Do I understand you correctly that your 6808s have both internal (secure) and external (unsecure) traffic on them, separated only by VLAN?
At 09:30 PM 6/3/2002 -0400, you wrote: >All, > >We have two 3640's and two Extreme Black Diamond 6808's (aka 6509's). >The two 3640's are doing IBGP between them on each of their eth0's. I >have created a vlan on the Extremes called 'unsecure'(there are only 2 >ports on each Extreme in this vlan... one coming in from the 3640 and >the other going into the firewall). I am getting some complaints from >the 'uppers' that bringing the 3640's into the Extreme's is a security >hazard. > >I am sure someone is now working on a way to hack from one vlan to the >next, but for now, I don't see the difference between putting a hub in >there and using a couple of ports on these monster >'almost-never-go-down' switches. I just don't want another unmanaged >piece of equipment in the flow. > >Has anyone ever heard of this being a leak. I worked in a datacenter >before and this is what we did with 6509's and we didn't blink! I know >these are Extreme switches... which is probably taboo in the group, but >I am pretty sure this would be platform independent... right???? > >Thanks, > >bk Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45753&t=45731 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
