On Thu, Nov 09, 2006 at 06:32:39AM +0000, Andrew Thompson wrote:
> thompsa 2006-11-09 06:32:39 UTC
>
> FreeBSD src repository
>
> Modified files:
> sbin/ifconfig ifbridge.c ifconfig.8
> sys/net if_bridge.c if_bridgevar.h
> Log:
> Add a new address cache type called sticky. On an interface marked sticky
> any
> address learned by the bridge is made permanent, the address will not age
> out
> and most importantly will not migrate to another interface.
>
> This can be used to stop mac address poisoning or clients roaming in much
> the
> same way as static entries without the hassle of preloading the table.
Way cool! An additional feature would be refusing to learn any other
address on an interface that has already learned an address. We used
to run our Cisco 5500s like that at ${PREVIOUSJOB}, so that people
couldn't (easily) disconnect their desktop and connect unauthorized
machines.
Bye,
Andrea
--
If it's there, and you can see it, it's real. If it's not there, and you can
see it, it's virtual. If it's there, and you can't see it, it's transparent. If
it's not there, and you can't see it, you erased it.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
