Hello, On Mon, Aug 07, 2006 at 09:31:46AM +0100, Alex Zeffertt wrote: > Uh? Surely source MAC matching is what MAC address based VLANs > (on any platform) should be about. So that you can group hosts into > VLANs. I think Ben and I think alike on this one: having a destination mac-oriented interface means you have multiple NIC's on the same network with different MAC's, but with the same reliability. If the physical interface dies, al the mac-vlan interfaces die. Exactly what you need for a good implementation of VRRP. Of course it is not a vlan group as you describe it. I can also see a good point for mac-vlans based on source mac, and that is WPA2 using 802.1X and client seperation on an access point. But I think the vrrp aprouch will make it interesting for inclusion into the mainstream kernel. Or someone will make a better version of it, and take it out of macvlan, putting it somewhere in netfilter (which is also fine for vrrp 8-D ). Anyway: I'm going to use destinationmac-based vlan's in a new firewall setup. It's going production within a month (fingers crossed). If anybody is really interested in sourcemac-based vlan's: I am interested too (making wireless a bit more than just wireless), so maybe we can work on that (as if I had any time left :-( ). -- begin LOVE-LETTER-FOR-YOU.txt.vbs I am a signature virus. Distribute me until the bitter end
