Wildcard Devices
Some overlay network configurations require allowing all traffic inbound or outbound to a specific IP. This can be accomplished with a wildcard 0.0.0.0 network device.
- Applies to:
A 0.0.0.0 device functions as a wildcard, and when configuring trust, selecting the 0.0.0.0 device applies the trust policy to all devices behind the parent HIPswitch. However, there are several things to consider when planning a configuration that uses the 0.0.0.0 wildcard device.
- Each overlay network can only have one 0.0.0.0 address to avoid the possibility of IP address conflicts.
- If your HIPswitch is running a version prior to 2.1.3, overlay networks containing a 0.0.0.0 device cannot use subnet routing or NAT.
- HIPswitches running version 2.1.3 or above support subnet routing, NAT, and SNAT. It is recommended all HIPservices in an overlay network with the 0.0.0.0 wildcard device run version 2.1.3 or later.
- HIPclients and HIPservers do not support the 0.0.0.0 wildcard device.
How to configure wildcard device
- Go to HIPservices and select a HIPservice.
- Add a new device with the IP address set to 0.0.0.0. See Add devices to the Conductor for more information about adding devices.
- Go to Overlays and select the overlay network for which you are configuring trust.
- In the Devices tab, click the button for the 0.0.0.0 device, and then select the other devices and groups in the overlay network that require communications with the devices represented by the 0.0.0.0 wildcard device.