It was observed that in the soak112s cluster one of the private agents wasn't able to access the service via l4lb. The root cause was found out to be a Docker container which was forwarding the traffic on port 80 to itself via iptables rules. VIP traffic should still continue to work even when such a container is running.
iptables rule that impacted the VIP traffic were:
1. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
2. -A DOCKER ! -i docker0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.17.0.2:80