Category: Network

An ARP broadcast storm with a single, CenturyLink-provided all-in-one internet gateway was the final straw. The entire network would become unusable multiple times a day without warning. With multiple people trying to work from home, and others just trying to use the internet normally, it was time for a refresh. Here’s how I upgraded from a single WiFi-6 WAP/Gateway/Switch to a whole-home mesh system powered by eero.

I needed to implement 802.1x MAC-Based Authentication on some Arista switches for both macOS and Windows supplicants. The macOS clients were still being sent EAP requests, presenting the user with a 802.1x login screen.

One of the more important hardening items for switches is restricting management access with an ACL. In a true zero-trust environment, a fully air-gapped network may exist for switch management. And while full AAA should also be implemented, adding an ACL for the users and systems that should be allowed to interact with a switch is equally important.