[172565] in North American Network Operators' Group
Re: MACsec SFP
daemon@ATHENA.MIT.EDU (Saku Ytti)
Tue Jun 24 04:21:32 2014
X-Original-To: nanog@nanog.org
Date: Tue, 24 Jun 2014 11:21:18 +0300
From: Saku Ytti <saku@ytti.fi>
To: nanog@nanog.org
In-Reply-To: <53A92FEC.9070206@aimvalley.nl>
Errors-To: nanog-bounces@nanog.org
On (2014-06-24 09:59 +0200), Pieter Hulshoff wrote:
Hi Pieter,
> I've seen this request from others as well. Do you have any
> proposal/preference to limit the data rate from the switch?
For this solution to be marketable, it needs to be extremely cheap, as you're
essentially competing against cheapest consumer grade switches to subrate a
port.
These ports would not be revenue generating, but almost invariably MGMT ports
to legacy equipment, issues like QoS are not relevant, price point is. From
switch POV, packets would be lost on-link when rate exceeds, and TCP would
then decrease rate.
So SFP would need to implement rudimentary buffering and packet dropping.
And as always, it's best if there is some way for these to work without any
configuration, as the moment you need to configure 1 thing, you need to
develop provisioning system and potentially also configuration backups, which
may in some organizations make solution prohibitively expensive compared to
using small switch from existing vendor, which is already supported by
systems.
--
++ytti
