[LARTC] Linux bridging and cascaded switches

To:	<lartc@mailman.ds9a.nl>
Subject:	[LARTC] Linux bridging and cascaded switches
From:	"Greg Scott" <GregScott@InfraSupportEtc.com>
Date:	Tue, 19 Jun 2007 17:54:46 -0500
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	lartc-list@securepoint.com
Delivered-to:	lartc@outpost.ds9a.nl
List-archive:	<http://mailman.ds9a.nl/pipermail/lartc>
List-help:	<mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id:	"Mailinglist of the Linux Advanced Routing & Traffic Control project" <lartc.mailman.ds9a.nl>
List-post:	<mailto:lartc@mailman.ds9a.nl>
List-subscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
Sender:	lartc-bounces@mailman.ds9a.nl
Thread-index:	AceyxNV1K4FHQGO4So+clImdBB9mPA==
Thread-topic:	Linux bridging and cascaded switches

Hi -
 
Still plugging away at my Linux bridge/firewall and thinking through the
consequences.  In a normal firewall situation, the Internet is on one
side, the internal LAN on the other. Duh!  But now, with a Linux bridge
in the middle, the whole thing becomes one big messy LAN.  So we have a
scenario that looks like this:

Internal---User---Core-----Firewall---Internet---Internet router
Servers   switch  switch  (Bridged)    switch   (and default GW for
                                                 internal servers)

The scenario is a little more complex than I drew above because the
internal side has more than one LAN segment participating in the bridge.
I'm working on a way to simulate all this here - before going into
production - but I have a big question;

That firewall/bridge is no longer a router - it's a bridge.  Well, a
bridge that also does a bunch of stateful IP layer 3 filtering.  So now,
it will participate in a spanning tree setup with all those switches, on
both sides of it - right?  I'm guessing I want to turn off STP in this
case.  Am I on the right track?

Thanks

- Greg Scott
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

<Prev in Thread]	Current Thread	[Next in Thread>
[LARTC] Linux bridging and cascaded switches, Greg Scott <= Re: [LARTC] Linux bridging and cascaded switches, Alex Samad RE: [LARTC] Linux bridging and cascaded switches, Greg Scott Re: [LARTC] Linux bridging and cascaded switches, Alex Samad Re: [LARTC] Linux bridging and cascaded switches, Grant Taylor RE: [LARTC] Linux bridging and cascaded switches, Greg Scott Re: [LARTC] Linux bridging and cascaded switches, John Default Re: [LARTC] Linux bridging and cascaded switches, Grant Taylor Re: [LARTC] Linux bridging and cascaded switches, Grant Taylor

Previous by Date:	Re: [LARTC] Re: PQ questions, Andy Furniss
Next by Date:	Re: [LARTC] Linux bridging and cascaded switches, Alex Samad
Previous by Thread:	[LARTC] Re: Routing cache and the missing redirect flag, Rami Rosen
Next by Thread:	Re: [LARTC] Linux bridging and cascaded switches, Alex Samad
Indexes:	[Date] [Thread] [Top] [All Lists]