diff --git a/README.md b/README.md
index 0e5b0c1..36ed9b0 100644
--- a/README.md
+++ b/README.md
@@ -61,7 +61,7 @@ consistency.
 | `k3s_https_port`                 | HTTPS port listening port.                                               | 6443                                    |
 | `k3s_use_docker`                 | Use Docker rather than Containerd?                                       | `false`                                 |
 | `k3s_no_flannel`                 | Do not use Flannel                                                       | `false`                                 |
-| `k3s_flannel_backend`            | Flannel backend ('none', 'vxlan', 'ipsec', or 'wireguard')               | vxlan                                   |
+| `k3s_flannel_backend`            | Flannel backend ('none', 'vxlan', 'ipsec', 'host-gw' or 'wireguard')     | vxlan                                   |
 | `k3s_no_coredns`                 | Do not use CoreDNS                                                       | `false`                                 |
 | `k3s_cluster_dns`                | Cluster IP for CoreDNS service. Should be in your service-cidr range.    | _NULL_                                  |
 | `k3s_cluster_domain`             | Cluster Domain.                                                          | cluster.local                           |
diff --git a/tasks/build/download-k3s.yml b/tasks/build/download-k3s.yml
index 8ebc5cb..32f889a 100644
--- a/tasks/build/download-k3s.yml
+++ b/tasks/build/download-k3s.yml
@@ -18,7 +18,10 @@
 
 - name: Ensure sha256sum is set from hashsum variable
   set_fact:
-    k3s_hash_sum: "{{ (k3s_hash_sum_raw.content.split('\n') | reject('search', 'images') | first).split() | first }}"
+    k3s_hash_sum: "{{ (k3s_hash_sum_raw.content.split('\n') |
+      select('search', 'k3s' + k3s_arch_suffix) |
+      reject('search', 'images') |
+      first).split() | first }}"
   changed_when: false
 
 - name: Ensure installation directory exists
diff --git a/tasks/validate/check-variables.yml b/tasks/validate/check-variables.yml
index 2f9d95b..29a1f23 100644
--- a/tasks/validate/check-variables.yml
+++ b/tasks/validate/check-variables.yml
@@ -126,6 +126,14 @@
     fail_msg: "Alternate flannel backends are not supported in {{ k3s_release_version }}"
   when: k3s_flannel_backend is defined and k3s_flannel_backend
 
+- name: Check k3s_flannel_backend 'host-gw' configuration against k3s version
+  assert:
+    that:
+      - (k3s_release_version | replace('v', '')) is version_compare('1.17.2', '>=')
+    success_msg: "host-gw flannel backend supported in {{ k3s_release_version }}"
+    fail_msg: "host-gw flannel backend is not supported in {{ k3s_release_version }}"
+  when: k3s_flannel_backend is defined and k3s_flannel_backend == 'host-gw'
+
 - name: Check k3s_disable_network_policy against k3s version
   assert:
     that: