As mentioned earlier, data center-specific firewall rules affect all resources, such as clusters, nodes, and virtual machines. Any rules created in this zone are cascaded to both hosts and VMs. This zone is also used to fully lock down a cluster to drop all incoming traffic and then only open what is required. In a freshly installed Proxmox cluster, the data center-wide firewall option is disabled.
CAUTION!
Extra attention should always be used when creating data center-specific firewall rules to prevent full cluster lockout.
Extra attention should always be used when creating data center-specific firewall rules to prevent full cluster lockout.