Firewall Wizards mailing list archives

Re: Layer 2 (stealth) firewalls - PBR?

From: "Darden, Patrick S." <darden () armc org>
Date: Thu, 10 Apr 2008 07:48:24 -0400


Inaki, what vendor, which switch?  Do you have a URL for us?
I still wonder: what is layer 2 PBR?  What are its uses?
How does it function?  Can you give us a good example, or
point us to a web site/document with a good example?

We've heard a lot of speculation, originated by some people
who were wondering themselves if such a thing was possible,
used by anyone, and what uses they were making of it.

So far, you are the only one to answer the original question!
(other than me speculating that it is not possible, nobody is using it,
and asking if anyone knows better.)

Glad you spoke up!
--p


-----Original Message-----
From: firewall-wizards-bounces () listserv icsalabs com
[mailto:firewall-wizards-bounces () listserv icsalabs com]On Behalf Of
Iñaki Arenaza
Sent: Saturday, April 05, 2008 3:38 PM
To: firewall-wizards () listserv icsalabs com
Subject: [fw-wiz] Layer 2 (stealth) firewalls - PBR?

"Darden," == Darden, Patrick S <darden () armc org> writes:


    Darden,> Layer 2, unlike IP, is on a flat fabric.  There are no
    Darden,> routers, no routing protocols, it is bridged.  Every
    Darden,> point on the fabric knows every other point on the
    Darden,> fabric.

While not expert on the subject, I know of a switch vendor that is
adding PBR at layer 2 to their gear. They usually deal with some Layer
2 protocols (use in special industrial environments), and they want to
control where those Layer 2 packets go (output port) depending on
several factors like being unicast/multicast/broadcast, coming/going
to certain MAC addresses/addresses groups, etc.

So while not widely used, there are people doing 'crazy' stuff like
that.

Saludos. Iñaki.

-- 
  Get PGP/GPG Keys at  http://www.escomposlinux.org/iarenaza/pgpkey.php
  I use free software / Yo uso software libre
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Layer 2 (stealth) firewalls - PBR?, (continued)
- - Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 02)
    - Re: Layer 2 (stealth) firewalls - PBR? Darren Reed (Apr 02)
    - Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 03)
    - Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 03)
    - Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 08)
    - Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 08)
    - Re: Layer 2 (stealth) firewalls - PBR? Patrick Darden (Apr 08)
    - Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 08)
    - Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 10)
    - Layer 2 (stealth) firewalls - PBR? iarenaza (Apr 09)
    - Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 10)
    - Re: Layer 2 (stealth) firewalls - PBR? lordchariot (Apr 10)
    - Message not available
    - Re: Layer 2 (stealth) firewalls - PBR? Darren Reed (Apr 08)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 02)
- Re: Layer 2 (stealth) firewalls - PBR? Cat Okita (Apr 08)
- Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 10)