The proxy handles the routing between a pod load balancer (also known as a service) and pods. It also provides routing from external internet to services. There are three proxy modes: userspace, iptables, and ipvs. The userspace mode creates a large overhead by switching the kernel space and user space. The iptables mode, on the other hand, is the latest default proxy mode. It changes the iptables Network Address Translation (NAT: https://en.wikipedia.org/wiki/Network_address_translation) in Linux to achieve routing TCP and UDP packets across all containers. IP Virtual Servers (IPVS) was general available (GA) in Kubernetes 1.11 and is used to address performance degradations when running 1,000+ services in a cluster. It runs on a host and acts as a load balancer, forwarding the connection to real servers. IPVS mode will fall back to iptables in some scenarios; please refer to https://github.com/kubernetes/kubernetes/tree/master/pkg/proxy/ipvs for more detailed information.