Skip to content
This repository was archived by the owner on Mar 16, 2026. It is now read-only.

Firewall Precedence#98

Draft
mwindower wants to merge 17 commits into
masterfrom
firewall-precedence
Draft

Firewall Precedence#98
mwindower wants to merge 17 commits into
masterfrom
firewall-precedence

Conversation

@mwindower
Copy link
Copy Markdown
Contributor

@mwindower mwindower commented Mar 30, 2023

Closes #97

Idea: Prolong AS-Path in all directions (except the underlay)

  • for IPs of external networks produced in a cluster
  • for routes to storage
  • for the default routes / internet access of the cluster

@Honigeintopf Honigeintopf mentioned this pull request Nov 5, 2024
Open
majst01
majst01 reviewed Nov 6, 2024
View reviewed changes
Comment thread pkg/netconf/routemap.go
@Honigeintopf
Copy link
Copy Markdown

Honigeintopf commented Nov 6, 2024
edited
Loading

I will add the distance to the InstallerConfig in metal hammer, this is used as config to be input from fc to metal-networker.
That way we can also test it better.

https://github.com/metal-stack/metal-hammer/blob/eaceba8987b759f21449ec965c1758da17c5a75a/pkg/api/api.go#L16C1-L43C2

Otherwise I have to manually input the distance from fc to metal-networker and testing it is also not as good that way.

fwDistance := uint8(f.Distance)
a := netconf.NewFrrConfigApplier(netconf.Firewall, *c, tmpFile, fwDistance)

what do you think? @majst01

@majst01
Copy link
Copy Markdown
Contributor

majst01 commented Nov 6, 2024

I will add the distance to the InstallerConfig in metal hammer, this is used as config to be input from fc to metal-networker. That way we can also test it better.

https://github.com/metal-stack/metal-hammer/blob/eaceba8987b759f21449ec965c1758da17c5a75a/pkg/api/api.go#L16C1-L43C2

Otherwise I have to manually input the distance from fc to metal-networker and testing it is also not as good that way.

fwDistance := uint8(f.Distance)
a := netconf.NewFrrConfigApplier(netconf.Firewall, *c, tmpFile, fwDistance)

what do you think? @majst01

This will not help, it must be done in the firewall controller

@Honigeintopf
Copy link
Copy Markdown

Honigeintopf commented Nov 6, 2024

I will add the distance to the InstallerConfig in metal hammer, this is used as config to be input from fc to metal-networker. That way we can also test it better.
https://github.com/metal-stack/metal-hammer/blob/eaceba8987b759f21449ec965c1758da17c5a75a/pkg/api/api.go#L16C1-L43C2
Otherwise I have to manually input the distance from fc to metal-networker and testing it is also not as good that way.

fwDistance := uint8(f.Distance)
a := netconf.NewFrrConfigApplier(netconf.Firewall, *c, tmpFile, fwDistance)

what do you think? @majst01

This will not help, it must be done in the firewall controller

Sorry wrong issue. This is about the firewall-controller function.

@Honigeintopf Honigeintopf mentioned this pull request Nov 6, 2024
Open
@github-project-automation github-project-automation Bot moved this to Review in Development Jun 5, 2025
@Gerrit91 Gerrit91 removed the status in Development Jun 13, 2025
@Gerrit91 Gerrit91 moved this to Done in Development May 7, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers

@majst01 majst01 majst01 left review comments

@Honigeintopf Honigeintopf Honigeintopf left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@Honigeintopf Honigeintopf

Labels

None yet

Projects

Development
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Configurable precedence of firewalls

5 participants

@mwindower @Honigeintopf @majst01 @vknabel @Gerrit91