diff --git a/doc/source/developer-notes/V-38511.rst b/doc/source/developer-notes/V-38511.rst
new file mode 100644
index 00000000..7e872ff9
--- /dev/null
+++ b/doc/source/developer-notes/V-38511.rst
@@ -0,0 +1,5 @@
+**Special Case**
+
+Running virtual infrastructure requires IP forwarding to be enabled on various
+interfaces. The STIG allows for this, so long as the system is being operated
+as a router (as is the case for an OpenStack host).
diff --git a/doc/source/developer-notes/V-38512.rst b/doc/source/developer-notes/V-38512.rst
new file mode 100644
index 00000000..63471791
--- /dev/null
+++ b/doc/source/developer-notes/V-38512.rst
@@ -0,0 +1,10 @@
+**Exception**
+
+Although a minimal set of iptables rules are configured on openstack-ansible
+hosts, the "deny all" requirement of the STIG is not met. This is largely left
+up to the deployer to do, based on their assessment of their own network
+segmentation.
+
+Deployers are urged to review the network access controls that are applied
+on the network devices between their OpenStack environment and the rest of
+their network.
diff --git a/doc/source/developer-notes/V-38513.rst b/doc/source/developer-notes/V-38513.rst
new file mode 120000
index 00000000..aae1aca4
--- /dev/null
+++ b/doc/source/developer-notes/V-38513.rst
@@ -0,0 +1 @@
+V-38512.rst
\ No newline at end of file
diff --git a/doc/source/developer-notes/V-38686.rst b/doc/source/developer-notes/V-38686.rst
new file mode 120000
index 00000000..aae1aca4
--- /dev/null
+++ b/doc/source/developer-notes/V-38686.rst
@@ -0,0 +1 @@
+V-38512.rst
\ No newline at end of file