Hi team, I assume both netpols in pic are same. Kindly comment

Hi team,
I assume both netpols in pic are same. Kindly comment.

Shwetha Shenoy V:
You can verify it by checking k describe netpol <netpol name> for both netpols.

Referring description i still have same doubt.

  1. From: NamespaceSelector: <none>

  2. From: <any> (traffic not restricted by source)

Is 1 is same as 2 ? Could be only difference external traffic not allowed in 1 but in 2 its allowed ??

Pavan Kishore Ventrapragada:
I think as you mentioned …1 will not allow external traffic to flow in… where as 2 does that…

Santosh Kaluskar:
1 will will receive traffic from pods in All Namespaces., as it uses namespaceSelector While the second NP will receive traffic only from pods in Default namespace as it uses podSelector and is defined in Default Namespace.

Hi @Sanjeevkumar this may help to validate:
https://orca.tufin.io/netpol/?yaml=apiVersion:%20networking.k8s.io%2Fv1 kind:%20NetworkPolicy metadata: 3|~|name:%20ingress-to-nptest 3|~|namespace:%20default spec: 3|~|podSelector: 5|~|matchLabels: 13|~|run:%20np-test-1 3|~|policyTypes: 3|~|-%20Ingress 3|~|ingress: 3|~|-%20from: 5|~|ports: 5|~|-%20protocol:%20TCP 7|~|port:%2080 |https://orca.tufin.io/netpol/?yaml=apiVersion:%20networking.k8s.io%2Fv1 kind:%20N[…]7Cports: 5|~|-%20protocol:%20TCP 7|~|port:%2080

Hi @unnivkn - Many thanks to you for sharing https://orca.tufin.io/netpol really helped me to understand missing pieces of netpol. :pray: