Thanks.
Last conversation:
But since source based forwarding (1:1) has been introduced, I thought it might be the easiest way to link a container to an external public IP.
But logically, it is only a one way road.
Routed seems pretty much manual work per container, also involves os specific cloud-init, an individual profile or config for each container etc.
Quite hard to integrate those manual steps into an automated environment.