Date: Mon, 01 Jan 2001 23:31:17 -0700 From: Wes Peters <wes@softweyr.com> To: "C. Stephen Gunn" <csg@waterspout.com>, Julian Elischer <julian@elischer.org>, "freebsd-net@FreeBSD.ORG" <freebsd-net@FreeBSD.ORG> Subject: Re: Problems with VLAN and natd. Message-ID: <3A5175B5.1F21090B@softweyr.com> References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Wes Peters wrote:
>
> "C. Stephen Gunn" wrote:
> >
> > Netgraph is an excellent technology. While your comment makes
> > sense, there are several issues that will need to be addressed.
> > For instance, the current ARP implementation in FreeBSD is
> > entangled with the generic ethernet code.
>
> Under netgraph, it would be just another protocol in a netgraph node,
> and could be added to (and removed from) the interface as needed. That
> would be interesting from the standpoint of a secure system over which
> you wanted to control the ARP entries. Being able to simply turn off
> dynamic ARP has been discussed often, but never really acted upon.
Sorry to reply to my own message, but another thought hit me. Now that
the swelling has gone down, I thought I should share it:
This might even give us a start at a sticky problem that has been bugging
VLAN switch makers from the start, namely, per-VLAN ARP tables. That is
something really needed to do VLANs correctly.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A5175B5.1F21090B>