On Thu, Mar 17, 2022 at 10:38:59AM +0100, Hans Schultz wrote: > Add an intermediate state for clients behind a locked port to allow for > possible opening of the port for said clients. This feature corresponds > to the Mac-Auth and MAC Authentication Bypass (MAB) named features. The > latter defined by Cisco. > Only the kernel can set this FDB entry flag, while userspace can read > the flag and remove it by deleting the FDB entry. Can you explain where this flag is rejected by the kernel? Nik, it seems the bridge ignores 'NDA_FLAGS_EXT', but I think that for new flags we should do a better job and reject unsupported configurations. WDYT? The neighbour code will correctly reject the new flag due to 'NTF_EXT_MASK'.
