From owner-freebsd-hackers Tue Jul 20 1:13:17 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id 6DE1415248 for ; Tue, 20 Jul 1999 01:13:02 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 692 invoked by uid 1001); 20 Jul 1999 08:12:58 +0000 (GMT) To: vince@venus.GAIANET.NET Cc: modred@ns1.antisocial.net, leifn@neland.dk, freebsd-hackers@FreeBSD.ORG Subject: Re: poor ethernet performance? From: sthaug@nethelp.no In-Reply-To: Your message of "Tue, 20 Jul 1999 00:18:57 -0700 (PDT)" References: X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Tue, 20 Jul 1999 10:12:58 +0200 Message-ID: <690.932458378@verdi.nethelp.no> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > You see the MAC of the switch's port. It's been too long since I've > > played on a Catalyst... but what does 'sh arp' display? Any arp -> port > > -> host correlations? Good luck... :) > > Even if it did show the arp of the actual host, it's useless if it > doesn't show the IP of the device connected to it since how will one know > what device is what. As long as the hosts are using TCP/IP to communicate, you should be able to get the IP to MAC address mapping from the ARP table of any host (or router) connected to the same segment. You may have to look at the ARP tables from several hosts (or use a broadcast ping) to get all the mappings. Isn't this rather obvious? > > Yeah, I've noticed the 'sync-up time' takes quite awhile on a Catalyst > > running 100Mbps. > > It's pretty fast... Just it seems like the switch by default isn't > like as secure as they say it is. People on other ports can't still sniff > packets on the LAN. Ciscos have a 30 second delay when you connect something to a switch port. This is given by the spanning tree protocol. If you want this to go faster, turn off the spanning tree protocol on that port (OK if you can guarantee no loops in the network from that port). Not sure what you mean by "the switch by default isn't like as secure as they say it is". A switch is a bridge, and will isolate traffic between ports. However, broadcast (and in many cases multicast) traffic will be sent on all ports. Also, if the MAC address tables on the switch fills up, any traffic from a *new* MAC address will be sent on all ports. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message