By default, K3s use Canal (Calico and Flannel) and fully supports network policies.
Run the below command on the master node. for i in kube-system kube-public default; do kubectl get networkpolicies -n $i; done Verify that there are network policies applied to each of the namespaces. An operator should apply NetworkPolcyies that prevent unneeded traffic from traversing networks unnecessarily. An example of applying a NetworkPolcy can be found in the Hardening Guide. https://docs.rancher.cn/docs/k3s/security/hardening-guide/_index