Date: Mon, 01 Jan 2001 23:31:17 -0700 From: Wes Peters <wes@softweyr.com> To: "C. Stephen Gunn" <csg@waterspout.com>, Julian Elischer <julian@elischer.org>, "freebsd-net@FreeBSD.ORG" <freebsd-net@FreeBSD.ORG> Subject: Re: Problems with VLAN and natd. Message-ID: <3A5175B5.1F21090B@softweyr.com> References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Wes Peters wrote: > > "C. Stephen Gunn" wrote: > > > > Netgraph is an excellent technology. While your comment makes > > sense, there are several issues that will need to be addressed. > > For instance, the current ARP implementation in FreeBSD is > > entangled with the generic ethernet code. > > Under netgraph, it would be just another protocol in a netgraph node, > and could be added to (and removed from) the interface as needed. That > would be interesting from the standpoint of a secure system over which > you wanted to control the ARP entries. Being able to simply turn off > dynamic ARP has been discussed often, but never really acted upon. Sorry to reply to my own message, but another thought hit me. Now that the swelling has gone down, I thought I should share it: This might even give us a start at a sticky problem that has been bugging VLAN switch makers from the start, namely, per-VLAN ARP tables. That is something really needed to do VLANs correctly. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A5175B5.1F21090B>