Firewall Wizards mailing list archives
Re: Multiple small switches vs. a single big one; Granularity of control
From: Krzysztof Gajdemski <lists () kosciol com pl>
Date: Tue, 2 Mar 2004 11:37:16 +0100
01.03.2004 13:33:16, Shimon Silberschlag wrote:
Lets take it to the extreme: someone (accidentally or intentionally) resets (or otherwise changes) the switch configuration. With separate switches, each segment can talk freely to all other servers on the segment but not outside, since the FW watches that route. For one big switch connected to an outside FW, all segments can talk to all segments (if the switch behaves as a L2 one). What about 6500 with FWSM? does resetting the config prevents it from seeing any traffic?
On C6500 platform all ports are in `disable' or `administratively down' state after clearing switch configuration depending on type of images (CatOS or Native IOS) currently running on the switch. So there's no danger in this case. k. -- - - Krzysztof Gajdemski | songo @ debian.org.pl | KG4751-RIPE Registered Linux User # 133457 | BLUG Registered Member # 0005 PGP publ. key at: http://i.use.vi.pl/gpg/gpgkey * ID: 3C38979D ,,Szanuję was wszystkich, którzy pozostajecie w cieniu'' SNERG _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Multiple small switches vs. a single big one; Granularity of control David Lang (Mar 01)
- Re: Multiple small switches vs. a single big one; Granularity of control Shimon Silberschlag (Mar 01)
- Re: Multiple small switches vs. a single big one; Granularity of control Krzysztof Gajdemski (Mar 02)
- Re: Multiple small switches vs. a single big one; Granularity of control Krzysztof Gajdemski (Mar 02)
- Re: Multiple small switches vs. a single big one; Granularity of control Dale W. Carder (Mar 04)
- Re: Multiple small switches vs. a single big one; Granularity of control David Lang (Mar 04)
- Re: Multiple small switches vs. a single big one; Granularity of control Shimon Silberschlag (Mar 04)
- Re: Multiple small switches vs. a single big one; Granularity of control Krzysztof Gajdemski (Mar 02)
- Re: Multiple small switches vs. a single big one; Granularity of control Shimon Silberschlag (Mar 01)