On Thu, Dec 22, 2011 at 09:17:08PM -0600, Andrew Hoyos wrote: > On Dec 22, 2011, at 9:01 PM, Doug McIntyre wrote: > > > mac address limiting to tiny numbers, especially qty 1 won't work. > > There are a lot of administrative packets that go across a link coming > > from specific well-known MAC addresses, if that administrative packet > > gets in before any real traffic, that administrative MAC address will > > be learned and real traffic locked out. > > > > (this is mentioned in the JunOS documentation). > > > > That's why you get those 'administrative packets' to not happen in the first place. > No offense, but I don't want to see your cdp/lldp, ospf, stp, keepalives, etc. coming across the IX. There are other protocols that do take more than one MAC address that some people might find required. For example, a JunOS RVI has two MAC adddresses, the port address, and the RVI MAC address. I assume a Cisco SVI would be the same, although I haven't dug into it. Cisco UDLD also does broadcasts using a well-known MAC address. I don't think it would be allowed anyway at the IX, but LACP and PAgP are also ones to talk on different MAC addresses to setup the LAG before talking real traffic. -- Doug McIntyre <[log in to unmask]> -- ipHouse/Goldengate/Bitstream/ProNS -- Network Engineer/Provisioning/Jack of all Trades ######################################################################## To unsubscribe from the MICE-DISCUSS list, click the following link: http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1