[86548] in North American Network Operators' Group
Re: Peering VLANs and MAC addresses
daemon@ATHENA.MIT.EDU (Mike Hughes)
Thu Nov 10 02:17:50 2005
Date: Thu, 10 Nov 2005 07:17:23 +0000 (GMT)
From: Mike Hughes <mike@smashing.net>
To: Alexander Koch <efraim@clues.de>
Cc: nanog@merit.edu
In-Reply-To: <20051110070728.GA27443@shekinah.ip.tiscali.net>
Errors-To: owner-nanog@merit.edu
On Thu, 10 Nov 2005, Alexander Koch wrote:
> I know the changes the LINX has implemented, and I am
> curious... and this might affect other folk as well.
>
> What is better - the LINX approach (blocking the port,
> trying again in x minutes when too many MACs were seen)
> or the Equinix approach (we hardcode your MAC per VLAN/
> per port if untagged, all else we just drop)?
Much of a muchness really.
With the former approach, it's easier for the participants to effect
changes to their IX equipment without having to ask the IX operator to
clear the locking/reconfigure the static MAC.
The protection against badness is pretty equal, whatever you do.
Cheers,
Mike
