On Fri, 2009-05-29 at 11:30 -0700, Peter Memishian wrote: > > I see, but it seems to me like that's something that ipfilter could > > handle that more effectively. > > IP Filter can filter ARP traffic? Or are you suggesting using IP filter > to filter all traffic that isn't from a bounded set of IP addresses? > In any case, I agree there are other ways to do this.
The latter; ARP isn't useful nor harmful on its own if IP can't move packets. > > I wonder if someone actually depends on this behavior, which is always > > a tough question... > > It wouldn't surprise me to discover this has been used -- e.g., some > customers use Cisco PVLANs to accomplish a similar thing. That said, I > wouldn't object to removing this ability. Same here. -Seb _______________________________________________ networking-discuss mailing list [email protected]
