Skip to content

Commit

Permalink
docs: add limitation for Wireguard node-to-node encryption
Browse files Browse the repository at this point in the history 
Signed-off-by: Yusuke Suzuki <yusuke-suzuki@cybozu.co.jp>
  • Loading branch information
@ysksuzuki @joestringer
ysksuzuki authored and joestringer committed Jun 22, 2023
1 parent 222230a commit 3fc1e87
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions Documentation/security/network/encryption-wireguard.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,12 @@ options:
key in its corresponding ``CiliumNode`` CRD when a worker node's public key
changes, given that the worker node will be unable to do so itself.

N/S load balancer traffic isn't encrypted when an intermediate node redirects
a request to a different node with the following load balancer configuration:

- LoadBalancer & NodePort XDP Acceleration
- Direct Server Return (DSR)

Legal
=====

Expand Down

0 comments on commit 3fc1e87

Please sign in to comment.