[c-nsp] Private VLANs for customer isolation on sup720/12.2(33)

[Phil Mayers]

On 04/24/2011 08:25 PM, Anton Kapela wrote:
> 2011/4/19 Jon Harald Bøvre<jon at bovre.no>:
>> Done similar to this with SXF (for FTTH rollout):
>
> [snip]
>
> this modem works quite well for hosting, FTTx/wan-edge, etc. I make
> substantial use of it, too, in similar (hosting, etc) situations too.

It certainly is a promising idea for my use-case.

To be honest though, I'm a little surprised it works on hardware-based 
platforms. I assume that it's basically driven by the adjacency table, 
i.e. it's equivalent to doing:

ip route x.x.x.x VlanYYY

...when IP x.x.x.x is learned via ARP on un-numbered vlan YYY.

Thanks for the pointers all!

> Have *not* tried with IPv6, so cannot comment re: outcomes there.

I'll have to test this, but I'm assuming since they're separate SVIs, 
you could run un-numbered from the shared IPv4 range, but give each SVI 
its own IPv6.