On Dec 12, 2006, at 10:08 AM, Javier Henderson wrote:
The ARP table only contains information about machines on the
directly connected collision domain(s).
Are you sure it's not the same broadcast domain?
Yes. The term "collision domain" predates the wide deployment of
switches, and switches have to treat ARPs in a special fashion:
A computer on port A on a switch would be on a different collision
domain than a computer on port B on the same switch, yet as long as
they're on the same VLAN (ie, broadcast domain), both would have
each other in their resepctive ARP tables if they were exchanging
...in particular, ARPOP_REQUEST traffic will be propagated to every
port on the switch which is configured to be a part of that VLAN, or,
quite possibly, other ports including "trunk ports" or sometimes even
ports configured on other VLANs. 
Many switches will do this for all ethernet packets with an
ether_dhost (ie, destination MAC) of all-ones.
: And yes, Virginia, this has negatory implications if your
security relies on VLANs to actually be completely hidden from each
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"