Clarification on default route propagation

Signed-off-by: Milan Lenco <milan@zededa.com>

proto/config/netinst.proto

@@ -113,6 +113,12 @@ message NetworkInstanceConfig {
   AddressType ipType = 39;
 
   // network ip specification
+  // If ip.gateway is set to all-zeroes IP, default route will not be propagated
+  // to applications for interfaces connected to this network instance.
+  // Default route propagation is also automatically suppressed when the network
+  // instance is air-gapped or when the uplink is app-shared without default route
+  // configured. This behaviour can be further customized using static_routes
+  // (see below).
   ipspec ip = 40;
 
   // static DNS entry, if we are running DNS/DHCP service
@@ -137,11 +143,14 @@ message NetworkInstanceConfig {
   // routes can be propagated at the same time, there are no restrictions for using both.
   //
   // Note that the default route (with the bridge IP as the gateway) is automatically
-  // propagated to connected applications unless explicitly disabled by setting
-  // NetworkInstanceConfig.ip.gateway to an all-zeroes IP or when the uplink is app-shared
-  // (not management) and does not have a default route of its own. In the latter case,
-  // it is possible to enforce default route propagation by configuring a static default
-  // route for the network instance.
+  // propagated to connected applications with these exceptions:
+  //  a) default route propagation is explicitly disabled by setting
+  //     NetworkInstanceConfig.ip.gateway to an all-zeroes IP
+  //  b) network instance is air-gapped (without uplink)
+  //  c) the uplink is app-shared (not management) and does not have a default route
+  //     of its own
+  // In the b) and c) cases, it is possible to enforce default route propagation
+  // by configuring a static default route for the network instance.
   //
   // This option is only valid for local network instances. For other types
   // of network instances, it will be ignored.