[Snort-users] Re: Snort-users digest, Vol 1 #4458 - 10 msgs
snort_on_acid at ...131...
Fri Aug 13 09:42:07 EDT 2004
OMG I got STP and VTP confused...it's been too long.
Thanks for the correction. I still have never seen
performance issues with 5500 and being a Cisco
enginner in the past, I've done a lot of them.
Besides, I don't believe that's even the issue. Of
course, you could start to develop port mirroring
issues if you span too many of them...
> Message: 1
> Date: Thu, 12 Aug 2004 21:35:59 -0700
> From: "Michael J. Pelletier"
> <mjpelletier at ...12250...>
> To: snort-users at lists.sourceforge.net
> Cc: Hey at ...12259...,
> man at ...12259...,
> don't at ...12259...,
> be at ...12259...,
> dis'ing at ...12259...,
> my at ...12259...,
> net at ...12259...,
> Subject: [Snort-users] Re: Snort on span port
> > Hey man don't be dis'ing my net engineers!
> > J/K.
> > Ok, so if I remember correctly, root-bridges are
> like only for vlan trunking
> protocol and elections and what-not of switches that
> will act as root bridges.
> Root Bridges are used for SPANNING TREE!. You can
> run VLAN trunks with SPANNING
> TREE. With SPANNING TREE each bridge will calulate
> it's distance from the root
> bridge to itself. This cost is used to determine the
> shortest past cost to the
> root bridge. Although ROOT BRIDGES are used with
> SPANNING TREE and VLANS can
> use SPANNING TREE ther are not the same.
> > All they do is keep track of vlans.
> Not true. Root bridges help determine path cost
> between bridges.
> > Not sure what this has to do with port
> spanning/monitoring. Your engineers
> should be spannig at the physical layer and not the
> vlan layer.
> Actually you can do both if your IDS understands
> VLAN trunking.
> > They should be spanning the physical ports that
> the vlans are trunked on and
> connected to each other. Nevermind the gibberish
> about Cisco switches not
> keeping up with spanning...hogwash!
> Dude, Sorry but the Cisco 5500 series is known for
> this. Newer, ie 6500, etc are
> much, much better. Ask any Cisco engineer or
> someone, like me, that has used
> them for years. In private the Cisco Engineer will
> tell you.
> > You assign vlans and trucks to ports, all the
> engineers need to worry about
> are physically spannning those ports to your ports.
> > IOW, let's say my trunk port is port one on one of
> the switches. The port is
> either part of the backbone or at least connects to
> the other switches. Now
> let's say your IDS is connected to port two. All the
> engineer has to do is get
> on the switch, go to port 2 and type in "port
> monitor fa0/1" Then you'd be set!
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
More information about the Snort-users