If you split into vlans like that, if you have single-box customers, you'll have to have subnet boundaries for every /30...
OTOH, vlan isolation for customers is pretty much the norm, as long as you've got the IP's to waste, why not..
Peter
On Sat, Dec 19, 2009 at 8:42 AM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
Peter Serwe wrote:Or perhaps use a VLAN trunk to the switch with the devices you want to isolate
> So basically, you're saying you'd want to allow or disallow traffic
> based on mac address? Seems like you could put mac filters on a number
> switches, Cisco being the most easily documented by Mr. Google.
>
> Be a lot faster than any kernel, and a total waste of BSD. If you can
> do it on Linux via some other mechanism, go for it.
>
on different VLANs. This gives you a different interface/subnet per VLAN for
more natural control.
--
Peter Serwe
http://truthlightway.blogspot.com/
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
