 |
 |
I do not know that there is an official scope. I think things are just in the discussion stage. I do believe we all know what needs to be done, it is just about being motivated to get it all done (in this case a switch issue pushed it back to the front). There are plenty of IXes that have laid out and implemented best practices that have been proven in reality to work for them. -----Original Message----- From: MICE Discuss [mailto:[log in to unmask]] On Behalf Of Chris Wopat Sent: Thursday, November 03, 2022 9:21 AM To: [log in to unmask] Subject: Re: [MICE-DISCUSS] Proposal: MICE Static MAC address Only Could someone confirm the larger scope of this? Our remote switch indeed has static mac ACLs. Unsure how others work. If the goal here is to keep a static mac list on all access ports AND remote switch ports (so my list must be replicated to the core switch)? If so, lets be sure to consider operational issues. I'm unsure how mac ACLs work on arista, but is there a risk to block all mac addresses while the changes is being made if done incorrectly? (think the classic IOS 'switchport trunk allowed vlan 123..')? If this is being done by humans, hoping the procedure is documented and repeatable (a copy paste to do it). Or better yet, but our machine overlords (via NAPALM?) Cheers, -- Chris Wopat Network Engineer, WiscNet [log in to unmask] 608-210-3965