here are my network interfaces and routing table before starting k3s:

$ ip a
1: lo: [...]
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether e4:5f:01:3c:cb:b0 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether e4:5f:01:3c:cb:b1 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.7/24 brd 192.168.11.255 scope global noprefixroute wlan0
       valid_lft forever preferred_lft forever
    inet6 fe80::4cd2:3438:9850:12/64 scope link
       valid_lft forever preferred_lft forever

$ ip ro
default via 192.168.11.1 dev wlan0 src 192.168.11.7 metric 303
192.168.11.0/24 dev wlan0 proto dhcp scope link src 192.168.11.7 metric 303

Here are the interfaces and routing table when k3s is running:

$ k3s agent --flannel-iface wlan
[...]
$ ip a
1: lo: [...]
2: eth0: [...] 
3: wlan0: [...]
15: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
    link/ether 3e:67:43:a9:0a:b4 brd ff:ff:ff:ff:ff:ff
    inet 10.42.4.0/32 scope global flannel.1
       valid_lft forever preferred_lft forever
    inet 192.168.11.7/24 brd 192.168.11.255 scope global noprefixroute flannel.1
       valid_lft forever preferred_lft forever
    inet6 fe80::cef8:2a6c:6b05:da4b/64 scope link
       valid_lft forever preferred_lft forever

$ ip ro
default via 192.168.11.1 dev flannel.1 src 192.168.11.7 metric 214
default via 192.168.11.1 dev wlan0 src 192.168.11.7 metric 303
10.42.0.0/24 via 10.42.0.0 dev flannel.1 onlink
10.42.2.0/24 via 10.42.2.0 dev flannel.1 onlink
192.168.11.0/24 dev flannel.1 proto dhcp scope link src 192.168.11.7 metric 214
192.168.11.0/24 dev wlan0 proto dhcp scope link src 192.168.11.7 metric 303

=> Why are the routes for the local non-virtual network 192.168.0.0/24 created? How can I disable the creation of these routes? Am I missing something else?

Thanks in advance

Answer 1

I almost self-answered my question: lower the metric of wlan0 fixes the issue.

By default on Raspberry the routes associated to the wlan interfaces have a higher metric because they're considered as a less stable link than wired eth0 interfaces

Fix:

# In /etc/dhcpcd.conf:
[...]
iface wlan0
[...]
metric 42

Et voilà!