No one was claiming anything was secure. However vlans allow for layer 2 separation principles to be used in-leui of layer 3 principles. Since everything is going out a single upstream point to the internet, vlan tagging allows for better granular control over how you treat the traffic, and especially when you want to do things like counters/metric analysis is easier than using sub netting.
It comes down to personal preference, both using standard ip subnetting and subnetting + vlan's would achieve the desired result depending on the architectural principles you wanted to follow. As for security, my personal preference in WLAN networks is to provide a userspace layer 3 tunnel across open captive portals. Of course this isn't feasible in many situations as the clients need to be able to support the userspace tunnel. -JoelW Alcatel-Lucent
_______________________________________________ LUGS Mailing list - [email protected] List FAQ: http://wiki.lugs.org.sg/LugsMailingListFaq Info page: http://www.lugs.org.sg/mailman/listinfo/slugnet To unsubscribe send an empty email to: [email protected]
