They where already blocking 802.1Q (so also QinQ), but instead of denying some more protocol and playing whack a mole, they now allow only ARP / IPv4 / IPv6, so if there is another fun type of packet like vlan0 they are already safe, and some other attack with exotic protocol.
They where already blocking 802.1Q (so also QinQ), but instead of denying some more protocol and playing whack a mole, they now allow only ARP / IPv4 / IPv6, so if there is another fun type of packet like vlan0 they are already safe, and some other attack with exotic protocol.