|
||||||||
On Wed, 29 Sep 2004 15:08:49 -0400, Jim Gifford <baadpuppy at gmail dot com> wrote: > I think the general consensus is that separate ip subnets (broadcast > domains) should get separate ethernet collision domains. Whether this > is done with multiple physical interfaces or by using VLANs is > immaterial. Having this separation is more secure than not having it. As long as you know the risks - maybe. I've seen too many switches pass packets across VLAN borders. > That's just my opinion. > > I've been communicating with Dennis off-list about the problem he is > trying to solve and trying to come up with a different way of solving > it instead of using the "multinetting" solution. Thanks - that's the spirit! > jim Axel -- Axel Eble, CISSP * Trienter Str. 6b * 87437 Kempten (Allgäu) * Germany VoIP: 8002887 at sipgate dot de * cell: +49.178.285-3265 |