On Mon, Aug 07, 2006 at 09:31:46AM +0100, Alex Zeffertt wrote:
> Uh?  Surely source MAC matching is what MAC address based VLANs
> (on any platform) should be about.  So that you can group hosts into
> VLANs.

I think Ben and I think alike on this one: having a destination
mac-oriented interface means you have multiple NIC's on the same
network with different MAC's, but with the same reliability. If
the physical interface dies, al the mac-vlan interfaces die.
Exactly what you need for a good implementation of VRRP. Of
course it is not a vlan group as you describe it.

I can also see a good point for mac-vlans based on source mac,
and that is WPA2 using 802.1X and client seperation on an access
But I think the vrrp aprouch will make it interesting for
inclusion into the mainstream kernel. Or someone will make a
better version of it, and take it out of macvlan, putting it
somewhere in netfilter (which is also fine for vrrp 8-D ).

Anyway: I'm going to use destinationmac-based vlan's in a new
firewall setup. It's going production within a month (fingers

If anybody is really interested in sourcemac-based vlan's: I am
interested too (making wireless a bit more than just wireless),
so maybe we can work on that (as if I had any time left :-( ).
