[braindeath]

One MAC per port is very low yield, won’t do anything to stop even a mildly sophisticated attacker, and often just makes life more difficult than it needs to be. Especially for a college network where any notion that the general network is “secure” is a complete joke.

[walrus01]

It's not meant to be a comprehensive security plan, but rather a very easy thing to have configured on each port, to stop people from plugging $20 8 port dumb switches into managed infrastructure.

[braindeath]

But not a $30 wireless router.

And again there’s no need to be so draconian on something like a ResNet.