From owner-freebsd-net@FreeBSD.ORG  Tue Apr 26 12:24:43 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 405A016A4CE
	for <freebsd-net@freebsd.org>; Tue, 26 Apr 2005 12:24:43 +0000 (GMT)
Received: from mx0.thekeelecentre.com (mx0.thekeelecentre.com
	[217.206.238.167])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D4B3B43D2D
	for <freebsd-net@freebsd.org>; Tue, 26 Apr 2005 12:24:42 +0000 (GMT)
	(envelope-from richardtector@thekeelecentre.com)
Received: from av.mx0.thekeelecentre.com (av.mx0.thekeelecentre.com
	[217.206.238.166])
	by mx0.thekeelecentre.com (Postfix) with ESMTP id 8D1E040C8;
	Tue, 26 Apr 2005 13:24:39 +0100 (BST)
Received: from mx0.thekeelecentre.com ([217.206.238.167])
	[217.206.238.166]) (amavisd-new, port 10024)
	with ESMTP id 60566-08; Tue, 26 Apr 2005 13:24:39 +0100 (BST)
Received: from [217.206.238.190] (host-190.thekeelecentre.com
	[217.206.238.190])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx0.thekeelecentre.com (Postfix) with ESMTP id 5C4364072;
	Tue, 26 Apr 2005 13:24:38 +0100 (BST)
Message-ID: <426E336F.3030208@thekeelecentre.com>
Date: Tue, 26 Apr 2005 13:26:23 +0100
From: Richard Tector <richardtector@thekeelecentre.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7.3) Gecko/20040910
X-Accept-Language: en-gb, en
MIME-Version: 1.0
To: Csaba Urban <ucsaba@freemail.hu>
References: <freemail.20050326095625.5363@fm14.freemail.hu>
In-Reply-To: <freemail.20050326095625.5363@fm14.freemail.hu>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new at mx0.thekeelecentre.com
cc: freebsd-net@freebsd.org
Subject: Re: VLAN Bridge with layer2 filtering
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Apr 2005 12:24:43 -0000

Csaba Urban wrote:

>Hi,
>
>I have a number of users on a VLAN enabled switch - each users on his 
>own VLAN. They have fixed IP address sharing the same IP subnet and 
>gateway. 
>
>  
>
Another option instead of using VLANs is to enable port security. This 
of course depends on it being supported by your switch, for Cisco, see 
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84c2.html#xtocid3 
for example.
You simply enable it on all your ports, and leave all the users on the 
same VLAN. This would also get around any issues with VLANs on the em 
driver.

Hope that's of some help.

On a sidenote, you shouldn't have any issues pushing 100mbit through 
that system with good cards like Intels. I have a Celeron 1.3 here that 
routes 100mbit traffic no problem.

Regards,

Richard Tector