When multiple cluster controllers are deployed, they all connected to same region controller. Often region controller is collocated with a cluster controller. When region controller is configured, a PXE/API endpoint needs to be defined. This is basically an IP/interface on which PXE will be provided.
During enlisting and commissioning, other cluster controllers provide an IP for the node, but also information where to fetch cloud init data - from region controller. What can be observed is that the IP that is sent to nodes, for cloud-init data, is the one of PXE network on region controller. While in majority of cases this works fine, this doesn't work in segmented networks. In environments where each rack has its own non-routable PXE network, region controller's IP is unreachable.
This problem is even more exposed if there's a NAT between racks.
Ideally one would be able to set region controller's IP per cluster or the cluster it self would be proxying the traffic to region controller. IMHO, best approach would be where region controller defines API and delegates it to cluster controller. That would leave PXE/Admin traffic contained within the rack/cluster and the only traffic coming to Region controller would be the one from Cluster controller.
This request would imply an architectural change in MAAS and something that's not currently in the Roadmap. This needs further discussion. In the meantime, marking this as a wishlist.