[unisog] Network security police no hubs/switches/routers?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Fri May 27 15:02:47 GMT 2005


On Fri, 27 May 2005 10:30:38 EDT, Clark Gaylord said:

> This is not justifiable, imho.  STP should prevent the loop.  Period.  
> Broken network gear is no excuse.

Clark:  STP *will* prevent the loop on our network, or any other well
engineered network.  However, there's that pesky convergence issue if the
network is more than N hops wide.  A med school got bit by that one - one
switch burped and the incrementally assembled network had to be totally
re-engineered before it would come up.

Of course, if you've got a *single* LAN that's big enough that STP convergence
is an issue, somebody probably needs to staple a copy of RFC950 to the network
engineering crew's foreheads - or use a 6penny nail.  Go ahead, pound it all
the way in - the network design proves you won't hit anything vital.

:)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050527/f93bee53/attachment.bin


More information about the unisog mailing list