On 1/19/11 3:56 PM, "Chris Burwell" <cburwell@gmail.com> wrote:
Any advice or tips would be helpful.
If all you need the ActionTek for is a MoCA bridge (to make the cable boxes talk to the larger world), my experience is you can move it to the inside of your NAT if you like. One does not need to burn a routable IP for it. On 1/19/11 5:25 PM, "Mike" <mike-nanog@tiedyenetworks.com> wrote:
also add 'nonegotiate' and turn off spanning tree on the port while you're at it. There's a list somewhere of standard stuff when connecting to an untrusted l2 network, which is what you should treat anything (including FiOS) connecting to you that you don't own.
Nonegotiate doesn't touch STP. It stops the switchport from sending DTP frames, but one wouldn't be attempting to establish a trunk to a FiOS ONT. http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/1 2.1_11_ea1/command/reference/cli2.html#wpmkr3005909 To stop a port from participating in spanning tree, one would want some combination of global and interface bpduguard and bpdufilter. Which combination you want seems to vary with every Cisco Press book and document, and every engineer has a different idea of which is correct. One is best off labbing it out themselves with the equipment they intend to use. -porkchop -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/