Re: [fw-wiz] Layer 2 (stealth) firewalls - PBR?



On Thu, 3 Apr 2008, Darden, Patrick S. wrote:

Layer 2 PBR would, of necessity, have to change next hop address (which
is destination address) and the next hop would have to change it back to
the original. And addresses in layer 2 are MACs (for ethernet that is).

What about using it to shave off broadcast and multicast
traffic and perhaps IPv6 NDP stuff too? For that you might find it
useful if bridging between an external and internal net through a
multi-homed PBR box.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@xxxxxxxxxxxx which may have no basis whatsoever in fact."
http://www.fluiditgroup.com/blog/pdr/
Art: http://PaulDRobertson.imagekind.com/

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages