[c-nsp] ARP strangeness

Frank Bulk - iName.com frnkblk at iname.com
Wed Jan 19 20:23:56 EST 2011 

VLAN per customer provides L2 separation/protection and would avoid the
problems we've had.  Just I don't like the (lack of) scalability of (extra)
management of that approach.

Frank

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jared Mauch
Sent: Wednesday, January 19, 2011 9:41 AM
To: Tim Franklin
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ARP strangeness


On Jan 19, 2011, at 5:16 AM, Tim Franklin wrote:

>
> ----- "Gert Doering" <gert at greenie.muc.de> wrote:
>
>> This sounds like a very very stupid design in the FTTH gear.
>
> But either not unique, or on some popular gear.
>
> I've recently reviewed the spec for a wholesale FTTH offering from a
certain incumbent which contains exactly the same caveats.
>
> In my particular case, I'd be sticking a managed Cisco on the end of the
service generating (and receiving) IPSLA probes if nothing else, so there
should never be silence long enough for the MAC learning to time out.  It
was a bit of a "WTF?" moment, though...

I've been continuing research on doing a small FTTH deployment, and my
general consensus/balancing point starts to look somewhere between:

1) Put everyone on a large(r) broadcast domain with bidi sfps (something
that would be nice if cisco would support more natively)
2) use a variety of kludges such as occam or other ftth gear to actually
terminate and possibly vlan/qos for voip, iptv, etc to make it happen.

Having not asked Frank what hardware he is using, it seems like "It's a bug"
that should be addressed.  The security model is intending to block some
activity but is actually creating greater problems.  Either the gear should
act more like a true bridge, or support the features necessary to terminate
the customers without trouble (and do things like IPv6 and other modern
tech).

Divorcing price from the equation entirely, I'd love to take something like
Nexus and use it for massive FTTH termination with vlans, pvlans, and other
capabilities supported in the Earl8.

- Jared
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list