From owner-freebsd-hackers Thu Jul 22 13: 6: 3 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from behemoth.lehub.com (behemoth.lehub.com [209.24.238.69]) by hub.freebsd.org (Postfix) with ESMTP id BB20114EC2 for ; Thu, 22 Jul 1999 13:05:56 -0700 (PDT) (envelope-from shibumi@lehub.com) Received: from miranda.lehub.com (miranda.lehub.com [209.24.238.77]) by behemoth.lehub.com (8.9.3/8.9.3) with ESMTP id MAA07364 for ; Wed, 21 Jul 1999 12:45:24 -0700 (PDT) (envelope-from shibumi@lehub.com) Received: from localhost (localhost [127.0.0.1]) by miranda.lehub.com (8.9.3/8.9.3) with ESMTP id MAA00781 for ; Wed, 21 Jul 1999 12:44:29 -0700 (PDT) (envelope-from shibumi@lehub.com) Message-Id: <199907211944.MAA00781@miranda.lehub.com> X-Mailer: exmh version 2.0.2 2/24/98 To: freebsd-hackers@FreeBSD.ORG Subject: Re: poor ethernet performance? In-reply-to: Your message of "Wed, 21 Jul 1999 00:33:31 PDT." <199907210733.AAA25177@apollo.backplane.com> Reply-To: shibumi@lehub.com X-Disclaimer: Unless otherwise noted below, this is not a policy statement X-Url: http://www.shockwave.org/~shibumi Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 21 Jul 1999 12:44:29 -0700 From: "Kenton A. Hoover" Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You can hijack the MAC address after the CAM table (not ARP cache) times out for the switches. However, you can't just listen to their traffic unless you're on a span port (and span ports don't always work correctly). VLANing has a number of goals, of which you are listing only one. Another is to permit any net to appear on any switch within the switch fabric. VLANs are usually used in a form that spans multiple switches, not just using VLANs on a single switch. At an installation I put together in India, we used VLANs to allow us to better use IP addresses in a strange physical layout. When we were building out our New Site Architecture at Cisco in San Jose, we used VLANs to cut down the number of routing components necessary and further to take advantage of Layer 3 short-cutting in a number of spots around the buildings. On Wed, 21 Jul 1999 00:33:31 PDT, Sendmail channeled Matthew Dillon saying: > The switch routes traffic based on its ARP cache. While you cannot > easily monitor another port's traffic, you can take over its MAC address > and steal its traffic. > > Cisco VLANs perform a different function. Remember that a logical ethern et > segment is typically routed by a single network route. For example, > a class C or a subnetted class C. The catalyst allows you to throw > machines into different VLAN buckets which, in addition to the better > security, allows you to assign separate subnets to each bucket. The > switch itself doesn't care, but this can reduce global ARP traffic > significantly. Catalysts can have hundreds of ports stuffed into them. (ex-of Cisco Systems) | Kenton A. Hoover | shibumi@marchordie.org | | Private Citizen | | | San Francisco, California | | |===================== http://www.shockwave.org/~shibumi ====================| | A non-vegetarian anti-abortionist is a contradiction in terms. | | -- Phyllis Schlafly | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message