Date: Mon, 5 Jul 2010 11:57:46 -0500 From: David Kelly <dkelly@hiwaay.net> To: Modulok <modulok@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: VLANs is this right? Message-ID: <20100705165746.GB10990@Grumpy.DynDNS.org> In-Reply-To: <AANLkTilW7eTmmdUtRlXpRX3CT_vuOkE2M0eDB_qiiauW@mail.gmail.com> References: <AANLkTilW7eTmmdUtRlXpRX3CT_vuOkE2M0eDB_qiiauW@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 05, 2010 at 10:16:19AM -0600, Modulok wrote: > > Criteria: > - HostA must never directly talk to HostB. > - Both hostA and hostB have an Internet connection. > > What I have to work with: > proCurve switch which supports VLANs. > 2x Intel NICs in FreeBSD which support VLANs. Am thinking you are approaching it the wrong way. Not familiar with the specifics of a ProCurve switch but that's a high end unit, not a Netgear. I would expect you could configure the switch to disallow the MAC addresses from talking to each other of hostA and hostB. Furthermore, it would be even easier to disallow hostB from within hostA's firewall. And do the same at hostB. -- David Kelly N4HHE, dkelly@HiWAAY.net ======================================================================== Whom computers would destroy, they must first drive mad.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100705165746.GB10990>