Symptoms

Users experience intermittent failures when loading the Security Services Platform (SSP) UI or navigating between modules (e.g., Cluster API, Monitor, Intelligence, Backup/Restore).

• The UI displays banners such as Unable to retrieve the data or HTTP 0 Unknown Error.

• Browser developer tools (Network tab) show API requests failing with net::ERR_CONNECTION_RESET.

vDefend Security Services Platform (SSP) 5.1.x

This issue occurs when an external load balancer is in place and responding to SSP-Ingress.

Diagnostic Proof: Reviewing the Envoy access logs(envoy_pod logs) reveals the external load balancer's IP in the remote_ip (X-Forwarded-For) chain.

Example: remote_ip="<Client-Workstation-IP>, <External-LoadBalancer-IP>, <Worker-Node-Internal-IP>"

Run watch -n 3 nslookup <ssp-fqdn> from a client machine to ensure it resolves strictly to the SSP Ingres FQDN and not an external proxy IP.

The resolution requires correcting the upstream traffic flow to land on SSP worker nodes and not on any other external components.

Temporary Workaround: Restarting the Antrea networking agents (kubectl rollout restart ds/antrea-agent -n kube-system) forces Open vSwitch (OVS) to flush stale routing flows and reconnect to the API server.

This may provide temporary relief to the UI errors, but the connection resets will return as long as the traffic initiated to SSP-Ingress URL lands on external load balancer.