[ previous ] [ next ] [ threads ]
 From:  Jim Gifford <baadpuppy at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Pay for a new function?
 Date:  Wed, 29 Sep 2004 15:08:49 -0400
I think the general consensus is that separate ip subnets (broadcast
domains) should get separate ethernet collision domains.  Whether this
is done with multiple physical interfaces or by using VLANs is
immaterial.  Having this separation is more secure than not having it.

That's just my opinion.

I've been communicating with Dennis off-list about the problem he is
trying to solve and trying to come up with a different way of solving
it instead of using the "multinetting" solution.


On Wed, 29 Sep 2004 14:53:23 +0200, Axel Eble <axel dot eble at gmail dot com> wrote:
> On Tue, 28 Sep 2004 11:08:00 -0300, Allan D. Piske <zyryz at terra dot com dot br> wrote:
> > you can do that bu using vlans and a managed ethernet switch ...
> VLANs are NOT a security tool.
> Axel
> --
> Axel Eble, CISSP * Trienter Str. 6b * 87437 Kempten (Allgäu) * Germany
> VoIP: 8002887 at sipgate dot de * cell: +49.178.285-3265
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch