Turn off anything but IP on your interface
Frames forwarded to CIX ports must have one of the following ethertypes:
- 0x0800 - IPv4
- 0x0806 - ARP
- 0x86dd - IPv6.
So please configure your interface not to broadcast any link-local protocols.
Link-local protocols:
IRDP
ICMP redirects
IEEE 802 Spanning Tree
Vendor proprietary protocols. These include, but are not limited to:
Discovery protocols: CDP, EDP, FDP
VLAN/trunking protocols: VTP, DTP
Interior routing protocol broadcasts (e.g. OSPF, ISIS, IGRP, EIGRP)
BOOTP/DHCP
PIM-SM
PIM-DM
DVMRP
ICMPv6 ND-RA
UDLD
Layer2 Keepalives
The following link-local protocols are exceptions and are allowed:
ARP
IPv6 ND
Cisco example:
! Don't do redirects
no ip redirects
! Don't do proxy ARP
no ip proxy-arp
! Don't run CDP on your CIX interface
no cdp enable
! No directed broadcasts
no ip directed-broadcast
! v6 ND-RA is unnecessary and undesired
ipv6 nd suppress-ra
! Disable DEC
no mop enable
! Copper Ports: no auto-negotiation
! no negotiation auto
! duplex half
duplex full
! L2 keepalives are useless on CIX
no keepalive
Aggregate your routes
Do not announce every single IP Range in your network. Rather try to aggregate your routes to whole prefixes. This keeps the routing tables of your routes small.
Cisco example:
router bgp 12345
network 123.4.0.0 mask 255.254.0.0
network 234.56.76.0 mask 255.255.252.0
Limit the number of MAC addresses
Only ten MAC address are allowed per port or port channel.
