[rbridge] VLAN Scoping / MAC Uniqueness
J. R. Rivers
jrrivers at nuovasystems.com
Tue Mar 20 08:44:35 PDT 2007
If I'm remembering my history correctly, 3Com wanted to use this "mode"
to enable a short-cut routing mechanism (whose name escapes me now).
> -----Original Message-----
> From: rbridge-bounces at postel.org
> [mailto:rbridge-bounces at postel.org] On Behalf Of Erik Nordmark
> Sent: Tuesday, March 20, 2007 8:14 AM
> To: Caitlin Bestler
> Cc: rbridge at postel.org; Radia Perlman
> Subject: Re: [rbridge] VLAN Scoping / MAC Uniqueness
> Caitlin Bestler wrote:
> > My reading of Appendix B is that Shared Learning is
> allowed, where VID
> > is not a key field (i.e, there is only one FID supported).
> Appendix B
> > details some of the problems this creates. I believe the
> problems for
> > RBridges are even greater than for simple Bridges. This probably
> > justifies
> > restricting RBridges to the Independent Learning model, but any such
> > additional restriction should be explicitly stated.
> My understanding is is that shared learning is useless when VLANs are
> used for isolation/security. With shared learning a host on
> VLAN A can
> trivially cause a DoS attack VLAN B by just sending packets with the
> source MAC address being the MAC address of another host on
> another VLAN.
> Thus I'd be surprised if it is used much in practice with bridges.
> I don't see it being a reasonable default for RBridges.
> rbridge mailing list
> rbridge at postel.org
More information about the rbridge