|
||||||||
I think the general consensus is that separate ip subnets (broadcast domains) should get separate ethernet collision domains. Whether this is done with multiple physical interfaces or by using VLANs is immaterial. Having this separation is more secure than not having it. That's just my opinion. I've been communicating with Dennis off-list about the problem he is trying to solve and trying to come up with a different way of solving it instead of using the "multinetting" solution. jim On Wed, 29 Sep 2004 14:53:23 +0200, Axel Eble <axel dot eble at gmail dot com> wrote: > On Tue, 28 Sep 2004 11:08:00 -0300, Allan D. Piske <zyryz at terra dot com dot br> wrote: > > you can do that bu using vlans and a managed ethernet switch ... > > VLANs are NOT a security tool. > > Axel > > -- > Axel Eble, CISSP * Trienter Str. 6b * 87437 Kempten (Allgäu) * Germany > VoIP: 8002887 at sipgate dot de * cell: +49.178.285-3265 > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |