When it comes to Kubernetes networking, Calico is widely used. One of the main reasons being its ease of use and the way it shapes up the network fabric. Calico is a pure L3 solution, where packets are routed in just the same manner as your regular Internet.
Each node (eg. VM) acts like a vRouter, which means tools like traceroute, ping, tcpdump, etc just work as expected! Whether the packet is flowing from one container to another or container to another node (or vice-versa), its just treated as a flat network route (L3 hops).
By default, there is no notion of overlays, tunneling or NAT. Each endpoint is actually a /32 IP in IPv4 (or equivalent in other), which means a container can be assigned a public IP.
All this is achieved using the Linux kernel’s existing network capabilities. This gives a great flexibility in scaling out the network fabric of a platform running atop Calico.
Source: medium.com