At 04:40 PM 3/7/01 +0100, you wrote: >I'm puzzled by this IT guy saying that switches talk some low level >protocol which would propogate through our firewall and hence 'disturb' >their network. I tend to say that that's nonsense. Isn't it so that the >kernel does not forward packages it does not recognise anyway? Am I >incorrect in assuming that no packages of _ANY_ protocol enter from the >switch into the firewall and propogate to the other network when I put the >default policies on reject/deny and that the switch and the cluster >would be invisible? (The kernel would only be compiled with TCP support). I'm not sure that I would call SNMP (Simple Network Management Protocol) a "low-level" protocol -- it's easily blocked with either netfilter or IPCHAINS. Cisco switches have their own MAC-level protocol for inter-product management, but Linux doesn't speak Cisco. Satch - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org
