40+ years experience in IT / Computer Networking, including:
- 24 years as Cisco SE
- 19 years Enterprise IT, as both customer and Cisco SE
- 22 years SP experience, as both customer and Cisco SE
CCIExpired #5286
https://www.linkedin.com/in/jimberg/
Software release-throttle and hardware-platform projects get codenames early in their in development process because the actual release numbers or product names/models get assigned by Marketing much later. During the dev process the projects have to ...
My understanding is that some IOS releases & platforms will support switch-to-switch MACsec, which would be over .1Q trunks with EAPOL for authentication. If your AP and upstream switch can support this, then seems like this could mitigate against ro...
IEEE 802.1X, with or without MACsec, can mitigate against rogue hardware being attached to a network. You might consider it if both your APs and agg switches support it on their interconnecting trunks, particularly with the use of certificates as an ...
Instead of getting rid of L2 links entirely, you might consider the second option: L2 backhauling traffic from the access layer to the Nexus core over a .1Q trunk. Then, on a VLAN-by-VLAN basis, you have the option to dump the traffic into a L2VPN br...
[Note: the diagram does not show direct interconnectivity between Nexus core switches, but I am assuming it exists.]The "simplest" way to span VLANs across wiring closets? Bridge those VLANs at L2 from the closet access switches all the way across th...