I am trying to set up what is often called a pseudo-bridge on a machine in a data centre. The config looks like this: DC LAN | | | bond0 br0 veth0 +----------------[ Linux ] ------+-------[ VM 192.0.200.101/24 ] | 192.0.200.23/24 | | | veth1 | \-------[ VM 192.0.200.101/24 ] The data centre do not want me to simply make bond0 a member of the br0 bridge, because they only want to see a single MAC and are worried about forwarding loops. Fair or not, let's assume that's a fixed point. I could get this to work (I think) simply be putting the appropriate /32 routes in the kernel, and then enabling proxy_arp on bond0 and br0. However, I want to be very cautious about what my machine arps for on bond0. Specifically, I want to ensure it does not arp for anything except its own address and the other 2 IP addresses listed. I'm pretty sure there was some arp masquerade setting that could be used instead of a straight proxy arp, but now can't find it. Any ideas? -- Alex Bligh -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
