yes, I agree, I also think about how to implement when address-pairs is a subnet. It is difficult to add all the IPs one by one. and ebtables not support extension like ipset too.
If we add a config option to enable the ARP proxy of not, does it equal that enable/disable l2-pop dynamicly ?
even though we have this kind of option, we cannot control the packages with fine-grain.
And I think the same problem should be in OVS/vxlan too. and feature like port-security could not work with l2pop too.
yes, I agree, I also think about how to implement when address-pairs is a subnet. It is difficult to add all the IPs one by one. and ebtables not support extension like ipset too.
If we add a config option to enable the ARP proxy of not, does it equal that enable/disable l2-pop dynamicly ?
even though we have this kind of option, we cannot control the packages with fine-grain.
And I think the same problem should be in OVS/vxlan too. and feature like port-security could not work with l2pop too.