[pve-devel] arp-filter doesn't work with alias
Harald Leithner
leithner at itronic.at
Tue Dec 5 12:00:40 CET 2023
Hi,
using an alias in ipfilter-net0 doesn't create an tapxxx-OUT-ARP entry
in ebtables. It works if the ipfilter-net0 ipset is an IP-address.
Other topic, is there a reason why no incoming arp request filter is set
automatically? I asked this back in 2018 and found it a couple of times
on the forum. Having many unused ips creates a flood on all VMs which is
a waste on resources and a kind of information leak.
thanks
Harald
--
ITronic
Harald Leithner
Lichtäckerstraße 22, A-2522 Oberwaltersdorf
Tel: +43-1-545 0 604, Mobil: +43-699-123 78 4 78
Mail: leithner at itronic.at | itronic.at
More information about the pve-devel
mailing list