# Rollback And Recovery Guide

The Gateway should treat rollback as a first-class install requirement. Operators should know how to return to a known-good state before applying routing, DNS, firewall, or remote access changes.

## Required Before Apply

- Current admin access path recorded.
- Known-good network state saved.
- DNS resolver state recorded.
- Route table and policy state recorded.
- Firewall state recorded.
- Remote access dependency documented.
- Backup location and restore procedure known.
- Out-of-band access plan documented where possible.

## Recovery Checklist

1. Stop applying new changes.
2. Confirm whether admin access is local, remote, or out-of-band.
3. Restore known-good firewall state.
4. Restore known-good DNS resolver state.
5. Restore route and fallback policy.
6. Confirm local client connectivity.
7. Confirm gateway management access.
8. Run route/DNS checks.
9. Document the failed change, observed behavior, and remaining risk.

## Report Fields

- Deployment mode.
- Change attempted.
- Trigger for rollback.
- Last known-good state.
- Recovery path used.
- Route/DNS/fallback result after recovery.
- Evidence attached.
- Remaining risk.

Do not include secrets, private topology, unredacted logs, or full traffic captures in public reports.