I have 3 VPS based on Ubuntu 18.04 server OS and would like to open particular ports on each servers. The ports, that I would like to open are:

Then let's take a look on the environment:

As you can see on the image, every server has a public IP address.

Now, I would like configure the UFW firewall, so that only those 3 IP addresses are allowed to communicate through the ports, that are listed above. For example, the server with the IP 120.88.41.175 has the permission to access the server with the IP 120.88.41.176 through the ports, that I've listed above. The access should be bidirectional.

But the server with the IP address 120.88.42.175 has no permission to access the server with IP address 120.88.41.176.

I know, that UFW offers settings to allow particular IP to access particular port on the server, for example:

sudo ufw allow from 120.88.41.175 to any port 6443* proto tcp

Now the server 120.88.41.175 has access to the server 120.88.41.176 through port 6443* .

Then a bad person comes and try to access the server 120.88.41.176 through the port 64435 and he/she identifies themself as 120.88.41.176 . Now he/she can do bad stuff on the server.

The question is, how can I protect my VPS from such as violation but at the same time, keep the open the ports? I need to open the ports because I am going to build a kubernetes cluster.