Re: about vlan ?
From: Greg Hennessy (spamcatcher@example.com)
Date: 02/27/03
- Next message: Gorham: "Heads up - I won't deal with ZoneLabs again"
- Previous message: brian: "about vlan ?"
- In reply to: brian: "about vlan ?"
- Next in thread: brian: "Re: about vlan ?"
- Reply: brian: "Re: about vlan ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Greg Hennessy <spamcatcher@example.com> Date: Thu, 27 Feb 2003 21:59:10 +0000
On 27 Feb 2003 13:45:49 -0800, brian_dell3@yahoo.com (brian) wrote:
>why would one need to configure vlan(s) in a firewall ? eg one can
>configure vlans on checkpoint firewall. but what is the whole point of
>setting vlans.
Because using dot1q beats the hell out of handling a lot of discrete
interfaces.
>
>the individual interface (each with its own IP address) is a network
>and like vlan itself. the firewall routes traffic between these
>interfaces (networks). traffic from one interface cannot go to
>another interface unless configured or allowed by the rules in the
>firewall.
>so why would one need to configure vlans on the interfaces ?
Combined with private VLANS on the switch its a lot more efficient and much
easier to manage.
A firewall with a Gig-E trunked handoff can potentially handle *way* more
discrete subnets than by using dedicated interfaces per network.
greg
-- $ReplyAddress =~ s#\@.*$##; # Delete everything after the '@' Angels live, they never die.Apart from us,behind the sky They're fading souls who've turned to ice.So ashen white in paradise
- Next message: Gorham: "Heads up - I won't deal with ZoneLabs again"
- Previous message: brian: "about vlan ?"
- In reply to: brian: "about vlan ?"
- Next in thread: brian: "Re: about vlan ?"
- Reply: brian: "Re: about vlan ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
