Firewall Wizards mailing list archives
Re: Layer 2 (stealth) firewalls - PBR?
From: "Darden, Patrick S." <darden () armc org>
Date: Mon, 7 Apr 2008 08:05:29 -0400
Except that a layer two device can't tell if something is multicast or broadcast or unicast or Anything in ipv4 or ipv6.... That's sorta the definition of a layer two device. If it could discriminate amongst layer 3 traffic, it would be a layer 3 device--a router, firewall, etc. --p -----Original Message----- From: firewall-wizards-bounces () listserv icsalabs com [mailto:firewall-wizards-bounces () listserv icsalabs com]On Behalf Of Paul D. Robertson Sent: Friday, April 04, 2008 12:29 AM To: Firewall Wizards Security Mailing List Subject: Re: [fw-wiz] Layer 2 (stealth) firewalls - PBR? On Thu, 3 Apr 2008, Darden, Patrick S. wrote:
Layer 2 PBR would, of necessity, have to change next hop address (which is destination address) and the next hop would have to change it back to the original. And addresses in layer 2 are MACs (for ethernet that is).
What about using it to shave off broadcast and multicast traffic and perhaps IPv6 NDP stuff too? For that you might find it useful if bridging between an external and internal net through a multi-homed PBR box. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." http://www.fluiditgroup.com/blog/pdr/ Art: http://PaulDRobertson.imagekind.com/ _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Layer 2 (stealth) firewalls - PBR? Darren Reed (Apr 01)
- Re: Layer 2 (stealth) firewalls - PBR? Sami Ghourabi (Apr 01)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 02)
- Re: Layer 2 (stealth) firewalls - PBR? Darren Reed (Apr 02)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 03)
- Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 03)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 08)
- Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 08)
- Re: Layer 2 (stealth) firewalls - PBR? Patrick Darden (Apr 08)
- Re: Layer 2 (stealth) firewalls - PBR? Paul D. Robertson (Apr 08)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 10)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 02)
- Re: Layer 2 (stealth) firewalls - PBR? Sami Ghourabi (Apr 01)
- Layer 2 (stealth) firewalls - PBR? iarenaza (Apr 09)
- Re: Layer 2 (stealth) firewalls - PBR? Darden, Patrick S. (Apr 10)
- Re: Layer 2 (stealth) firewalls - PBR? lordchariot (Apr 10)
- Message not available
- Re: Layer 2 (stealth) firewalls - PBR? Darren Reed (Apr 08)