github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f25195f6cf1754c8141bad12136af78945b37481
firezone/scripts/router
History
Thomas Eizinger e374560ecc ci: increase txqueuelen in containers (#10713) 
By default, Docker creates network interfaces with a txqueuelen of 1000.
This is pretty small and causes unnecessary packet drops when running
perf tests in that setup.
2025-10-27 04:40:45 +00:00
..
Dockerfile
ci: create a more realistic network setup (#10301)
2025-09-10 23:37:16 +00:00
README.md
ci: create a more realistic network setup (#10301)
2025-09-10 23:37:16 +00:00
router.nft
ci: create a more realistic network setup (#10301)
2025-09-10 23:37:16 +00:00
router.sh
ci: increase txqueuelen in containers (#10713)
2025-10-27 04:40:45 +00:00

README.md

Router

This container acts as a simple router how they are found on the public Internet. By default, no inbound traffic is allowed, except for:

  • responses of previously outgoing connections
  • explicit port forwarding

The router uses nftables to enforce these rules.

We also make several assumptions about the docker-compose setup that we are running in:

  • The network interface between the router and its container must be called internal
  • The public network interface on the other side must be called internet
  • IPv4 and IPv6 must be available on both interfaces
Reference in New Issue View Git Blame Copy Permalink