Zitat von venkata subramanian <venkatasubramanian@xxxxxxxxx>:
Hi,
1. Switch Flooding
We have a nice problem in our organisation. Due to viruses,
some windows machine or the other starts flooding the network with
packets. And, in the end, one of our switches comes down making us to
manually restart the switch.
I don't (intuitively) see how iptables can help in this
scenario.... But, I want to know whether any solution exists to this?
If I make all the machine's gateway as a linux system, and rate limit
the packets there will it help?
Use a better switch. We once had a cheap 3Com (4300-48 Ports) which had
the same
behavior with ping-flood to many invalid IP-Adresses. I guess it was a error
with the ARP handling. Once the switch was replaced by a 4400-48 (which is
really 3Com not re-branded crap) the problem was gone.
Best solution is of course to fix the virus-machines in your network.
Regards
Andreas
