[ previous ] [ next ] [ threads ]
 
 From:  Jim Gifford <baadpuppy at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Pay for a new function?
 Date:  Wed, 29 Sep 2004 19:45:19 -0400
I've personally never experienced this problem.  What brands of
switches exhibit this broken behavior?

I've tested VLANs on some models of Cisco and on the summit and alpine
models of Extreme switches and never saw traffic I shouldn't have.

I would love to know which switches do this wrong so I don't make the
mistake of buying one.

Thanks,
jim

PS, if a VLAN "leaks", isn't that in violation of 802.1Q?


On Wed, 29 Sep 2004 22:19:29 +0200, Axel Eble <axel dot eble at gmail dot com> wrote:
> On Wed, 29 Sep 2004 15:08:49 -0400, Jim Gifford <baadpuppy at gmail dot com> wrote:
> > I think the general consensus is that separate ip subnets (broadcast
> > domains) should get separate ethernet collision domains.  Whether this
> > is done with multiple physical interfaces or by using VLANs is
> > immaterial.  Having this separation is more secure than not having it.
> 
> As long as you know the risks - maybe. I've seen too many switches
> pass packets across VLAN borders.
> 
> > That's just my opinion.
> >
> > I've been communicating with Dennis off-list about the problem he is
> > trying to solve and trying to come up with a different way of solving
> > it instead of using the "multinetting" solution.
> 
> Thanks - that's the spirit!
> 
> > jim
> 
> 
> 
> Axel
> 
> --

> VoIP: 8002887 at sipgate dot de * cell: +49.178.285-3265
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>