[ednog] DNS server monitoring
Clark Gaylord
cgaylord at cns.vt.edu
Wed Nov 30 09:49:54 EST 2005
At 17:11 -0800 11/28/2005, Mark Boolootian wrote:
>>>The one caveat to this is that dedicated syslog servers that don't run
>>>any traffic-generating applications end up having their MAC address aged
>>>out of the forwarding tables of the L2 gear, and your syslog traffic ends
>>>up flooded to everyone in the same broadcast domain.
>>>
>>>
Our standard network config avoids this problem entirely: we use port
security to only learn a single MAC address on user ports, clearing on
link down. Forwarding entries are then "static" as long as link state
is preserved and hence do not age out. This also prevents overrunning
switch CAM tables, and is altogether a Good Thing. For switch models
that do not support the clear-on-link-down feature (nearly everyone has
the "learn up to a specified number of static entries" feature), we run
a trap handler that clears forwarding tables when it receives link-down
traps; implementation of this is left as an exercise but is
straight-forward.
--ckg
More information about the ednog
mailing list