Host endpoints
Host endpoints
Reference overview of host endpoint protection in Calico Enterprise covering the model for securing host network interfaces with policy.
Creating policy for basic connectivity
Reference for the Calico Enterprise failsafe policy that protects host endpoints from being cut off when host network policy is misconfigured.
Creating host endpoint objects
Reference for the HostEndpoint object in Calico Enterprise describing how to model a host network interface so policy can select it.
Selector-based policies
Reference for ordered host endpoint policies in Calico Enterprise that match interfaces using label selectors.
Failsafe rules
Reference for the Calico Enterprise failsafe inbound and outbound port lists that prevent host network policy from cutting off control-plane connectivity.
Pre-DNAT policy
Reference for pre-DNAT host endpoint policy in Calico Enterprise that applies rules to ingress traffic before destination NAT rewrites the address.
Apply on forwarded traffic
Reference for the applyOnForward field on Calico Enterprise host endpoint policy that controls how rules apply to forwarded traffic.
Summary of host endpoint policies
Reference summary describing how the different Calico Enterprise host endpoint policy types interact and affect packet flows.
Connection tracking
Reference covering Linux conntrack workarounds for Calico Enterprise host endpoint policy when stateful tracking interferes with packet flow.