New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

devices/vxlan: Add no-nat and revise firewall rules in vxlan_bridge.rst #658

Open

2 tasks done

Monviech opened this issue Jan 10, 2025 · 0 comments

Open

2 tasks done

devices/vxlan: Add no-nat and revise firewall rules in vxlan_bridge.rst #658

Monviech opened this issue Jan 10, 2025 · 0 comments

Assignees

Labels

cleanup

Member

Monviech commented Jan 10, 2025

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

I have read the contributing guide lines at https://github.com/opnsense/docs/blob/master/CONTRIBUTING.md
I have searched the existing issues and I am convinced that mine is new.

Is your feature request related to a problem? Please describe.

To prevent traffic of being initially NATed and send out of the default gateway when the VXLAN tunnel is not yet up, a no-nat rule on the WAN interface should be implemented for the (internal) IP networks that are sent via VXLAN.
Loopback interfaces do not need firewall rules.

Monviech added the cleanup label

Monviech self-assigned this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment