> If we do that, I'd like to propose also that ports be limited to one
> MAC. Obviously, this wouldn't apply to ports between (any combination
> of) MICE Switches and Remote Switches.
I played with port security for this and had pretty decent success.
>
> The Amsterdam Internet exchange is using L2ACLs for this with great
> success.
Using port security also had the benefit of not having to track each
carriers mac address.
> Here'd be an example of what this would look like (with * marking ports
> limited to 1 MAC):
> For now, we'd treat the CNS switch as a MICE Switch (since it's loaned
> to MICE), but if that changed, then it might be another example of a
> Remote Switch.
Mankato Networks remote switch is managed by MICE.
> CNS & Mankato Networks: Does the requirement to break each customer out
> into the Remote Switch kill your business model?
Not really a problem, I started breaking them out anyway. I'd have a
couple of legacy users that would need to shuffle ports but not a big
deal.
########################################################################
To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1
|