rc/network
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

exit: leak non-NATted inside routes into default VRF

Browse source 
So we don’t have to NAT inside our own network. We still firewall.
This commit is contained in:
Timotej Lazar 2024-09-03 17:15:12 +02:00
parent 103ecae2e7
commit 6c8309f1c9
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
roles/exit/templates/frr.conf.j2
View file

@ -289,6 +289,8 @@ route-map default-import permit 10
match ip address prefix-list default match ip address prefix-list default
route-map default-import permit 11 route-map default-import permit 11
match ipv6 address prefix-list default match ipv6 address prefix-list default
route-map default-import permit 20
match ip address prefix-list office
route-map default-import permit 21 route-map default-import permit 21
match ipv6 address prefix-list office match ipv6 address prefix-list office
route-map default-import permit 30 route-map default-import permit 30