graymon
graymon
Can't reopen because "branch was force-pushed" :grimacing: 
All green! Let's review this PR. Once approved I'll drop the last 3 patches which are for temporary leak detection.
I have to put this into draft because https://github.com/cilium/cilium/pull/32331 seems to have changed something about masquerade so my iptables patch https://github.com/cilium/cilium/pull/32683/commits/c6a38e9122ebf4991c86bc6d57d7b22a8a1788e4 no longer makes sense. In fact it can't pass...
Closed in favor of https://github.com/cilium/cilium/pull/32683
Correct me if I'm wrong, strict mode CIDR doesn't care if it's pod-to-pod or node-to-node, this seems to me that we want to specify multiple strict mode CIDRs, such as...
/ci-ipsec-upgrade
Maybe even the first 2 patches are also not needed? Will try later.
> Rebase the latest main to include #32331, drop the f817fc1 to see if it's still needed. No we still need that: https://github.com/cilium/cilium/actions/runs/9205906830/job/25322612955 I think this is because adding `0xb00...
CI checks are almost green:  Except ci-ipsec-e2e: https://github.com/cilium/cilium/actions/runs/9348861747 The above failure is a known issue due to the race condition of leak detection, that will be fixed soon. Leak...