[mrtg] Re: Any ethernet switch which always floods?
Josh.Howlett at bristol.ac.uk
Fri Oct 19 10:52:13 MEST 2001
How about setting the MAC address on each station to be the same? I'm
not sure whether this would result in frames being forwarded to all
ports, or just a single random port.
On Thu, 18 Oct 2001, SHOLAAS Margaret G wrote:
> We considered setting up a script to do that, but concluded we couldn't do
> it fast enough. Say the switch's forwarding table iss empty and a SYN comes
> in port 1 from station A to station B. That packet would get flooded to all
> ports. The switch would then create a forwarding table entry indicating
> station A is on port 1. Then the SYN-ACK comes in port 2 from station B to
> station A. The switch looks up station A in the forwarding table, finds it
> listed as accessible via port 1, forwards that packet only to port 1 instead
> of flooding, and so the Sniffer, IDS, etc. miss it. The response often comes
> back in milliseconds, so we could never flush it fast enough to keep from
> missing packets. I just wish there were a way to disable keeping a
> forwarding table, but so far there doesn't seem to be switch which allows
> that, not surprising because apart from this weird application, you'd never
> want it to do that.
> We were also hoping we could set the forwarding table timeout to 0 so an
> entry it would timeout the moment it got in there, but we couldn't find a
> way to set it on the Cisco 3500XL.
> Thanks for thinking about this for me!
> -----Original Message-----
> From: Josh Howlett
> It just occured to me you could force flooding by flushing
> the bridge table on the switch whenever it learns anything. With an
> empty bridge table the switch *must* repeat out on every port. Or maybe
> would this force the switch into the learning state, in which this
> wouldn't be of much use.
> In any case, automating this wouldn't be that easy, tho not impossible.
Josh Howlett, Network Supervisor,
Networking & Digital Communications,
Information Systems & Computing,
University of Bristol, U.K.
0117 928 7850 | josh.howlett at bris.ac.uk
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
More information about the mrtg