On Fri, Dec 23, 2011 at 4:13 PM, Mohacsi Janos <mohacsi () niif hu> wrote:
If you can limit number of ARP/NDP entries per interfaces and you complement
RAGuard and DHCPv4 snooping your are done.
That depends on how ARP/ND gleaning works on the box. In short, Cisco
already has a knob to limit the number of ND entries per interface on
some of their kit, and it is not a solution, only a damage mitigation