Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Secure BGP setup for Kubernetes cluster
« previous
next »
Print
Pages: [
1
]
Author
Topic: Secure BGP setup for Kubernetes cluster (Read 2820 times)
newtwork_noob_2878237843
Newbie
Posts: 10
Karma: 0
Secure BGP setup for Kubernetes cluster
«
on:
September 24, 2021, 02:07:22 pm »
I just successfully set up BGP routing with FRR to help with load balancing my K8s cluster (with Metallb). I followed instructions from
https://blog.xirion.net/posts/metallb-opnsense/
. I want the services in my k8s cluster to be advertised only to the local network. However, after setting up BGP I started seeing crazy amounts of suspicious traffic to the internet in Suricata on one of my K8s nodes. What did I screw up? Screenshots attached. Any tips would be much appreciated!
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Secure BGP setup for Kubernetes cluster
«
Reply #1 on:
September 24, 2021, 02:21:39 pm »
You need to post the routing table ...
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
newtwork_noob_2878237843
Newbie
Posts: 10
Karma: 0
Re: Secure BGP setup for Kubernetes cluster
«
Reply #2 on:
September 24, 2021, 03:11:46 pm »
Sorry, routing table attached
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Secure BGP setup for Kubernetes cluster
«
Reply #3 on:
September 24, 2021, 05:07:52 pm »
There is no default gateway so there shouldnt be anything
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
newtwork_noob_2878237843
Newbie
Posts: 10
Karma: 0
Re: Secure BGP setup for Kubernetes cluster
«
Reply #4 on:
September 24, 2021, 05:36:17 pm »
Thank you. By "there shouldn't be anything" do you mean there shouldn't be any security vulnerabilities associated with BGP? Many thanks
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Secure BGP setup for Kubernetes cluster
«
Reply #5 on:
September 24, 2021, 06:47:02 pm »
If this is the routing table of k8s node then its safe
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
newtwork_noob_2878237843
Newbie
Posts: 10
Karma: 0
Re: Secure BGP setup for Kubernetes cluster
«
Reply #6 on:
September 24, 2021, 07:17:05 pm »
This is the routing table from opnsense, not from the K8s nodes
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Secure BGP setup for Kubernetes cluster
«
Reply #7 on:
September 24, 2021, 07:19:43 pm »
OK, and when k8s use OPN as Gateway, also safe
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
newtwork_noob_2878237843
Newbie
Posts: 10
Karma: 0
Re: Secure BGP setup for Kubernetes cluster
«
Reply #8 on:
September 24, 2021, 07:40:16 pm »
That's great news. I must have been just paranoid about the traffic I saw. Many thanks!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Secure BGP setup for Kubernetes cluster