[j-nsp] Fwd: Point-to-point Ethernet interfaces

[Florian Weimer]

* Alex Arseniev:

> Perhaps a silly question - are these interfaces on the same router?

They are, sorry for being unclear.

> If yes what you are trying to accomplish is possible with unnumbered
> Ethernet interfaces and forwarding-table-filter to prevent hosts
> talking to each other.

Ah, thanks, I had missed that.

Unfortunately, the combination of the following:

  * VLAN sub-interfaces
  * unnumbered interfaces
  * strict RPF checks

does not work.  ARP ceases to work reliably on the VLAN interface,
RFP-matching matching traffic is not forwarded (or RFP-failing traffic
is forwarded, depending on the order of configuration), and "show
route hostB" caused the router to hang (but this was not
reproducible).

We've disabled RPF checks for the interface and will stateless filters
to emulate them.  Hopefully, this resolves the issue.

But it seems that unnumbered interfaces are the way to go.  Thanks.

-- 
Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99