You have a Cilium-managed Kubernetes cluster where you want to allow endpoints labeled `role=frontend` to communicate with endpoints labeled `role=backend`. Which type of Layer 3 policy would you implement?
An administrator wants to apply a network policy that intercepts all DNS traffic without restricting any other traffic on the endpoints. Which field should they configure in the policy to achieve this behavior?
You have defined a Cilium egress Layer 4 policy for endpoints labeled app=myService to allow only TCP traffic on port 80. What will happen to ICMP traffic from these endpoints?