Steve, The GIGAswitches support filtering based on several parameters (e.g. MAC source/destination address, switch ports, etc.). We currently employ filtering based on ports (vs. MAC addresses) to logically partition the GIGAswitches. I think this is prudent since the MAC addresses will change if (er, when :-) )we ever have to swap out failed equipment. Jim On Wed, 11 Sep 1996, Steve Schnell, Sprint Corporation wrote:
Date: Wed, 11 Sep 1996 09:49:58 -0500 From: Steve Schnell, Sprint Corporation <schnell@gsd.sprint.com> To: Michael Dillon <michael@memra.com> Cc: nanog@merit.edu Subject: Re: customers and web servers and level one naps
At 11:30 -0700 9.10.96, Michael Dillon wrote:
It's not a matter of experience. It's a matter of what a level-2 device is and how it normally works. There is no security at level 2.
Yes there is rudimentary security at L2. It's called MAC-based filtering, which is a feature of DEC's GIGAswitch. I believe that SprintLink uses the capability in a form to logically separate backbone router traffic from access router traffic when both routers are homed to the same GIGAswitch. With filtering, you can establish virtual workgroups where only certain devices can communicate with other devices in the same group, or with specific devices in other groups.
ss
********************************************************************************
Phone: 1.816.854.2113
Fax: 1.816.854.2201
Sprint Pager: 1.888.366.7890, PIN 398.6644
Text Page via Internet: 3986644@pagenet.net
********************************************************************************