On Wed, 26 Aug 2009, Gert Doering wrote: > So how do you prevent customer A from sending out packets with an IP > address belonging to customer B? (For whatever reason). Antispoofing ACL on vlan interface? Or if you have an access layer, you can do your L2.5 access lists there on ingress. -- Mikael Abrahamsson email: swmike at swm.pp.se