hscontrol/policy/v2: replace routes golden data with Tailscale SaaS captures

Replace the headscale-adapted routes golden files with authoritative captures from Tailscale SaaS using the 12-node topology (8 original grant nodes + 4 new route-specific nodes: ha-router1, ha-router2, big-router, multi-router). The golden data was captured via debug-packet-filter-rules from all 12 nodes. The routes driver now falls back to the standard 3-user setup when topology.users is absent (matching the SaaS capture format) and converts @passkey/@dalby.cc emails to @example.com. 92 test cases captured, all valid JSON, all from Tailscale SaaS. Updates #2180
2026-04-10 19:17:25 +02:00 · 2026-03-17 16:32:41 +00:00
parent 162e1dc35b
commit 91aac1ceb2
185 changed files with 22150 additions and 15834 deletions
--- a/hscontrol/policy/v2/tailscale_routes_data_compat_test.go
+++ b/hscontrol/policy/v2/tailscale_routes_data_compat_test.go
@@ -88,13 +88,24 @@ func buildRoutesUsersAndNodes(
 ) (types.Users, types.Nodes) {
 	t.Helper()

-	// Build users
-	users := make(types.Users, 0, len(topo.Users))
-	for _, u := range topo.Users {
-		users = append(users, types.User{
-			Model: gorm.Model{ID: u.ID},
-			Name:  u.Name,
-		})
+	// Build users — if topology has users section, use it.
+	// Otherwise fall back to the standard 3-user setup matching
+	// the grant topology (used by Tailscale SaaS captures).
+	var users types.Users
+	if len(topo.Users) > 0 {
+		users = make(types.Users, 0, len(topo.Users))
+		for _, u := range topo.Users {
+			users = append(users, types.User{
+				Model: gorm.Model{ID: u.ID},
+				Name:  u.Name,
+			})
+		}
+	} else {
+		users = types.Users{
+			{Model: gorm.Model{ID: 1}, Name: "kratail2tid", Email: "kratail2tid@example.com"},
+			{Model: gorm.Model{ID: 2}, Name: "kristoffer", Email: "kristoffer@example.com"},
+			{Model: gorm.Model{ID: 3}, Name: "monitorpasskeykradalby", Email: "monitorpasskeykradalby@example.com"},
+		}
 	}

 	// Build nodes
@@ -206,8 +217,11 @@ func TestRoutesCompat(t *testing.T) {
 			// Build topology from JSON
 			users, nodes := buildRoutesUsersAndNodes(t, tf.Topology)

+			// Convert Tailscale SaaS user emails to headscale format
+			policyJSON := convertPolicyUserEmails(tf.Input.FullPolicy)
+
 			// Parse and validate policy
-			pol, err := unmarshalPolicy(tf.Input.FullPolicy)
+			pol, err := unmarshalPolicy(policyJSON)
 			require.NoError(
 				t,
 				err,
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-A1_wildcard_acl_includes_routes_in_srcips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-A1_wildcard_acl_includes_routes_in_srcips.json
@@ -1,285 +0,0 @@
-{
-  "test_id": "ROUTES-A1_wildcard_acl_includes_routes_in_srcips",
-  "source": "headscale_adapted",
-  "parent_test": "SubnetBasics",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.64.0.0/10",
-            "fd7a:115c:a1e0::/48",
-            "10.0.0.0/8",
-            "10.33.0.0/16",
-            "172.16.0.0/24",
-            "192.168.1.0/24"
-          ],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "client2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "user1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-A2_tag_based_acl_excludes_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-A2_tag_based_acl_excludes_routes.json
@@ -1,202 +0,0 @@
-{
-  "test_id": "ROUTES-A2_tag_based_acl_excludes_routes",
-  "source": "headscale_adapted",
-  "parent_test": "SubnetBasics",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:router"],
-          "dst": ["tag:router:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.100.100.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.119.139.79/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::4001:8ba0/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::6401:6401/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-A3_explicit_subnet_filter_to_router.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-A3_explicit_subnet_filter_to_router.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-A3_explicit_subnet_filter_to_router",
-  "source": "headscale_adapted",
-  "parent_test": "SubnetBasics",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-A3b_autogroup_member_to_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-A3b_autogroup_member_to_subnet.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-A3b_autogroup_member_to_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "SubnetBasics",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-A4_multiple_routes_same_router.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-A4_multiple_routes_same_router.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-A4_multiple_routes_same_router",
-  "source": "headscale_adapted",
-  "parent_test": "SubnetBasics",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["172.16.0.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-A5_host_alias_to_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-A5_host_alias_to_subnet.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-A5_host_alias_to_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "SubnetBasics",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["internal:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B10_exit_routes_not_in_primaryroutes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B10_exit_routes_not_in_primaryroutes.json
@@ -1,124 +0,0 @@
-{
-  "test_id": "ROUTES-B10_exit_routes_not_in_primaryroutes",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {}
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B1_exit_routes_not_in_srcips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B1_exit_routes_not_in_srcips.json
@@ -1,124 +0,0 @@
-{
-  "test_id": "ROUTES-B1_exit_routes_not_in_srcips",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {}
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B2_tag_exit_excludes_exit_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B2_tag_exit_excludes_exit_routes.json
@@ -1,232 +0,0 @@
-{
-  "test_id": "ROUTES-B2_tag_exit_excludes_exit_routes",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:exit"],
-          "dst": ["tag:exit:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.121.32.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::7f01:2004/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.121.32.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::7f01:2004/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B3_exit_node_advertises_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B3_exit_node_advertises_routes.json
@@ -1,124 +0,0 @@
-{
-  "test_id": "ROUTES-B3_exit_node_advertises_routes",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {}
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B4_multi_router_has_both_route_types.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B4_multi_router_has_both_route_types.json
@@ -1,173 +0,0 @@
-{
-  "test_id": "ROUTES-B4_multi_router_has_both_route_types",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "100.64.0.0/10",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::/48",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B5_exit_with_wildcard_dst.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B5_exit_with_wildcard_dst.json
@@ -1,124 +0,0 @@
-{
-  "test_id": "ROUTES-B5_exit_with_wildcard_dst",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {}
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B6_exit_node_option_field.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B6_exit_node_option_field.json
@@ -1,171 +0,0 @@
-{
-  "test_id": "ROUTES-B6_exit_node_option_field",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:exit"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B7_multiple_exit_nodes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B7_multiple_exit_nodes.json
@@ -1,153 +0,0 @@
-{
-  "test_id": "ROUTES-B7_multiple_exit_nodes",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:exit"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B8_autogroup_internet_no_filters.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B8_autogroup_internet_no_filters.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-B8_autogroup_internet_no_filters",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["autogroup:internet:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-B9_exit_routes_in_allowedips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-B9_exit_routes_in_allowedips.json
@@ -1,124 +0,0 @@
-{
-  "test_id": "ROUTES-B9_exit_routes_in_allowedips",
-  "source": "headscale_adapted",
-  "parent_test": "ExitNodes",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {}
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D10_auto_approval_retroactive.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D10_auto_approval_retroactive.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D10_auto_approval_retroactive",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D11_overlapping_auto_approvers.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D11_overlapping_auto_approvers.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D11_overlapping_auto_approvers",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.0.0.0/8:80"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.0.0.0/8",
-              "Ports": {
-                "First": 80,
-                "Last": 80
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.0.0.0/8",
-              "Ports": {
-                "First": 80,
-                "Last": 80
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.0.0.0/8",
-              "Ports": {
-                "First": 80,
-                "Last": 80
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.0.0.0/8",
-              "Ports": {
-                "First": 80,
-                "Last": 80
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D1_basic_route_auto_approval.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D1_basic_route_auto_approval.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D1_basic_route_auto_approval",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D2_nested_prefix_approval.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D2_nested_prefix_approval.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D2_nested_prefix_approval",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D3_exact_prefix_approval.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D3_exact_prefix_approval.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D3_exact_prefix_approval",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D4_prefix_not_covered.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D4_prefix_not_covered.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D4_prefix_not_covered",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D5_wrong_tag_not_approved.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D5_wrong_tag_not_approved.json
@@ -1,236 +0,0 @@
-{
-  "test_id": "ROUTES-D5_wrong_tag_not_approved",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:router"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D6_exit_node_auto_approval.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D6_exit_node_auto_approval.json
@@ -1,142 +0,0 @@
-{
-  "test_id": "ROUTES-D6_exit_node_auto_approval",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D7_exit_auto_approval_wrong_tag.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D7_exit_auto_approval_wrong_tag.json
@@ -1,147 +0,0 @@
-{
-  "test_id": "ROUTES-D7_exit_auto_approval_wrong_tag",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:exit"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D8_auto_approval_acl_interaction.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D8_auto_approval_acl_interaction.json
@@ -1,236 +0,0 @@
-{
-  "test_id": "ROUTES-D8_auto_approval_acl_interaction",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-D9_auto_approval_triggers_on_advertise.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-D9_auto_approval_triggers_on_advertise.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-D9_auto_approval_triggers_on_advertise",
-  "source": "headscale_adapted",
-  "parent_test": "AutoApprover",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-E1_ha_two_routers_same_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-E1_ha_two_routers_same_subnet.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-E1_ha_two_routers_same_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "HARouters",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-E2_ha_primary_in_allowedips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-E2_ha_primary_in_allowedips.json
@@ -1,131 +0,0 @@
-{
-  "test_id": "ROUTES-E2_ha_primary_in_allowedips",
-  "source": "headscale_adapted",
-  "parent_test": "HARouters",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-E3_ha_secondary_no_route_in_allowedips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-E3_ha_secondary_no_route_in_allowedips.json
@@ -1,131 +0,0 @@
-{
-  "test_id": "ROUTES-E3_ha_secondary_no_route_in_allowedips",
-  "source": "headscale_adapted",
-  "parent_test": "HARouters",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-E4_ha_both_get_filters_host_alias.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-E4_ha_both_get_filters_host_alias.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-E4_ha_both_get_filters_host_alias",
-  "source": "headscale_adapted",
-  "parent_test": "HARouters",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["subnet24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-E5_first_advertiser_is_primary.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-E5_first_advertiser_is_primary.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-E5_first_advertiser_is_primary",
-  "source": "headscale_adapted",
-  "parent_test": "HARouters",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F1_filter_on_destination_not_source.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F1_filter_on_destination_not_source.json
@@ -1,194 +0,0 @@
-{
-  "test_id": "ROUTES-F1_filter_on_destination_not_source",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F2_subnet_as_acl_source.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F2_subnet_as_acl_source.json
@@ -1,299 +0,0 @@
-{
-  "test_id": "ROUTES-F2_subnet_as_acl_source",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["10.33.0.0/16"],
-          "dst": ["autogroup:member:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["10.33.0.0/16"],
-          "DstPorts": [
-            {
-              "IP": "100.116.73.38/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.89.42.23/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.90.199.68/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::a801:4949/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::d01:2a2e/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::2d01:c747/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "client2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["10.33.0.0/16"],
-          "DstPorts": [
-            {
-              "IP": "100.116.73.38/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.89.42.23/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.90.199.68/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::a801:4949/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::d01:2a2e/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::2d01:c747/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "user1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["10.33.0.0/16"],
-          "DstPorts": [
-            {
-              "IP": "100.116.73.38/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.89.42.23/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.90.199.68/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::a801:4949/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::d01:2a2e/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::2d01:c747/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F3_wildcard_src_specific_dst.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F3_wildcard_src_specific_dst.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-F3_wildcard_src_specific_dst",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F4_specific_src_wildcard_dst.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F4_specific_src_wildcard_dst.json
@@ -1,173 +0,0 @@
-{
-  "test_id": "ROUTES-F4_specific_src_wildcard_dst",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:router"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F5_bidirectional_subnet_access.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F5_bidirectional_subnet_access.json
@@ -1,248 +0,0 @@
-{
-  "test_id": "ROUTES-F5_bidirectional_subnet_access",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:*"]
-        },
-        {
-          "action": "accept",
-          "src": ["10.33.0.0/16"],
-          "dst": ["autogroup:member:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["10.33.0.0/16"],
-          "DstPorts": [
-            {
-              "IP": "100.116.73.38/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.89.42.23/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.90.199.68/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::2d01:c747/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::a801:4949/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::d01:2a2e/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::2d01:c747/128",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::2d01:c747/128",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F6_filter_srcips_expansion.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F6_filter_srcips_expansion.json
@@ -1,194 +0,0 @@
-{
-  "test_id": "ROUTES-F6_filter_srcips_expansion",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::2d01:c747/128",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::2d01:c747/128",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F7_filter_dstports_shows_acl_cidr.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F7_filter_dstports_shows_acl_cidr.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-F7_filter_dstports_shows_acl_cidr",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.1.0/24",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.1.0/24",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F8_route_enabled_acl_denies.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F8_route_enabled_acl_denies.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-F8_route_enabled_acl_denies",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["group:empty"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-F9_route_disabled_acl_allows.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-F9_route_disabled_acl_allows.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-F9_route_disabled_acl_allows",
-  "source": "headscale_adapted",
-  "parent_test": "FilterPlacement",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.99.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G1_port_restriction_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G1_port_restriction_subnet.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-G1_port_restriction_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "ProtocolPort",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G2_port_range_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G2_port_range_subnet.json
@@ -1,137 +0,0 @@
-{
-  "test_id": "ROUTES-G2_port_range_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "ProtocolPort",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:80-443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G3_multiple_ports_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G3_multiple_ports_subnet.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-G3_multiple_ports_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalG",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:22,80,443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G4_protocol_icmp_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G4_protocol_icmp_subnet.json
@@ -1,209 +0,0 @@
-{
-  "test_id": "ROUTES-G4_protocol_icmp_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalProtocol",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*"],
-          "proto": "icmp"
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [1]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [1]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [1]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [1]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G5_protocol_tcp_only.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G5_protocol_tcp_only.json
@@ -1,209 +0,0 @@
-{
-  "test_id": "ROUTES-G5_protocol_tcp_only",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalProtocol",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:22"],
-          "proto": "tcp"
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G6_protocol_udp_only.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G6_protocol_udp_only.json
@@ -1,209 +0,0 @@
-{
-  "test_id": "ROUTES-G6_protocol_udp_only",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalProtocol",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:53"],
-          "proto": "udp"
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [17]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [17]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [17]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [17]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G7_all_ports_wildcard.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G7_all_ports_wildcard.json
@@ -1,137 +0,0 @@
-{
-  "test_id": "ROUTES-G7_all_ports_wildcard",
-  "source": "headscale_adapted",
-  "parent_test": "ProtocolPort",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.33.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-G8_default_ipproto.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-G8_default_ipproto.json
@@ -1,131 +0,0 @@
-{
-  "test_id": "ROUTES-G8_default_ipproto",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalG",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H10_very_small_prefix.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H10_very_small_prefix.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-H10_very_small_prefix",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.100/32:80"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.100/32",
-              "Ports": {
-                "First": 80,
-                "Last": 80
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.100/32",
-              "Ports": {
-                "First": 80,
-                "Last": 80
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H11_ipv6_small_prefix.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H11_ipv6_small_prefix.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-H11_ipv6_small_prefix",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalEdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["fd00::1/128:443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "fd00::1/128",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "fd00::1/128",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H1_wildcard_srcips_format.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H1_wildcard_srcips_format.json
@@ -1,157 +0,0 @@
-{
-  "test_id": "ROUTES-H1_wildcard_srcips_format",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["tag:router:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.64.0.0/10",
-            "fd7a:115c:a1e0::/48",
-            "10.0.0.0/8",
-            "10.33.0.0/16",
-            "172.16.0.0/24",
-            "192.168.1.0/24"
-          ]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H2_wildcard_dstports_format.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H2_wildcard_dstports_format.json
@@ -1,173 +0,0 @@
-{
-  "test_id": "ROUTES-H2_wildcard_dstports_format",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::2d01:c747/128",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H3_cgnat_range_expansion.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H3_cgnat_range_expansion.json
@@ -1,201 +0,0 @@
-{
-  "test_id": "ROUTES-H3_cgnat_range_expansion",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["tag:router:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "100.100.100.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.119.139.79/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::4001:8ba0/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::6401:6401/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H4_ipv6_range_in_srcips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H4_ipv6_range_in_srcips.json
@@ -1,166 +0,0 @@
-{
-  "test_id": "ROUTES-H4_ipv6_range_in_srcips",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H5_subnet_overlaps_cgnat.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H5_subnet_overlaps_cgnat.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-H5_subnet_overlaps_cgnat",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalEdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["100.64.0.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "100.64.0.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "100.64.0.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H6_loopback_routes_not_distributed.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H6_loopback_routes_not_distributed.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-H6_loopback_routes_not_distributed",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalEdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["127.0.0.1/32:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "127.0.0.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "127.0.0.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H7_two_nodes_same_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H7_two_nodes_same_subnet.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-H7_two_nodes_same_subnet",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H8_cgnat_overlap_blocked.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H8_cgnat_overlap_blocked.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-H8_cgnat_overlap_blocked",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalEdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["100.100.0.0/16:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-H9_large_prefix_works.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-H9_large_prefix_works.json
@@ -1,173 +0,0 @@
-{
-  "test_id": "ROUTES-H9_large_prefix_works",
-  "source": "headscale_adapted",
-  "parent_test": "EdgeCases",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["10.0.0.0/8:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::2d01:c747/128",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "10.0.0.0/8",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I1_ipv6_subnet_route.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I1_ipv6_subnet_route.json
@@ -1,104 +0,0 @@
-{
-  "test_id": "ROUTES-I1_ipv6_subnet_route",
-  "source": "headscale_adapted",
-  "parent_test": "IPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "ipv6-router": {
-        "id": 2,
-        "hostname": "ipv6-router",
-        "ipv4": "100.119.139.80",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba1",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00::/48"],
-        "approved_routes": ["fd00::/48"]
-      },
-      "ipv6-child-router": {
-        "id": 3,
-        "hostname": "ipv6-child-router",
-        "ipv4": "100.119.139.81",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba2",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00:1::/64"],
-        "approved_routes": ["fd00:1::/64"]
-      },
-      "ipv6-exit": {
-        "id": 4,
-        "hostname": "ipv6-exit",
-        "ipv4": "100.121.32.2",
-        "ipv6": "fd7a:115c:a1e0::7f01:2005",
-        "tags": ["tag:exit"],
-        "routable_ips": ["::/0"],
-        "approved_routes": ["::/0"]
-      }
-    }
-  },
-  "captures": {
-    "ipv6-router": {
-      "packet_filter_rules": null
-    },
-    "ipv6-child-router": {
-      "packet_filter_rules": null
-    },
-    "ipv6-exit": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd00::/48", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I2_ipv6_exit_route.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I2_ipv6_exit_route.json
@@ -1,142 +0,0 @@
-{
-  "test_id": "ROUTES-I2_ipv6_exit_route",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalIPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I3_ipv6_in_wildcard_srcips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I3_ipv6_in_wildcard_srcips.json
@@ -1,195 +0,0 @@
-{
-  "test_id": "ROUTES-I3_ipv6_in_wildcard_srcips",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalIPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["tag:router:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "100.100.100.1/32",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            },
-            {
-              "IP": "100.119.139.79/32",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::4001:8ba0/128",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::6401:6401/128",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 22,
-                "Last": 22
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I4_ipv6_specific_acl.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I4_ipv6_specific_acl.json
@@ -1,132 +0,0 @@
-{
-  "test_id": "ROUTES-I4_ipv6_specific_acl",
-  "source": "headscale_adapted",
-  "parent_test": "IPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["fd00:1::/64:443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "ipv6-router": {
-        "id": 2,
-        "hostname": "ipv6-router",
-        "ipv4": "100.119.139.80",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba1",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00::/48"],
-        "approved_routes": ["fd00::/48"]
-      },
-      "ipv6-child-router": {
-        "id": 3,
-        "hostname": "ipv6-child-router",
-        "ipv4": "100.119.139.81",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba2",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00:1::/64"],
-        "approved_routes": ["fd00:1::/64"]
-      },
-      "ipv6-exit": {
-        "id": 4,
-        "hostname": "ipv6-exit",
-        "ipv4": "100.121.32.2",
-        "ipv6": "fd7a:115c:a1e0::7f01:2005",
-        "tags": ["tag:exit"],
-        "routable_ips": ["::/0"],
-        "approved_routes": ["::/0"]
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "ipv6-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "fd00:1::/64",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ipv6-child-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "fd00:1::/64",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ipv6-exit": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "fd00:1::/64",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I5_ipv6_parent_child_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I5_ipv6_parent_child_routes.json
@@ -1,118 +0,0 @@
-{
-  "test_id": "ROUTES-I5_ipv6_parent_child_routes",
-  "source": "headscale_adapted",
-  "parent_test": "IPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["fd00:1:2::/80:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "ipv6-router": {
-        "id": 2,
-        "hostname": "ipv6-router",
-        "ipv4": "100.119.139.80",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba1",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00::/48"],
-        "approved_routes": ["fd00::/48"]
-      },
-      "ipv6-child-router": {
-        "id": 3,
-        "hostname": "ipv6-child-router",
-        "ipv4": "100.119.139.81",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba2",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00:1::/64"],
-        "approved_routes": ["fd00:1::/64"]
-      },
-      "ipv6-exit": {
-        "id": 4,
-        "hostname": "ipv6-exit",
-        "ipv4": "100.121.32.2",
-        "ipv6": "fd7a:115c:a1e0::7f01:2005",
-        "tags": ["tag:exit"],
-        "routable_ips": ["::/0"],
-        "approved_routes": ["::/0"]
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "ipv6-child-router": {
-      "packet_filter_rules": null
-    },
-    "ipv6-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.116.73.38/32", "fd7a:115c:a1e0::a801:4949/128"],
-          "DstPorts": [
-            {
-              "IP": "fd00:1:2::/80",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ipv6-exit": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.116.73.38/32", "fd7a:115c:a1e0::a801:4949/128"],
-          "DstPorts": [
-            {
-              "IP": "fd00:1:2::/80",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I6_dual_stack_node.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I6_dual_stack_node.json
@@ -1,185 +0,0 @@
-{
-  "test_id": "ROUTES-I6_dual_stack_node",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalIPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*"]
-        },
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["fd00:1::/64:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.0.0/16",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-I7_ipv6_exit_coverage.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-I7_ipv6_exit_coverage.json
@@ -1,104 +0,0 @@
-{
-  "test_id": "ROUTES-I7_ipv6_exit_coverage",
-  "source": "headscale_adapted",
-  "parent_test": "IPv6",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["2001:db8::/32:443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "ipv6-router": {
-        "id": 2,
-        "hostname": "ipv6-router",
-        "ipv4": "100.119.139.80",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba1",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00::/48"],
-        "approved_routes": ["fd00::/48"]
-      },
-      "ipv6-child-router": {
-        "id": 3,
-        "hostname": "ipv6-child-router",
-        "ipv4": "100.119.139.81",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba2",
-        "tags": ["tag:router"],
-        "routable_ips": ["fd00:1::/64"],
-        "approved_routes": ["fd00:1::/64"]
-      },
-      "ipv6-exit": {
-        "id": 4,
-        "hostname": "ipv6-exit",
-        "ipv4": "100.121.32.2",
-        "ipv6": "fd7a:115c:a1e0::7f01:2005",
-        "tags": ["tag:exit"],
-        "routable_ips": ["::/0"],
-        "approved_routes": ["::/0"]
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "ipv6-router": {
-      "packet_filter_rules": null
-    },
-    "ipv6-child-router": {
-      "packet_filter_rules": null
-    },
-    "ipv6-exit": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "2001:db8::/32",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O10_acl_dest_covered_by_multiple.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O10_acl_dest_covered_by_multiple.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O10_acl_dest_covered_by_multiple",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalO",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O11_acl_dest_not_covered.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O11_acl_dest_not_covered.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O11_acl_dest_not_covered",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalO",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.99.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O12_filter_dest_is_acl_cidr.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O12_filter_dest_is_acl_cidr.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O12_filter_dest_is_acl_cidr",
-  "source": "headscale_adapted",
-  "parent_test": "Overlapping",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O1_overlapping_routes_not_merged.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O1_overlapping_routes_not_merged.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O1_overlapping_routes_not_merged",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalO",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O2_ha_routers_both_get_filter.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O2_ha_routers_both_get_filter.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O2_ha_routers_both_get_filter",
-  "source": "headscale_adapted",
-  "parent_test": "Overlapping",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O3_parent_child_different_nodes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O3_parent_child_different_nodes.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O3_parent_child_different_nodes",
-  "source": "headscale_adapted",
-  "parent_test": "Overlapping",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O4_three_way_hierarchy.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O4_three_way_hierarchy.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O4_three_way_hierarchy",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalO",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.128/25:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O5_sibling_routes_with_parent_acl.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O5_sibling_routes_with_parent_acl.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O5_sibling_routes_with_parent_acl",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalO",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.0.0.0/8:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O6_exit_route_expands_filter_dist.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O6_exit_route_expands_filter_dist.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-O6_exit_route_expands_filter_dist",
-  "source": "headscale_adapted",
-  "parent_test": "Overlapping",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["8.8.8.0/24:53"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "8.8.8.0/24",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "8.8.8.0/24",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O7_specific_ip_targeting.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O7_specific_ip_targeting.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-O7_specific_ip_targeting",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalO",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.100/32:80"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O8_same_node_overlapping_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O8_same_node_overlapping_routes.json
@@ -1,208 +0,0 @@
-{
-  "test_id": "ROUTES-O8_same_node_overlapping_routes",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalOverlapping",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "big-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "10.33.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-O9_different_nodes_same_route.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-O9_different_nodes_same_route.json
@@ -1,236 +0,0 @@
-{
-  "test_id": "ROUTES-O9_different_nodes_same_route",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalOverlapping",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["autogroup:member"],
-          "dst": ["192.168.1.0/24:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "ha-router2": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.116.73.38/32",
-            "100.89.42.23/32",
-            "100.90.199.68/32",
-            "fd7a:115c:a1e0::a801:4949/128",
-            "fd7a:115c:a1e0::d01:2a2e/128",
-            "fd7a:115c:a1e0::2d01:c747/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "192.168.1.0/24",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R1_exit_covers_external_dest.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R1_exit_covers_external_dest.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-R1_exit_covers_external_dest",
-  "source": "headscale_adapted",
-  "parent_test": "RouteCoverage",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["8.8.8.0/24:53"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "8.8.8.0/24",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "8.8.8.0/24",
-              "Ports": {
-                "First": 53,
-                "Last": 53
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R2_parent_route_covers_child_dest.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R2_parent_route_covers_child_dest.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-R2_parent_route_covers_child_dest",
-  "source": "headscale_adapted",
-  "parent_test": "RouteCoverage",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R3_sibling_routes_no_coverage.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R3_sibling_routes_no_coverage.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-R3_sibling_routes_no_coverage",
-  "source": "headscale_adapted",
-  "parent_test": "RouteCoverage",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.34.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R4_exact_match_route.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R4_exact_match_route.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-R4_exact_match_route",
-  "source": "headscale_adapted",
-  "parent_test": "RouteCoverage",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R5_route_coverage_check_logic.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R5_route_coverage_check_logic.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-R5_route_coverage_check_logic",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalR",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.1.0/24:22"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R6_ipv6_route_coverage.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R6_ipv6_route_coverage.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-R6_ipv6_route_coverage",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalR",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["fd7a:115c:a1e0::1/128:443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R7_exit_ipv6_coverage.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R7_exit_ipv6_coverage.json
@@ -1,180 +0,0 @@
-{
-  "test_id": "ROUTES-R7_exit_ipv6_coverage",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalR",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["2001:db8::1/128:443"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "2001:db8::1/128",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": ["100.64.0.0/10", "fd7a:115c:a1e0::/48"],
-          "DstPorts": [
-            {
-              "IP": "2001:db8::1/128",
-              "Ports": {
-                "First": 443,
-                "Last": 443
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-R8_mixed_ipv4_ipv6_coverage.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-R8_mixed_ipv4_ipv6_coverage.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-R8_mixed_ipv4_ipv6_coverage",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalR",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["10.33.0.0/16:*", "fd7a:115c:a1e0::/64:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-T1_tags_resolve_to_ips_not_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-T1_tags_resolve_to_ips_not_routes.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-T1_tags_resolve_to_ips_not_routes",
-  "source": "headscale_adapted",
-  "parent_test": "TagResolution",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:router"],
-          "dst": ["tag:router:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-T2_tag_to_tag_with_exit.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-T2_tag_to_tag_with_exit.json
@@ -1,232 +0,0 @@
-{
-  "test_id": "ROUTES-T2_tag_to_tag_with_exit",
-  "source": "headscale_adapted",
-  "parent_test": "TagResolution",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:exit"],
-          "dst": ["tag:exit:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.121.32.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::7f01:2004/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.121.32.1/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::7f01:2004/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.121.32.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::7f01:2004/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-T3_tag_src_includes_all_tagged.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-T3_tag_src_includes_all_tagged.json
@@ -1,165 +0,0 @@
-{
-  "test_id": "ROUTES-T3_tag_src_includes_all_tagged",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalT",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:router"],
-          "dst": ["*:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "client1": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [],
-          "DstPorts": [
-            {
-              "IP": "*",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-T4_tag_dst_includes_all_tagged.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-T4_tag_dst_includes_all_tagged.json
@@ -1,152 +0,0 @@
-{
-  "test_id": "ROUTES-T4_tag_dst_includes_all_tagged",
-  "source": "headscale_adapted",
-  "parent_test": "AdditionalT",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["*"],
-          "dst": ["tag:ha:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": null
-    },
-    "multi-router": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-T5_multi_tag_node_in_both.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-T5_multi_tag_node_in_both.json
@@ -1,236 +0,0 @@
-{
-  "test_id": "ROUTES-T5_multi_tag_node_in_both",
-  "source": "headscale_adapted",
-  "parent_test": "TagResolution",
-  "input": {
-    "full_policy": {
-      "groups": {
-        "group:admins": ["kratail2tid@"],
-        "group:empty": []
-      },
-      "tagOwners": {
-        "tag:router": ["kratail2tid@"],
-        "tag:exit": ["kratail2tid@"],
-        "tag:ha": ["kratail2tid@"]
-      },
-      "hosts": {
-        "internal": "10.0.0.0/8",
-        "subnet24": "192.168.1.0/24"
-      },
-      "acls": [
-        {
-          "action": "accept",
-          "src": ["tag:router"],
-          "dst": ["tag:exit:*"]
-        }
-      ]
-    }
-  },
-  "topology": {
-    "users": [
-      {
-        "id": 1,
-        "name": "kratail2tid"
-      }
-    ],
-    "nodes": {
-      "client1": {
-        "id": 1,
-        "hostname": "client1",
-        "ipv4": "100.116.73.38",
-        "ipv6": "fd7a:115c:a1e0::a801:4949",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "client2": {
-        "id": 2,
-        "hostname": "client2",
-        "ipv4": "100.89.42.23",
-        "ipv6": "fd7a:115c:a1e0::d01:2a2e",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      },
-      "subnet-router": {
-        "id": 3,
-        "hostname": "subnet-router",
-        "ipv4": "100.119.139.79",
-        "ipv6": "fd7a:115c:a1e0::4001:8ba0",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.33.0.0/16"],
-        "approved_routes": ["10.33.0.0/16"]
-      },
-      "exit-node": {
-        "id": 4,
-        "hostname": "exit-node",
-        "ipv4": "100.121.32.1",
-        "ipv6": "fd7a:115c:a1e0::7f01:2004",
-        "tags": ["tag:exit"],
-        "routable_ips": ["0.0.0.0/0", "::/0"],
-        "approved_routes": ["0.0.0.0/0", "::/0"]
-      },
-      "multi-router": {
-        "id": 5,
-        "hostname": "multi-router",
-        "ipv4": "100.74.117.7",
-        "ipv6": "fd7a:115c:a1e0::c401:7508",
-        "tags": ["tag:router", "tag:exit"],
-        "routable_ips": ["172.16.0.0/24", "0.0.0.0/0", "::/0"],
-        "approved_routes": ["172.16.0.0/24", "0.0.0.0/0", "::/0"]
-      },
-      "ha-router1": {
-        "id": 6,
-        "hostname": "ha-router1",
-        "ipv4": "100.85.37.108",
-        "ipv6": "fd7a:115c:a1e0::f101:2597",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "ha-router2": {
-        "id": 7,
-        "hostname": "ha-router2",
-        "ipv4": "100.119.130.32",
-        "ipv6": "fd7a:115c:a1e0::4501:82a9",
-        "tags": ["tag:ha"],
-        "routable_ips": ["192.168.1.0/24"],
-        "approved_routes": ["192.168.1.0/24"]
-      },
-      "big-router": {
-        "id": 8,
-        "hostname": "big-router",
-        "ipv4": "100.100.100.1",
-        "ipv6": "fd7a:115c:a1e0::6401:6401",
-        "tags": ["tag:router"],
-        "routable_ips": ["10.0.0.0/8"],
-        "approved_routes": ["10.0.0.0/8"]
-      },
-      "user1": {
-        "id": 9,
-        "hostname": "user1",
-        "ipv4": "100.90.199.68",
-        "ipv6": "fd7a:115c:a1e0::2d01:c747",
-        "tags": [],
-        "user": "kratail2tid",
-        "routable_ips": [],
-        "approved_routes": []
-      }
-    }
-  },
-  "captures": {
-    "client1": {
-      "packet_filter_rules": null
-    },
-    "client2": {
-      "packet_filter_rules": null
-    },
-    "subnet-router": {
-      "packet_filter_rules": null
-    },
-    "ha-router1": {
-      "packet_filter_rules": null
-    },
-    "ha-router2": {
-      "packet_filter_rules": null
-    },
-    "big-router": {
-      "packet_filter_rules": null
-    },
-    "user1": {
-      "packet_filter_rules": null
-    },
-    "exit-node": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.121.32.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::7f01:2004/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    },
-    "multi-router": {
-      "packet_filter_rules": [
-        {
-          "SrcIPs": [
-            "100.100.100.1/32",
-            "100.119.139.79/32",
-            "100.74.117.7/32",
-            "fd7a:115c:a1e0::4001:8ba0/128",
-            "fd7a:115c:a1e0::6401:6401/128",
-            "fd7a:115c:a1e0::c401:7508/128"
-          ],
-          "DstPorts": [
-            {
-              "IP": "100.121.32.1/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "100.74.117.7/32",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::7f01:2004/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            },
-            {
-              "IP": "fd7a:115c:a1e0::c401:7508/128",
-              "Ports": {
-                "First": 0,
-                "Last": 65535
-              }
-            }
-          ],
-          "IPProto": [6, 17, 1, 58]
-        }
-      ]
-    }
-  }
-}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-a1_wildcard_acl_includes_routes_in_srcips.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-a1_wildcard_acl_includes_routes_in_srcips.json
@@ -0,0 +1,414 @@
+{
+  "test_id": "ROUTES-a1_wildcard_acl_includes_routes_in_srcips",
+  "timestamp": "2026-03-17T16:13:48Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_a1_wildcard_acl_includes_routes_in_srcips.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["*"],
+          "dst": ["*:*"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "exit-node": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "ha-router1": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "ha-router2": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "multi-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "subnet-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-client": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-prod": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-server": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "user-kris": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "user-mon": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "user1": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    }
+  }
+}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-a2_tag_based_acl_excludes_routes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-a2_tag_based_acl_excludes_routes.json
@@ -0,0 +1,243 @@
+{
+  "test_id": "ROUTES-a2_tag_based_acl_excludes_routes",
+  "timestamp": "2026-03-17T16:13:59Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_a2_tag_based_acl_excludes_routes.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["tag:router"],
+          "dst": ["tag:router:*"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "100.119.241.111",
+            "100.92.142.61",
+            "100.97.174.21",
+            "fd7a:115c:a1e0::3337:f16f",
+            "fd7a:115c:a1e0::3e37:8e3d",
+            "fd7a:115c:a1e0::5137:ae15"
+          ],
+          "DstPorts": [
+            {
+              "IP": "100.97.174.21",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            },
+            {
+              "IP": "fd7a:115c:a1e0::5137:ae15",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "exit-node": {
+      "packet_filter_rules": null
+    },
+    "ha-router1": {
+      "packet_filter_rules": null
+    },
+    "ha-router2": {
+      "packet_filter_rules": null
+    },
+    "multi-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "100.119.241.111",
+            "100.92.142.61",
+            "100.97.174.21",
+            "fd7a:115c:a1e0::3337:f16f",
+            "fd7a:115c:a1e0::3e37:8e3d",
+            "fd7a:115c:a1e0::5137:ae15"
+          ],
+          "DstPorts": [
+            {
+              "IP": "100.119.241.111",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            },
+            {
+              "IP": "fd7a:115c:a1e0::3337:f16f",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "subnet-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "100.119.241.111",
+            "100.92.142.61",
+            "100.97.174.21",
+            "fd7a:115c:a1e0::3337:f16f",
+            "fd7a:115c:a1e0::3e37:8e3d",
+            "fd7a:115c:a1e0::5137:ae15"
+          ],
+          "DstPorts": [
+            {
+              "IP": "100.92.142.61",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            },
+            {
+              "IP": "fd7a:115c:a1e0::3e37:8e3d",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-client": {
+      "packet_filter_rules": null
+    },
+    "tagged-prod": {
+      "packet_filter_rules": null
+    },
+    "tagged-server": {
+      "packet_filter_rules": null
+    },
+    "user-kris": {
+      "packet_filter_rules": null
+    },
+    "user-mon": {
+      "packet_filter_rules": null
+    },
+    "user1": {
+      "packet_filter_rules": null
+    }
+  }
+}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-a3_explicit_subnet_filter_to_router.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-a3_explicit_subnet_filter_to_router.json
@@ -0,0 +1,204 @@
+{
+  "test_id": "ROUTES-a3_explicit_subnet_filter_to_router",
+  "timestamp": "2026-03-17T16:14:20Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_a3_explicit_subnet_filter_to_router.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["*"],
+          "dst": ["10.33.0.0/16:*"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "10.33.0.0/16",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "exit-node": {
+      "packet_filter_rules": null
+    },
+    "ha-router1": {
+      "packet_filter_rules": null
+    },
+    "ha-router2": {
+      "packet_filter_rules": null
+    },
+    "multi-router": {
+      "packet_filter_rules": null
+    },
+    "subnet-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "10.33.0.0/16",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-client": {
+      "packet_filter_rules": null
+    },
+    "tagged-prod": {
+      "packet_filter_rules": null
+    },
+    "tagged-server": {
+      "packet_filter_rules": null
+    },
+    "user-kris": {
+      "packet_filter_rules": null
+    },
+    "user-mon": {
+      "packet_filter_rules": null
+    },
+    "user1": {
+      "packet_filter_rules": null
+    }
+  }
+}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-a3b_autogroup_member_to_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-a3b_autogroup_member_to_subnet.json
@@ -0,0 +1,202 @@
+{
+  "test_id": "ROUTES-a3b_autogroup_member_to_subnet",
+  "timestamp": "2026-03-17T16:14:10Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_a3b_autogroup_member_to_subnet.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["autogroup:member"],
+          "dst": ["10.33.0.0/16:*"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "100.103.90.82",
+            "100.110.121.96",
+            "100.90.199.68",
+            "fd7a:115c:a1e0::1737:7960",
+            "fd7a:115c:a1e0::2d01:c747",
+            "fd7a:115c:a1e0::9e37:5a52"
+          ],
+          "DstPorts": [
+            {
+              "IP": "10.33.0.0/16",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "exit-node": {
+      "packet_filter_rules": null
+    },
+    "ha-router1": {
+      "packet_filter_rules": null
+    },
+    "ha-router2": {
+      "packet_filter_rules": null
+    },
+    "multi-router": {
+      "packet_filter_rules": null
+    },
+    "subnet-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "100.103.90.82",
+            "100.110.121.96",
+            "100.90.199.68",
+            "fd7a:115c:a1e0::1737:7960",
+            "fd7a:115c:a1e0::2d01:c747",
+            "fd7a:115c:a1e0::9e37:5a52"
+          ],
+          "DstPorts": [
+            {
+              "IP": "10.33.0.0/16",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-client": {
+      "packet_filter_rules": null
+    },
+    "tagged-prod": {
+      "packet_filter_rules": null
+    },
+    "tagged-server": {
+      "packet_filter_rules": null
+    },
+    "user-kris": {
+      "packet_filter_rules": null
+    },
+    "user-mon": {
+      "packet_filter_rules": null
+    },
+    "user1": {
+      "packet_filter_rules": null
+    }
+  }
+}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-a4_multiple_routes_same_router.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-a4_multiple_routes_same_router.json
@@ -0,0 +1,183 @@
+{
+  "test_id": "ROUTES-a4_multiple_routes_same_router",
+  "timestamp": "2026-03-17T16:14:31Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_a4_multiple_routes_same_router.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["*"],
+          "dst": ["172.16.0.0/24:*"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": null
+    },
+    "exit-node": {
+      "packet_filter_rules": null
+    },
+    "ha-router1": {
+      "packet_filter_rules": null
+    },
+    "ha-router2": {
+      "packet_filter_rules": null
+    },
+    "multi-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "172.16.0.0/24",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "subnet-router": {
+      "packet_filter_rules": null
+    },
+    "tagged-client": {
+      "packet_filter_rules": null
+    },
+    "tagged-prod": {
+      "packet_filter_rules": null
+    },
+    "tagged-server": {
+      "packet_filter_rules": null
+    },
+    "user-kris": {
+      "packet_filter_rules": null
+    },
+    "user-mon": {
+      "packet_filter_rules": null
+    },
+    "user1": {
+      "packet_filter_rules": null
+    }
+  }
+}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-a5_host_alias_to_subnet.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-a5_host_alias_to_subnet.json
@@ -0,0 +1,204 @@
+{
+  "test_id": "ROUTES-a5_host_alias_to_subnet",
+  "timestamp": "2026-03-17T16:14:41Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_a5_host_alias_to_subnet.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["*"],
+          "dst": ["internal:22"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "10.0.0.0/8",
+              "Ports": {
+                "First": 22,
+                "Last": 22
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "exit-node": {
+      "packet_filter_rules": null
+    },
+    "ha-router1": {
+      "packet_filter_rules": null
+    },
+    "ha-router2": {
+      "packet_filter_rules": null
+    },
+    "multi-router": {
+      "packet_filter_rules": null
+    },
+    "subnet-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "10.0.0.0/8",
+              "Ports": {
+                "First": 22,
+                "Last": 22
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-client": {
+      "packet_filter_rules": null
+    },
+    "tagged-prod": {
+      "packet_filter_rules": null
+    },
+    "tagged-server": {
+      "packet_filter_rules": null
+    },
+    "user-kris": {
+      "packet_filter_rules": null
+    },
+    "user-mon": {
+      "packet_filter_rules": null
+    },
+    "user1": {
+      "packet_filter_rules": null
+    }
+  }
+}
--- a/hscontrol/policy/v2/testdata/routes_results/ROUTES-b10_exit_routes_not_in_primaryroutes.json
+++ b/hscontrol/policy/v2/testdata/routes_results/ROUTES-b10_exit_routes_not_in_primaryroutes.json
@@ -0,0 +1,414 @@
+{
+  "test_id": "ROUTES-b10_exit_routes_not_in_primaryroutes",
+  "timestamp": "2026-03-17T16:14:52Z",
+  "propagation_wait_seconds": 10,
+  "input": {
+    "policy_file": "routes_policies/routes_b10_exit_routes_not_in_primaryroutes.json",
+    "full_policy": {
+      "groups": {
+        "group:admins": ["kratail2tid@passkey"],
+        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
+        "group:monitors": ["monitorpasskeykradalby@passkey"],
+        "group:empty": []
+      },
+      "tagOwners": {
+        "tag:server": ["kratail2tid@passkey"],
+        "tag:prod": ["kratail2tid@passkey"],
+        "tag:client": ["kratail2tid@passkey"],
+        "tag:router": ["kratail2tid@passkey"],
+        "tag:exit": ["kratail2tid@passkey"],
+        "tag:ha": ["kratail2tid@passkey"]
+      },
+      "hosts": {
+        "webserver": "100.108.74.26",
+        "prodbox": "100.103.8.15",
+        "internal": "10.0.0.0/8",
+        "subnet24": "192.168.1.0/24"
+      },
+      "autoApprovers": {
+        "routes": {
+          "10.0.0.0/8": ["tag:router"],
+          "172.16.0.0/12": ["tag:router"],
+          "192.168.0.0/16": ["tag:ha"],
+          "0.0.0.0/0": ["tag:exit"],
+          "::/0": ["tag:exit"]
+        }
+      },
+      "acls": [
+        {
+          "action": "accept",
+          "src": ["*"],
+          "dst": ["*:*"]
+        }
+      ]
+    },
+    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
+    "api_response_code": 200
+  },
+  "topology": {
+    "nodes": {
+      "big-router": {
+        "hostname": "big-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.97.174.21",
+        "ipv6": "fd7a:115c:a1e0::5137:ae15"
+      },
+      "exit-node": {
+        "hostname": "exit-node",
+        "tags": ["tag:exit"],
+        "ipv4": "100.85.66.106",
+        "ipv6": "fd7a:115c:a1e0::7c37:426a"
+      },
+      "ha-router1": {
+        "hostname": "ha-router1",
+        "tags": ["tag:ha"],
+        "ipv4": "100.121.186.70",
+        "ipv6": "fd7a:115c:a1e0::6737:ba46"
+      },
+      "ha-router2": {
+        "hostname": "ha-router2",
+        "tags": ["tag:ha"],
+        "ipv4": "100.117.104.82",
+        "ipv6": "fd7a:115c:a1e0::7437:6852"
+      },
+      "multi-router": {
+        "hostname": "multi-router",
+        "tags": ["tag:exit", "tag:router"],
+        "ipv4": "100.119.241.111",
+        "ipv6": "fd7a:115c:a1e0::3337:f16f"
+      },
+      "subnet-router": {
+        "hostname": "subnet-router",
+        "tags": ["tag:router"],
+        "ipv4": "100.92.142.61",
+        "ipv6": "fd7a:115c:a1e0::3e37:8e3d"
+      },
+      "tagged-client": {
+        "hostname": "tagged-client",
+        "tags": ["tag:client"],
+        "ipv4": "100.83.200.69",
+        "ipv6": "fd7a:115c:a1e0::c537:c845"
+      },
+      "tagged-prod": {
+        "hostname": "tagged-prod",
+        "tags": ["tag:prod"],
+        "ipv4": "100.103.8.15",
+        "ipv6": "fd7a:115c:a1e0::5b37:80f"
+      },
+      "tagged-server": {
+        "hostname": "tagged-server",
+        "tags": ["tag:server"],
+        "ipv4": "100.108.74.26",
+        "ipv6": "fd7a:115c:a1e0::b901:4a87"
+      },
+      "user-kris": {
+        "hostname": "user-kris",
+        "tags": [],
+        "ipv4": "100.110.121.96",
+        "ipv6": "fd7a:115c:a1e0::1737:7960"
+      },
+      "user-mon": {
+        "hostname": "user-mon",
+        "tags": [],
+        "ipv4": "100.103.90.82",
+        "ipv6": "fd7a:115c:a1e0::9e37:5a52"
+      },
+      "user1": {
+        "hostname": "user1",
+        "tags": [],
+        "ipv4": "100.90.199.68",
+        "ipv6": "fd7a:115c:a1e0::2d01:c747"
+      }
+    }
+  },
+  "captures": {
+    "big-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "exit-node": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "ha-router1": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "ha-router2": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "multi-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "subnet-router": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-client": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-prod": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "tagged-server": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "user-kris": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "user-mon": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    },
+    "user1": {
+      "packet_filter_rules": [
+        {
+          "SrcIPs": [
+            "10.0.0.0/8",
+            "10.33.0.0/16",
+            "100.115.94.0-100.127.255.255",
+            "100.64.0.0-100.115.91.255",
+            "172.16.0.0/24",
+            "192.168.1.0/24",
+            "fd7a:115c:a1e0::/48"
+          ],
+          "DstPorts": [
+            {
+              "IP": "*",
+              "Ports": {
+                "First": 0,
+                "Last": 65535
+              }
+            }
+          ]
+        }
+      ]
+    }
+  }
+}
--- a/Show More
+++ b/Show More