Here’s a quick diagram on how Canal and Calico networking is implemented in Kubernetes. If the image below is hard to read, here’s a direct link.

NOTE: While I’ve depicated the iptables rules and routes as boxes in these diagrams, note that they’re not really implemented as Linux devices. Rather, I just wanted to show how the routes are applied to the packets as they make there way to and fro the actual devices.