> > Or should the service provider implement port security and limit the > > number of MAC addresses on the access ports, forcing the customer to > > connect a router in both ends and segment their network? > > That would make the service less attractive, and also more complex to > set up and maintain. For point-to-point service, there is really no > reason for the network to care about customers' MAC addresses, VLAN tags > and such.
*If* the customer connects directly to a router which terminates EoMPLS, I agree. But router ports are usually expensive, which often means that the customer connects to a switch. And switches definitely care about MAC addresses. > Couldn't PBB or even Q-in-Q provide that isolation as well, at least for > point-to-point services? I must say that I don't personally have much > experience with those, because we tend to connect our customers to > EoMPLS-capable routers directly. QinQ does nothing to reduce the number of MAC addresses required. PBB can do this, but there is still not a lot of PBB equipment available. > > Also, do you see a demand for multi-point layer 2 networks (requiring > > VPLS), or are point-to-point layer 2 circuits sufficient to meet > > market demand? > > That's a big question for us right now... we're not sure yet. I'd like to > hear others' opinions on this. There is some demand there. Whether that makes it worth it implementing as a product is another question. Trouybleshooting multipoint is more difficult than troubleshooting point to point circuits. Steinar Haug, Nethelp consulting, sth...@nethelp.no