Could someone confirm the larger scope of this? Our remote switch indeed
has static mac ACLs. Unsure how others work.
If the goal here is to keep a static mac list on all access ports AND
remote switch ports (so my list must be replicated to the core switch)?
If so, lets be sure to consider operational issues. I'm unsure how mac
ACLs work on arista, but is there a risk to block all mac addresses
while the changes is being made if done incorrectly? (think the classic
IOS 'switchport trunk allowed vlan 123..')?
If this is being done by humans, hoping the procedure is documented and
repeatable (a copy paste to do it). Or better yet, but our machine
overlords (via NAPALM?)
Cheers,
--
Chris Wopat
Network Engineer, WiscNet
[log in to unmask] 608-210-3965
|