Message-ID: <8685da8c-3502-34c7-c91f-db28a0a450d6@jbeekman.nl>
Date:   Sat, 24 Apr 2021 23:28:52 +0200
From:   Jethro Beekman <kernel@...ekman.nl>
To:     netdev@...r.kernel.org
Subject: [PATCH iproute2-next] ip: Clarify MACVLAN private mode

Traffic isn't really "disallowed" but rather some broadcast traffic is filtered.

Signed-off-by: Jethro Beekman <kernel@...ekman.nl>
---
 man/man8/ip-link.8.in | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index fd67e611..a4abae5f 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -1366,10 +1366,12 @@ the following additional arguments are supported:
 .BR /dev/tapX " to be used just like a " tuntap " device."
 
 .B mode private
-- Do not allow communication between
+- Do not allow broadcast communication between
 .B macvlan
 instances on the same physical interface, even if the external switch supports
-hairpin mode.
+hairpin mode. Unicast traffic is transmitted over the physical interface as in
+.B vepa
+mode, but the lack of ARP responses may hamper communication.
 
 .B mode vepa
 - Virtual Ethernet Port Aggregator mode. Data from one
@@ -1394,7 +1396,7 @@ forces the underlying interface into promiscuous mode. Passing the
 using standard tools.
 
 .B mode source
-- allows one to set a list of allowed mac address, which is used to match
+- Allows one to set a list of allowed mac address, which is used to match
 against source mac address from received frames on underlying interface. This
 allows creating mac based VLAN associations, instead of standard port or tag
 based. The feature is useful to deploy 802.1x mac based behavior,
-- 
2.31.1

Powered by blists - more mailing lists