[ixpmanager] Additional Virtual Interfaces Not Included In Auto-generated RS Configs

[Nick Hilliard]

Kyle Spencer wrote:
> I have a peer using two IP addresses on a single physical interface.

This is deliberately not supported.  Give them two interfaces and lock
down the number of MAC addresses to one per interface, preferably with a
static layer 2 ACL. If there are issues relating to getting a
cross-connect to this organization, this may require you to host one of
their switches in your rack with local cross-connect into the IXP fabric
- if they do this, make sure that they've split out the vlans properly
and that you can only see one MAC address on each port.

Essentially what you're doing here is extending your IXP into someone
else's network, which is a strategically bad move from a variety of
different reasons, mostly because it will shoot your network's
security/stability in the foot.

This may not be the answer that's most convenient for you guys right
now, but it's something that we would take really seriously and have
burn wounds to show for it :-|

Nick