On Wed, 2012-08-15 at 13:55 -0500, Manfredi, Albert E wrote: > > address registration as a form of weak access control. > Unless that MAC address access control is done at Layer 2, which is not > uncommon.
The two are different. One registers MACs at a central location and refuses service (eg DHCP) to unregistered MAC addresses. The hosts already have network access. The other checks at layer 2 whether they are permitted to access the network at all (e.g. 802.1x). Both systems have problems with duplicate MAC addresses. Not showstopper problems, but problems. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer ([email protected]) http://www.biplane.com.au/kauer http://www.biplane.com.au/blog GPG fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 Old fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
