Re: OT way OT from Re: filtering by mac

["Joseph C. Bender" <benderjc_(_at_)_benderhome_(_dot_)_net>]

At 11:39 AM 7/27/2002 -0600, Diana Eichert wrote:
>On Sat, 27 Jul 2002, Ben Goren wrote:
>
>> At the risk  of wandering off-topic, I've had an  idea for a while
>> now  that  somebody  may  find  interesting. I'd  love  to  see  a
>> small-footprint computer capable of running OpenBSD that's crammed
>> with  NICs,  and running  it  as  a fully-managed  switch. Imagine
>> writing your pf  rules *knowing* that interface X  has traffic for
>> foo, all the  traffic for foo, and nothing but  traffic for foo. I
>> rather suspect  that you could  effectively stop all  spoffing and
>> sniffing attacks, as well.
>> 
>
>Been there, done that, it wasn't that expensive, but that's because I
>picked up a few 4-port Digital 10/100 NIC's at US$30/per.  The problem
>you'll see however is the PCI bus as a chokepoint.  Typical PCI bus, 32bit
>wide * 33MHz. = 1056 bits theoretical bandwidth, put 2 of these 4-port
>NIC's on the PCI bus and you're most likely gonna see a degradation in
>network performance, 'cause you have to move all the packets up to the
>kernel and back down again if it's just traversing the bridge.
>
>
Ben, they're called cisco catalysts with enhanced software feature packs to
do layer 3 switching.
Signing off, 

Joseph C. Bender
benderjc (at) benderhome.net   ;   jcbender (at) benderhome.net
This account is used primarily for reading and responding to mailing list
traffic and is not my main mailing address.