Yeah that's the reason. Its not about talking to one another, its about protecting from attacks that could allow snooping on traffic flows, to hijacking.
-Blake On Tue, Jan 15, 2013 at 11:20 AM, Aaron <[email protected]> wrote: > I wonder if it isn't the "not ping local to bcast domain" aspects of > private > vlans that make them attractive as much as it's the layer 2 protection you > get to mitigate attacks on arp, mac table corruption/flooding, etc. > > Aaron > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Nick Hilliard > Sent: Tuesday, January 15, 2013 9:58 AM > To: Alex Pressé > Cc: [email protected] > Subject: Re: [c-nsp] list wisdom please, Cisco switches > > On 15/01/2013 15:30, Alex Pressé wrote: > > Using private VLANs should make quick work of keeping traffic separate. > > I don't get why people shouldn't be able to ping each other / etc. Isn't > this traffic functionally equivalent to any other Internet traffic? What's > different about it? > > Nick > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
