search

openziti / ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
https://openziti.io
Apache License 2.0
2.82k stars 159 forks source link

Support for subnets in host address config #2367

Open surennaidu opened 2 months ago

surennaidu commented 2 months ago

Ziti currently supports a single IP address as host address when the intercept is a subnet and the host IP is a different IP. The issue is raised for support to use subnets for the host addresses that is different from the intercept address. Example, a /24 address would be used for intercept and another /24 as the host address and a 1:1 translation is expected between the intercept and host addresses.

Example Intercept subnet - 192.168.1.0/24 Host subnet - 192.168.2.0/24

Traffic for intercept 192.168.1.1 is sent to 192.168.2.1 and similarly for the rest of the IPs in the subnet. image

dovholuknf commented 2 months ago

I thought this was asking for a UI change when I first read it but after looking at it more, this is asking for NAT-esque functionality. transferring back to the ziti project, but this will have ramifications on numerous projects...