> If we do that, I'd like to propose also that ports be limited to one > MAC. Obviously, this wouldn't apply to ports between (any combination > of) MICE Switches and Remote Switches. I played with port security for this and had pretty decent success. > > The Amsterdam Internet exchange is using L2ACLs for this with great > success. Using port security also had the benefit of not having to track each carriers mac address. > Here'd be an example of what this would look like (with * marking ports > limited to 1 MAC): > For now, we'd treat the CNS switch as a MICE Switch (since it's loaned > to MICE), but if that changed, then it might be another example of a > Remote Switch. Mankato Networks remote switch is managed by MICE. > CNS & Mankato Networks: Does the requirement to break each customer out > into the Remote Switch kill your business model? Not really a problem, I started breaking them out anyway. I'd have a couple of legacy users that would need to shuffle ports but not a big deal. ######################################################################## To unsubscribe from the MICE-DISCUSS list, click the following link: http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1