On Fri, 25 February 2000, owen@exodus.net wrote:
Except that for the most part, MAE connections are switched, not "shared" media. As such, they'll see Broadcasts, and packets destined for the monitoring equipment and little else. The aggregate bandwidth of the MAE makes them using a SPAN port virtually impossible. If memory serves, the MAE traffic is several times 100Mbps.
SPAN ports were not always infeasible and certainly are quite feasible at a lot of smaller exchange points. And all kinds of things could be happening inside an ATM exchange. And the spooks are happy to get any traffic at all; they don't need 100% of it and cannot get 100% of it in today's Internet structure. All they need is a little inside help to get great piles of interesting traffic from taps within a large provider or within an exchange point. And there is still the possibility of tapping the fiber directly at least two ways that I know of. Governments spying on their citizenry is just a fact of life in the modern age. The key thing is to make sure that they do not abuse this power or this data but that is politics, not technology. --- Michael Dillon Phone: +44 (20) 7769 8489 Mobile: +44 (79) 7099 2658 Director of Product Engineering, GTS IP Services 151 Shaftesbury Ave. London WC2H 8AL UK
The aggregate bandwidth of the MAE makes them using a SPAN port virtually impossible. If memory serves, the MAE traffic is several times 100Mbps.
SPAN ports were not always infeasible and certainly are quite
Various switch vendors are promissing SPAN in conjunction with dynamically configurable L3 filtering. This has innocent uses too. -- Alex Bligh VP Core Network, Concentric Network Corporation (formerly GX Networks, Xara Networks)
participants (2)
-
Alex Bligh
-
michael.dillon@gtsip.net