so u said that u could inject bad things on some level to give trouble and shake on stp ?
Selon Henning Brauer <[EMAIL PROTECTED]>: > * Russell Fulton <[EMAIL PROTECTED]> [2007-10-25 10:09]: > > Henning Brauer wrote: > > > so get a little transfer net and make your upstream adjust his routes > > > > > > otherwise you need a bridge indeed, but you really want to avoid that > > > if you have a chance to go for regular routed with carp etc. > > we also run redundant bridges -- we have two physical paths to our ISP > > only one of which is ever in use. We have bridges on both these link > > and use pfsync to share state. The network uses STP to fail the traffic > > between the links. Works well for us. > > I have never said it does not work. Heck, bridge & (r)stp on OpenBSD > are probably better than on most OSes out there. > BUT: I hate bridges. They make debugging really darn hard, and come > with their own set of problems. (r)stp you cannot run in any remotely > secure fashion without filters on the switches (to be honest, you need > the same for carp, but there it isn't THAT a disaster because carp uses > some crypto, (r)stp does not) > > -- > Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] > BS Web Services, http://bsws.de > Full-Service ISP - Secure Hosting, Mail and DNS Services > Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam >