[j-nsp] ex4200 static arp

Benny Amorsen benny+usenet at amorsen.dk
Tue Jan 20 05:42:22 EST 2009


Ross Vandegrift <ross at kallisti.us> writes:

> Well, not in this case.  But in the general case, if anyone accepted
> multicast MACs for ARP entries, it'd be easy to start causing your
> switches to flood more frames than they are switching.

I forgot that bit. Just reply with an unused MAC address, and there's
your denial-of-service. Multicast is less of a problem, on good
switches it'll only propagate to the hosts who subscribe.


/Benny




More information about the juniper-nsp mailing list