During xNIC installation, the Linux rp_filter is set to loose mode by default at runtime. This allows for the xNIC to work on asymmetric networks, meaning that it can receive packets from machines outside of its subnet if the source is routable.
Although swXtch.io does not recommend doing this, users can opt out of this configuration by navigating to the swx-xnic-config.json file after completing the xNIC installation process. This file can be found in /var/opt/swxtch/swx-xnic-config.json. To edit the file, use any editor, like nano, as shown below:
sudo nano /var/opt/swxtch/swx-xnic-config.jsonNext to "overrideSrcIP" in the JSON file, change the parameter to true. Save the file and restart the xNIC VM. This will set the rp_filter back to the original mode and will remain like that for future reboots. Note that this means our software will do source network address translation on incoming packets.
Contact support if you need more information regarding this configuration.