|
||||||||
Le 2010-11-12 15:11, Guy Boisvert a écrit : > [Stuff deleted...] > We use VLANs to separate broadcast domains (a switch already separate > collision domains). You could see vlans as separate dumb switches > (that doesn't support VLANs). 2 VLANs on 1 managed switch would be > equivalent to 2 physical dumb switch. VLANs are defined at layer 2 of > the OSI model. > > [Stuff deleted...] Replying to myself, i forgot to point out than in applications where security is very important, separate switches are safer than 1 swith with VLANs. That's because switches can be fooled into forwarding frames between VLANs by using advanced hack technique (like VLAN hopping). http://www.itsyourip.com/Security/vlan-hopping-layer-2-security-exploit-bypass-layer-3-security/ -- Guy Boisvert, ing. IngTegration inc. http://www.ingtegration.com AVIS DE CONFIDENTIALITÉ : ce message peut contenir des renseignements confidentiels appartenant exclusivement à IngTegration Inc. ou à ses filiales. Si vous n'êtes pas le destinataire indiqué ou prévu dans ce message (ou responsable de livrer ce message à la personne indiquée ou prévue) ou si vous pensez que ce message vous a été adressé par erreur, vous ne pouvez pas utiliser ou reproduire ce message, ni le livrer à quelqu'un d'autre. Dans ce cas, vous devez le détruire et vous êtes prié d'avertir l'expéditeur en répondant au courriel. CONFIDENTIALITY NOTICE : Proprietary/Confidential Information belonging to IngTegration Inc. and its affiliates may be contained in this message. If you are not a recipient indicated or intended in this message (or responsible for delivery of this message to such person), or you think for any reason that this message may have been addressed to you in error, you may not use or copy or deliver this message to anyone else. In such case, you should destroy this message and are asked to notify the sender by reply email. |