Craig,
Please understand that I'm not trying to inflame the situation and I
apologize in advance in the event my emails caused people on this
mailing list undue concern.
Based on what I've read on some past posts, it appeared that people were
not getting any response at all, either via the list or from some other
outside source. At the most basic level, I was trying to offer help in
any way/shape/form that I could.
If posters don't have a Foundry contact, I would like to help rectify
that situation. If they didn't receive a satisfactory answer from their
Foundry contact, I would be interested to find out what happened. If
they prefer to use the forum instead, than I'm sorry if I overstepped
the objective of this forum by stating they contact our Tech Support
Group.
Regards,
Marshall
408.586.1754 direct
408.586.1900 fax
408.398.0014 cell
-----Original Message-----
From: Craig Bernstein [mailto:foundry-nsp@cbernstein.com]
Sent: Friday, August 23, 2002 7:35 PM
To: foundry-nsp@puck.nether.net
Subject: [f-nsp] Comment and ACL Question
On Mon, 05 Aug 2002, Marshall Eisenberg wrote:
> Andrew,
> A couple of suggestions:
>
> a) Please contact your sales team and ask to speak with the system
> engineer
> b) If you cannot reach your sales team, please contact tech support
> (support@foundrynet.com)
Before I pose my question, I wanted to comment on Marshall's reply to
Andrew. In several recent threads, Marshall has replied something to
the
effect of "Do you have a contract? -- Call your AM/SE/the TAC." I would
like to suggest that most mailing list users knew that route already,
and
chose to ask their question here anyway.
This could be because they don't have a contract, aren't getting a
satisfactory answer from Foundry, or just prefer to interact in this
type
of forum. One of the huge benefits of a mailing list is that the
questions and answers are shared with many interested parties, both
resulting in a ">=2 heads are better than 1" effect and teaching
everyone
something in the process. (I will now avoid getting started on Foundry
support's own lack of a user accessible knowledge base.)
If a list member would like to use his position at Foundry to research
these issues and contribute to that process, then I think it is great.
If they don't want to/don't have time/it is against company
policy/whatever that is fine too, but I don't think it is necessary to
refer every question to the TAC.
That is just my personal opinion, and I hope it doesn't read like a
flame.
One of my main disappointments with regard to Foundry has been the lack
of
a 'dynamic user community' to borrow Don's words. Foundry
representatives
on a list like this one should encourage dialogue, not stifle it!
---So my question is this -- I am trying to prevent users on my network from accidentally or intentionally bringing up 'rogue' DHCP servers. It is trivial to do this with an ACL. However, on a FastIron 1500 (JetCore, v7.5.05A) with several hundred ports, I can not figure out a way to apply the ACL across multiple ports. It appears this actually requires adding the ACL to each interface, adding 600 or so lines to the config on each switch. This seems ... inefficient.
Am I missing something here? Is there a better way? Essentially what I need is the equivalent of a Cisco Catalyst VACL, but I can not find it.
I am also interested in generally discussing others' experiences with Foundry (the products and the company) and helping out where I can if anyone else has questions. They sold nearly $300 million worth of these things in the last twelve months; there must be some administrators out there somewhere!
-- ..Craig
This archive was generated by hypermail 2b29 : Mon Aug 04 2003 - 04:10:05 EDT