Dear experts A customer of mine would like to run encryption over the core entire network to encrypt traffic passing WAN links. Currently on those links pass plain ip traffic (bgp, ospf, pim).
The links are 10 Gbs point2point links and are used to transport unicast and multicast (trading) traffic, bursts are usual but encryption is considered the only way forward due to auditing reasons. I'd like to propose to insert on the two link end points an ex4300 macsec device in order to run macsec in hardware and transport ethernet traffic without any active action. Does anybody have experiece in this kind of design? Is bursty multicast an issue? I am not able to find any test on the www.. Is there any other way to reach the target without rebuild the entire network? Thanks in advance for any hints/recommendation. James _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp