Hello!,
I have a cluster up & running, with several network interface, EVPN/VXLAN, external BGP peering and Ceph.
Now I would like to enable PVE firewall to manage filtering.
Given a complex network environment already built, I'm worried about breaking the cluster beyond repair activating the firewall. Is there a good document stating the flows that should be allowed in a cluster?
I have a cluster up & running, with several network interface, EVPN/VXLAN, external BGP peering and Ceph.
Now I would like to enable PVE firewall to manage filtering.
Given a complex network environment already built, I'm worried about breaking the cluster beyond repair activating the firewall. Is there a good document stating the flows that should be allowed in a cluster?
Last edited: