Since I need the real ip of the requester in my (bare metal) k8s cluster, I want to deploy traefik-ingress-controller as a DaemonSet with the NET_BIND_SERVICE capability and bind it to ports 80 and 443 on the host machines directly.

I followed the suggestions in the kubernetes docu (https://docs.traefik.io/user-guide/kubernetes/#deploy-trfik-using-a-deployment-or-daemonset), but it does not seem to work. The ports are still not reachable from the outside. After adding a service with externalIPs (as I did it before with the Deployment-approach), traefik is reachable, but I still do not get the real source ip.

As a short explanation: I want to route only if the request comes from my internal network.

Could someone give me a short how-to what there is to do?

Thanks in advance!