Hi board,
Quick question: I'm currently evaluation ACI (latest 3.x release) and I'm wondering what's the difference (and best practice) for endpoint loop protection vs. rogue endpoint control policy.
As far as I understood the whole thing, the rogue endpoint control policy covers all cases, which are also covered by endpoint loop protection.
Best practice papers recommends to enable both features with the exact same trigger values (which doesn't make sense, because it's not deterministric which feature is used effectively).
Furthermore, endpoint loop protection shuts down the whole port and rogue EP detection just "isolates" the affected single EP for the configured hold time.
So, question: Why should someone use endpoint loop protection if rogue EP detections is implemented?!
Why two features with the same purpose?
Someone has an idea?