-----Original Message-----
From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Terry Sweetser (SkyMesh) A single DHCP reply generates an ipv4 broadcast to 4000 interfaces in the bridge group.
Not wanting to be mean, but why did you put 4000 hosts into a single broadcast domain? That's really your root problem. That said, a DHCP reply should not be broadcast under normal circumstances, it should be unicast to the discoverer. Only the initial discover from a client should be broadcast. On some systems this is a setting however; maybe your DHCP server has been set to broadcast responses. As far as IPv6 goes, DHCP works very differently. As long as your switches support MLD snooping and don't just flood all multicast packets out all ports, you should see massively reduced "broadcast" traffic compared to IPv4.
When ipv6 ND fires up some discoveries, again N*4000+ packets go out.
About the only stuff that goes to all hosts should be RA packets from routers. What other packets are you seeing to all hosts? There should be nothing except packets to ff02::1. I'm starting to wonder if your hardware supports MLD; it sounds as if multicast is being flooded out all ports.
Can I try to move IPv6 to the individual interfaces, and drop IPv6 across the bridge?
What "interfaces" are we talking here? Router interfaces? If this is a routed network, you should certainly not be seeing floods of DHCP traffic... neither IPv6 multicast nor IPv4 broadcast should make it across a subnet boundary. I clearly don't have a good enough handle on your topology. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 GPG fingerprint: 6D59 8AE6 810D 44E3 7626 7040 4DD6 F89F 3053 4774 Old fingerprint: 9DCA 0903 BCBD 0647 BCCC 2FA7 A35C 57A1 ACF9 00BB