|
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Fri, 11 Jan 2008 11:44:24 +0000, Invisible <voi### [at] devnull> wrote:
>But I take your point: If we hire, say, six trainee IT people, once I
>finish training them all I wouldn't have much work to do.
Well not IT work. :)
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
scott wrote:
> For a start you can configure security on a per-port basis, ie limit
> access to MAC address etc.
>
> Then you can make rules for dropping packets, based on MAC address, IP
> address etc. Ie you could prevent the sockets in your conference room
> from seeing your mail server unless a known MAC address was plugged in.
>
> You can also have it notify you if an unknown MAC address appears on the
> switch.
>
> And a load of QoS stuff.
>
> We also have our VoIP network going through the same switch as our data
> network, this needs to be configured too.
>
> They're far from simple boxes.
Then it's not a switch, is it?
A switch is a device that just connects network nodes together. What
you're describing is a firewall and/or router.
Either way, we don't need any of the stuff you're describing.
[I notice HQ is very keen to implement VoIP though, even though we don't
need it. On further investigation, it turns out that while the UK
already has a perfectly good telephone system, HQ doesn't. So it would
be more accurate to say that HQ needs VoIP...]
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> They're far from simple boxes.
>
> Then it's not a switch, is it?
Cisco call it a switch.
> A switch is a device that just connects network nodes together.
Not according to Wikipedia:
"Network switches are capable of inspecting data packets as they are
received, determining the source and destination device of that packet, and
forwarding it appropriately"
The fact that you can configure these rules in complex ways and on a per
port basic doesn't mean it becomes a router - it's still a switch.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
scott wrote:
>>> They're far from simple boxes.
>>
>> Then it's not a switch, is it?
>
> Cisco call it a switch.
Yes. I noticed. ;-)
>> A switch is a device that just connects network nodes together.
>
> Not according to Wikipedia:
>
> "Network switches are capable of inspecting data packets as they are
> received, determining the source and destination device of that packet,
> and forwarding it appropriately"
>
> The fact that you can configure these rules in complex ways and on a per
> port basic doesn't mean it becomes a router - it's still a switch.
No, but the fact that it's looking at (and changing) IP headers does.
Besides, the fact remains: We don't need this.
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
> No, but the fact that it's looking at (and changing) IP headers does.
Don't think my switch changes any IP headers, it just either routes them
somewhere or doesn't based on a set of rules.
I thought a switch just dealt with stuff in one network address space, eg
you use it to simply provide enough sockets for everyone to connect into
something else, and it just send unmodified packets to the right place. A
router however connects two different networks together, and has things like
port forwarding, NAT, modifying the IP headers etc.
Or maybe I'm completely off track as I'm no expert, that's just based on my
experience with working with things labelled as "routers" and "switches".
> Besides, the fact remains: We don't need this.
Didn't this come up before when you told us about this? I'm sure everyone
explained to you some of the benefits of the more pricey switches. Was your
post just because you were surprised how configurable a switch can be?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
scott wrote:
>> No, but the fact that it's looking at (and changing) IP headers does.
>
> Don't think my switch changes any IP headers, it just either routes them
> somewhere or doesn't based on a set of rules.
>
> I thought a switch just dealt with stuff in one network address space,
> eg you use it to simply provide enough sockets for everyone to connect
> into something else, and it just send unmodified packets to the right
> place. A router however connects two different networks together, and
> has things like port forwarding, NAT, modifying the IP headers etc.
>
> Or maybe I'm completely off track as I'm no expert, that's just based on
> my experience with working with things labelled as "routers" and
> "switches".
The idea is that a hub just forwards everything, whereas a switch looks
at the Ethernet headers and attempts to make an intelligent choice about
which way to forward [defaulting back to forwarding everywhere if it
doesn't know which way is the correct way].
The device I'm looking at is routing traffic between different IP
networks, which requires looking not only at Ethernet headers but IP
headers as well. That's a seperate level of complexity.
>> Besides, the fact remains: We don't need this.
>
> Didn't this come up before when you told us about this? I'm sure
> everyone explained to you some of the benefits of the more pricey
> switches. Was your post just because you were surprised how
> configurable a switch can be?
Well, you said "my device can do X, Y and Z". I was just noting that we
don't need to be able to do any of those things. That's all.
All we need is a device to connect some nodes together...
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
And lo on Fri, 11 Jan 2008 13:20:56 -0000, scott <sco### [at] laptopcom> did
spake, saying:
>> No, but the fact that it's looking at (and changing) IP headers does.
>
> Don't think my switch changes any IP headers, it just either routes them
> somewhere or doesn't based on a set of rules.
Am I the only one ammused by 'a switch isn't a router because it just
routes packets' implicit here? :-)
> I thought a switch just dealt with stuff in one network address space,
> eg you use it to simply provide enough sockets for everyone to connect
> into something else, and it just send unmodified packets to the right
> place. A router however connects two different networks together, and
> has things like port forwarding, NAT, modifying the IP headers etc.
>
> Or maybe I'm completely off track as I'm no expert, that's just based on
> my experience with working with things labelled as "routers" and
> "switches".
Cutting to the bone:
A hub takes input and fires it out of every port; a switch takes input and
routes/switches it to the correct port for the same subnet; a router
connects subnets together. If you want to know what to call the piece of
equipment you're using just check its capabilities up that list and stop
when they don't match.
So when you have a piece of equipment connecting the 'Internet' subnet to
your 'Home' subnet that's a router despite the fact it also connects all
your computers on the same subnet, which would just be a switch or hub on
its own.
IOW it doesn't matter if it inspects packets, reports QoS, checks MAC
addresses or sings "Daisy, Daisy" when there's a fault; thouse are just
added features.
--
Phil Cook
--
I once tried to be apathetic, but I just couldn't be bothered
http://flipc.blogspot.com
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Fri, 11 Jan 2008 10:06:41 +0000, Invisible <voi### [at] devnull> wrote:
>These "switches" are actually *routers*. That's why they're so damn
>expensive - each one is a 24-port *router*!!
Which model are you getting?
BTW, just because a switch does layer 3 inspection (for QoS and such), does not make
it a router. It may still be directing the packets to the appropriate port based on
the MAC address (layer 2) and
not the IP address.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> These "switches" are actually *routers*. That's why they're so damn
>> expensive - each one is a 24-port *router*!!
>
> Which model are you getting?
Cisco Catalyst 3560.
> BTW, just because a switch does layer 3 inspection (for QoS and such), does not make
it a router. It may still be directing the packets to the appropriate port based on
the MAC address (layer 2) and
> not the IP address.
You can argue about the names. The point is it provides wildly more
functionallity than we actually need.
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Fri, 11 Jan 2008 15:07:55 +0000, Invisible <voi### [at] devnull> wrote:
>You can argue about the names.
There's no argument about the names. I won't let you call an apple an orange without
pointing out that it really is an apple (although it may have an orange hue to it).
>The point is it provides wildly more
>functionallity than we actually need.
Based on your description of your network, that sounds true. It's kind of like frying
an egg with a nuclear reactor. (Well not to that extreme, but you catch my drift.)
Have you asked them why they
opted for the more expensive Cisco units?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|