On Wed, 18 Aug 2010 00:56:49 +0200 (CEST) Jan Engelhardt <jengelh@xxxxxxxxxx> wrote: > On Wednesday 2010-08-18 00:44, Jonathan Tripathy wrote: > > > > When using a single Linux host with lots of bridges, would there ever be a > > time, even for a few seconds, where traffic would "jump" bridges? > > > > I know a previous poster mentioned that when adding a host to a bridge, for a > > few seconds all packets get sent everywhere > > That seems unlikely. The bridge keeps a table of (mac, bridgeport) > tuples (cf. `brctl showmacs br0`), and a "broadcast" should only occur > when there is no matching entry or when the destination L2 address is > broadcast. (Ignoring multicast for now.) > > > Reason I ask is that I am considering have one bridge for public traffic and > > one bridge for private, and don't want private traffic to be seen by hosts > > connected to the public bridge. > > Bridges link Ethernet (sub)segments together to form a (large) Ethernet > segment. In other words, if you keep the trees separate, they will be > separate. The forwarding database has aging so if a host does not send or receive traffic for that interval (default is 5 minutes), then the entry is forgotten. This is part of the 802.1d standard and is used to allow host to be moved from one segment to another. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
