On Fri, 1 Aug 2025 at 21:45, Mel Beckman <[email protected]> wrote: > Cisco is likely to say that the control plane is only fully supported on the > management port. After all, the control plane was invented to separate > management functions from the data forwarding process.
Cisco will 100% fully support control-plane on in-line ports, before cloudy shop in-line was the norm, MGMT port exception. Management ports to this day are extremely dangerous and I consider using them anti pattern. If you have MGMT L2 broadcast domain, you can potentially break every control-plane by having L2 storms (actual risk that has happened). Because you cannot protect the control-plane on MGMT ETH port, for obvious reasons. And you can protect (some platforms better, some worse) control-plane on in-line ports by combination of QoS, ACL, control-plane ACL, control-plane police/shape/ACL. It might be easier to contribute, if there is familiarity to the subject matter. -- ++ytti _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/RDGGSP5K4OGNLISRI3T6H6MIE3TL3P6Y/
