On some servers we rent at Hetzner, we have recently (in the last month) begun to run Xen - and the Xen guests obviously have "made up" MAC addresses, e.g. 00:16:3e:bb:ac:82. For IPv4, we have enabled proxy_arp on the bridge interface, works well as always. We have not yet configuredany IPv6 in any of the guests, only on the xen host. The guests only have a link-local address. In this config, the only MAC addresses that should be seen on the network that of the only real interface, eth0/br0. However, Hetzner is complaining that some of our guest MAC addresses are "leaking out". AFAICT, this is happening in neighbour solitications and advertisements, with the link-local addresses. I figured out we probably needed to enable ipv6 ndp - neighbour discovery protocol proxy : setting /proc/sys/net/ipv6/conf/*/proxy_ndp = 1 This did not have the desired effect, so I am clearly missing something? -- Per Jessen, Zürich (17.2°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland.