Date: Wed, 21 Jul 1999 00:33:31 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Jaye Mathisen <mrcpu@internetcds.com> Cc: Modred <modred@ns1.antisocial.net>, Vincent Poy <vince@venus.GAIANET.NET>, sthaug@nethelp.no, leifn@neland.dk, freebsd-hackers@FreeBSD.ORG Subject: Re: poor ethernet performance? Message-ID: <199907210733.AAA25177@apollo.backplane.com> References: <Pine.BSF.4.10.9907202356040.16718-100000@schizo.cdsnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
:Perhaps I'm missing something obvious, but since switches forward packets
:selectively per port, I would think it would be hard to sniff packets on
:any port, w/o administrative access to the switch to tell it to mirror
:data to a different port.
:
:ie, if I'm plugged into port 1, I can't see traffic on a switch on port 2
:except for broadcast traffic...
The switch routes traffic based on its ARP cache. While you cannot
easily monitor another port's traffic, you can take over its MAC address
and steal its traffic.
Cisco VLANs perform a different function. Remember that a logical ethernet
segment is typically routed by a single network route. For example,
a class C or a subnetted class C. The catalyst allows you to throw
machines into different VLAN buckets which, in addition to the better
security, allows you to assign separate subnets to each bucket. The
switch itself doesn't care, but this can reduce global ARP traffic
significantly. Catalysts can have hundreds of ports stuffed into them.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907210733.AAA25177>