On 2006-06-14-00:23:15, "Christopher L. Morrow" <[EMAIL PROTECTED]> wrote: [...] > I assume that dedicated hosting folks don't just drop machines > behind a switch on one big flat subnet? That's probably a naive > assumption though
I've long been a proponent of a per-customer VLAN or L3 interface, depending on what the topology allows for, but I'm afraid we're in the minority. >From what I've seen, the overwhelming majority of "dedicated hosters" do precisely what the article alludes to -- placing hundreds (if not thousands!) of disparate hosts on the same broadcast domain, with no safeguards in place to prevent ARP spoofing, IP hijacking, and other forms of malfeasance... -a
