From bac8f7f8c8762355e5c71bf04f39e358dcb65bf6 Mon Sep 17 00:00:00 2001
From: clyi <clyi@alauda.io>
Date: Wed, 29 Apr 2026 16:32:58 +0800
Subject: [PATCH] docs: add critical note about LB service IP prohibition for
 internal pod access

---
 .../networking/how_to/kube_ovn/config_metallb_underlay.mdx      | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/en/configure/networking/how_to/kube_ovn/config_metallb_underlay.mdx b/docs/en/configure/networking/how_to/kube_ovn/config_metallb_underlay.mdx
index 9cbcb40b4..ddcc925b3 100644
--- a/docs/en/configure/networking/how_to/kube_ovn/config_metallb_underlay.mdx
+++ b/docs/en/configure/networking/how_to/kube_ovn/config_metallb_underlay.mdx
@@ -9,6 +9,8 @@ weight: 14
 This solution addresses the integration of MetalLB L2 mode with Kube-OVN Underlay networking. It allows users to utilize Underlay subnet IPs as MetalLB LoadBalancer Service VIPs, directly forwarding traffic to backend business Pods.
 
 > ⚠️ **Critical**: The LoadBalancer VIP and the backend Pod IPs **must be in the same Underlay subnet**.
+> 
+> ⚠️ **Critical**: The LoadBalancer Service IP is prohibited from being accessed by internal Pods. This IP is intended for external client access only.
 
 ## Prerequisites