Alex - refer to this: http://wiki.mikrotik.com/wiki/Manual:MPLSVPLS#Split_horizon_bridging -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Alex Samad - Yieldbroker Sent: Tuesday, 30 August 2016 6:52 AM To: terry@skymesh.net.au; MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] The NBN Questions again ... Hi Question How did you configure this " The group members are all on the same split horizon, so no port to port traffic occurs. " I presume you saying you have clients on the same broadcast domain, but configured up so that they can't talk to each other ? Alex -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Terry Sweetser (SkyMesh) Sent: Monday, 29 August 2016 3:24 PM To: public@talk.mikrotik.com.au Subject: [MT-AU Public] The NBN Questions again ... Hello MK People, I have now several CCR 36core deployed routers, with Q-in-Q interfaces numbering in 4,000 range. They're in a single bridge group and DHCP broadcasts and ipv6 multicasts have become a major issue. A single DHCP reply generates an ipv4 broadcast to 4000 interfaces in the bridge group. The group members are all on the same split horizon, so no port to port traffic occurs. When ipv6 ND fires up some discoveries, again N*4000+ packets go out. Given these are 600 bytes, and N*4000 PPS, N being number of open requests or discoveries, there's multiples of 10Mbps of traffic going out. I'm loath to redo the bridge concept, it would mean burning up a /30 per site for "their own subnet" space. PPPoE, as an answer to urgent support cases has been used, but for 10,000 sites this is just not possible. Currently, I have a bridge rate limit in place to "slow down" (a la tar pit) floods of DHCP requests. Where to from here? Is there some new or interesting Cisco-like "unnumbered" scheme possible? Can I try to move IPv6 to the individual interfaces, and drop IPv6 across the bridge? Can I filter out all bridge DHCP and attach 4000 DHCP servers to the interfaces? (No joke.) -- http://about.me/terry.sweetser _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au