Skip to content

Commit

Permalink
docs: ipsec: remove limitation for native-routing with L7 egress policy
Browse files Browse the repository at this point in the history 
[ upstream commit: 5f18d88 ]

This was addressed by #32683.

Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
Signed-off-by: gray <gray.liang@isovalent.com>
  • Loading branch information
@julianwiedmann @dylandreimerink
julianwiedmann authored and dylandreimerink committed Jun 11, 2024
1 parent 21a4316 commit b98da7f
Showing 1 changed file with 0 additions and 4 deletions.
4 changes: 0 additions & 4 deletions Documentation/security/network/encryption-ipsec.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -314,10 +314,6 @@ To disable the encryption, regenerate the YAML with the option
Limitations
===========

* For clusters running in native routing mode, IPsec encryption is not applied to
connections which are selected by an L7 Egress Network Policy or a DNS Policy.
For more information see `GHSA-j89h-qrvr-xc36
<https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36>`__.
* Transparent encryption is not currently supported when chaining Cilium on
top of other CNI plugins. For more information, see :gh-issue:`15596`.
* :ref:`HostPolicies` are not currently supported with IPsec encryption.
Expand Down

0 comments on commit b98da7f

Please sign in to comment.