rc/network
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

exit: add routes for internal IPv4 addresses to outside VRF

Browse source 
Routed through and mostly dropped by the firewall, of course. So we
don’t necessarily have to do NAT for everything that comes from the
old / USI network.
This commit is contained in:
Timotej Lazar 2024-08-13 19:02:03 +02:00
parent fe8f9161d9
commit 7b5980f871
2 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/exit/templates/frr.conf.j2
View file

@ -358,6 +358,8 @@ route-map firewall->outside permit 1
match ip address prefix-list fabric
route-map firewall->outside permit 2
match ipv6 address prefix-list fabric
route-map firewall->outside permit 20
match ip address prefix-list office
route-map firewall->outside permit 21
match ipv6 address prefix-list office
route-map firewall->outside permit 30