On Fri, Oct 26, 2007 at 01:59:57PM +0200, [EMAIL PROTECTED] wrote: > so u said that u could inject bad things on some level to give trouble and > shake > on stp ?
This is right, you can have fun with most L2 protocols out there check out http://www.yersinia.net/ for instance. > Selon Henning Brauer <[EMAIL PROTECTED]>: > > > * Russell Fulton <[EMAIL PROTECTED]> [2007-10-25 10:09]: > > > Henning Brauer wrote: > > > > so get a little transfer net and make your upstream adjust his routes > > > > > > > > otherwise you need a bridge indeed, but you really want to avoid that > > > > if you have a chance to go for regular routed with carp etc. > > > we also run redundant bridges -- we have two physical paths to our ISP > > > only one of which is ever in use. We have bridges on both these link > > > and use pfsync to share state. The network uses STP to fail the traffic > > > between the links. Works well for us. > > > > I have never said it does not work. Heck, bridge & (r)stp on OpenBSD > > are probably better than on most OSes out there. > > BUT: I hate bridges. They make debugging really darn hard, and come > > with their own set of problems. (r)stp you cannot run in any remotely > > secure fashion without filters on the switches (to be honest, you need > > the same for carp, but there it isn't THAT a disaster because carp uses > > some crypto, (r)stp does not) > > > > -- > > Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] > > BS Web Services, http://bsws.de > > Full-Service ISP - Secure Hosting, Mail and DNS Services > > Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam > > >