Operator runbook

Install and provision without losing recovery.

Bring up a local gateway, then validate routing, DNS, fallback, and privacy posture before trusting the deployment.

01Preflight
Confirm recovery access, map interfaces, export current network state, and define failure behavior.
02Preview
Create device group, DNS ownership, route profile, and fallback behavior in dry-run mode.
03Apply
Apply only after the operator confirms rollback for firewall, DNS, route, and admin access changes.
04Validate
Check admin UI, DHCP/DNS behavior, route trace, fallback state, leak posture, and known-good backup.

Use read-only discovery first: ip addr, ip route, resolver status, failed services, and current firewall state.

Disable policy apply, restore known-good route/DNS/firewall state, restart affected services, and confirm local admin access.

Report deployment mode, interface map, policy summary, DNS trace, route trace, fallback behavior, remaining risks, and rollback location.

Next action

Request a guided runbook execution.

Use support intake when the install needs operator review, recovery planning, or policy design help.