I am hoping someone can confirm this and I am not going mental.
Today I was attempting to disable neighbor discovery (all protocols) on only certain interfaces so I created an interface list called TestList which included eth8. Eth8 is currently showing in neighbor discovery.
I went into neighbor discovery, changed the list to TestList and turned on the '!' symbol as to say 'anything not on this list, allow neighbor discovery'. However I found that it didn't disappear.
It turns out that eth8 is part of a Bridge on my router and when removed from the bridge it works fine and eth8 disappears from neighbor discovery. Does anyone know why this is the case? Based on Mikrotik's own documentation, even if interfaces are under master interfaces (Bridges or Bondings) they should still be able to be controlled by interface lists. Is this not actually the case?
Re: Neighbor Discovery on Bridges
Neighbour discovery is a L3 feature and vorks via interfaces. Bridge comes with (implicitly created) interface which allows ROS to interact with networks floving over bridge (the switch like entity).
When a physical interface is configured as bridge port, it can/should not be used as interface (L3 entity) any more. Hence forth one should use bridge filters (or switch ACLs) to micromanage traffic through that port (but this is far less versatile than using higher level filters).
When a physical interface is configured as bridge port, it can/should not be used as interface (L3 entity) any more. Hence forth one should use bridge filters (or switch ACLs) to micromanage traffic through that port (but this is far less versatile than using higher level filters).
Re: Neighbor Discovery on Bridges
@mkx:
Q: how come this page says it's an L2 function ?
https://help.mikrotik.com/docs/display/ ... +discovery
Q: how come this page says it's an L2 function ?
https://help.mikrotik.com/docs/display/ ... +discovery
Re: Neighbor Discovery on Bridges
If you're referring to the multiple mentionings of L2 broadcast domain (such as: "The neighbor list shows all discovered neighbors in the Layer2 broadcast domain.") ... then this only defines boundaries. One of reasons for being constrained in a L2 broadcast domain is because the payload is not IP (and thus can not be routed). But it's still carried over ethernet (using its own ethertype) which makes it "above L2".
I agree that it's debatable whether this makes neighbour discovery (CDP, LLDP, ...) true L3 protocol or not ... But it's not "pure" L2 and is also different than VLAN (which is above L2 but below L3 ... however VLANs are something many switches deal with natively while they don't for many other L2+ protocol types). And the fact it can be used to configure certain features of L2 stack of supporting devices still doesn't make it L2 protocol.
I agree that it's debatable whether this makes neighbour discovery (CDP, LLDP, ...) true L3 protocol or not ... But it's not "pure" L2 and is also different than VLAN (which is above L2 but below L3 ... however VLANs are something many switches deal with natively while they don't for many other L2+ protocol types). And the fact it can be used to configure certain features of L2 stack of supporting devices still doesn't make it L2 protocol.
Who is online
Users browsing this forum: Bing [Bot], gfunkdave, GoogleOther [Bot], jaclaz, pesegodinski, timotei, Usbuild and 36 guests