@Todd: If the scope is only DNs, then you may be correct that it's not a blocking issue. The basic issue is a token cannot be acquired over 1 interface, and then subsequently used via another. This may or may not be an issue today, but it's worth noting that it places strong limitations on clients and network topologies in a multi-NIC environment.
We have to ensure that all services issuing tokens to an external client cannot be cannot be run on a multi-NIC host. I believe this currently applies to the NN, RM, AM(??), JHS, and maybe others. Since the AM runs on a DN, it's the one to be most concerned about. I don't understand the yarn token passing enough to know if it is a problem today.
Repurposing of hosts will be impacted. If a service is moved from a failed host to another host, and the new host is multi-NIC, then the grid internal interfaces must be shutdown. If the host is repurposed to be a DN again, then the interfaces will need to be re-enabled.