On Tue, Aug 18, 2015 at 9:45 AM, "Rolf Hanßen" <nsp at rhanssen.de> wrote: > Hi, > > you forgot "do some interface-ACL-magic that drops peer-traffic that does > not have a destination IP in my cool-networks-whitelist". > Yup, valid option. I am trying to avoid anything that involves maintaining lists.