diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 98ba2f064..f9842f46c 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -6,8 +6,9 @@ kube_resolv_conf: "/etc/resolv.conf"
 
 kube_proxy_mode: iptables
 
-# If using the pure iptables proxy, SNAT everything
-kube_proxy_masquerade_all: true
+# If using the pure iptables proxy, SNAT everything. Note that it breaks any
+# policy engine.
+kube_proxy_masquerade_all: false
 
 # Limits for kube components and nginx load balancer app
 kubelet_memory_limit: 512M