A Bay 301 ethernet switch can be used to do this. You get 64 filters
which can be glued to ports in various series. These filters apply
to the raw ethernet frames, so you can restrict MAC adresss, IP address,
all sorts of interesting things if you know where to find them in the
packet on the wire. You get LT/GT sorts of tests so you can drop the
packet if source IP less than X or greater than Y allowing non power
of 2 IP's on a per port basis (of course, all ports are really part
of the same subnet, but that doesn't seem to be a problem)
-Dorn
On Sun, Mar 29, 1998 at 11:28:16PM -0800, Kai wrote:
> At 09:48 AM 3/29/98 -0500, you wrote:
> >Why not use static MAC mappings and turn off arp?
> >
> >Avi
> >
>
> Is this possible
> a.) with a Cisco Catalyst switch 1900 ? (And how many fixed MAC addresses
> per switched port does it allow?)
> b.) with an arbitrary access router (25xx,45xx,47xx) on an arbitrary
> ethernet port ?
>
> I am asking this more in relation to wiring a building with ethernet, where
> NO single attachment can be trusted, and traffic has to be restricted
> to a defined list of devices (MAC addresses).
>
> bye,Kai
>
> --
> kai@pac-rim.net "Just say No" to Spam Kai Schlichting
> Palo Alto, CA Pacific Rim Communications
> Kai's SpamShield <tm> is FREE! http://www.abest.com/~kai/spamshield.html
> | |
> LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes
> WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:16 EDT