{"id":1688,"date":"2024-07-12T16:41:11","date_gmt":"2024-07-12T21:41:11","guid":{"rendered":"https:\/\/cloudlearning365.com\/?p=1688"},"modified":"2024-07-12T16:54:11","modified_gmt":"2024-07-12T21:54:11","slug":"aviatrix-fqdn-egress-legacy-design-considerations","status":"publish","type":"post","link":"https:\/\/cloudlearning365.com\/?p=1688","title":{"rendered":"Aviatrix FQDN Egress (legacy) design considerations"},"content":{"rendered":"\n<ol class=\"wp-block-list\">\n<li>Base policy of a tag can either be Allow or Deny, it cannot be both<\/li>\n\n\n\n<li>When base policy is allow:\n<ul class=\"wp-block-list\">\n<li>tag entries using base policy will be allowed<\/li>\n\n\n\n<li>tag entries using explicit allow will be allowed,<\/li>\n\n\n\n<li>tag entries using explicit deny will be dropped<\/li>\n\n\n\n<li>Any other FQDN not in the tag entries will be dropped.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>When base policy is deny:\n<ul class=\"wp-block-list\">\n<li>tag entries using base policy will be dropped.<\/li>\n\n\n\n<li>tag entries using explicit deny would be dropped<\/li>\n\n\n\n<li>tag entries using explicit allow will be allowed. <\/li>\n\n\n\n<li>Any other FQDN not in the tag entries will be allowed.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>When multiple tags are associated with the same FQDN gateway, they must all have same type of Base policy\n<ul class=\"wp-block-list\">\n<li>either all tags base policy use Allow<\/li>\n\n\n\n<li>or all tags base policy use Deny<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Only HTTP\/HTTPs traffic support wildcard FQDN (eg: *.domain.com). None HTTP\/HTTPs traffic requires specific FQDN (eg: custom.protocol.domain.com)<\/li>\n\n\n\n<li>When there are multiple tags associated with same FQDN gateways, for example:\n<ul class=\"wp-block-list\">\n<li>Tag 1 edit source option not been used<\/li>\n\n\n\n<li>Tag 2 edit source option not been used<\/li>\n\n\n\n<li>Tag 3 edit source option used and linked to source CIDR: 10.16.64.0\/24<\/li>\n\n\n\n<li>When 10.16.64.4 initiate egress traffic, Tag 3 will be applied first, as it matches more specific source CIDR range 10.16.64.0\/24. Then less specific tags, such as Tag 1 and Tag 2 (not necessary the order listed in GUI) will be applied.<\/li>\n\n\n\n<li>Aviatrix controller will program the order of Tag1 and Tag2, you will have to engage Aviatrix Support to find out the exact sequence programmed on FQDN gateway.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>If a match of deny rule was applied, no further tags will be processed.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2],"tags":[],"class_list":["post-1688","post","type-post","status-publish","format-standard","hentry","category-aviatrix"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1688"}],"version-history":[{"count":3,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1688\/revisions"}],"predecessor-version":[{"id":1693,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1688\/revisions\/1693"}],"wp:attachment":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}