We currently have some cloud egress NAT exceptions for wikimedia APT repositories:
- apt1001.wikimedia.org
- apt1002.wikimedia.org
- sodium.wikimedia.org
These servers are in production public VLAN with public IPv4
I cannot find a reason why we need that. Moreover, sodium is currently migrating, see T286898: Setup new mirror server (mirror1001.wikimedia.org) so this could be the perfect time to revisit this.