L2 broadcast isolation

This test checks that Layer 2 broadcast isolation is in effect, meaning that no Layer 2 broadcast traffic can be sent between customers. Unfiltered Layer 2 broadcast traffic between customers could be used to create attacks.

Impact: DoS, Abuse

Test process

  • Customers listen for Layer 2 broadcasts.
  • Malicious sends Layer 2 broadcast packets.

Fail criteria

  • Some Customer receives a Layer 2 broadcast packet sent from Malicious.


This test conforms to SEC Access Certification ID "SEC-V4-FF-1".



  • Malicious Customer: A customer interface performing malicious actions.
  • Customer: One or more customers that Malicious will affect.
  • ISP: A central node on a trusted port.
Have more questions? Submit a request


Powered by Zendesk