[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] VRRP broadcast pollution
Ralf Guenthner wrote:
...
Reinhard,
so the only choice I have is to block those packets at the entry-point
(router) to our LAN, correct? I don't know about you, but I always strive
to reduce network traffic whenever possible. These packets are only needed
by the firewalls, but they travel around the whole network. I don't like
that <s>
Hi Ralf.
If your entry point router is between the firewall and the LAN (where it
would have to be to block the traffic), you shouldn't be seeing these
packets on the LAN at all. The VRRP multicasts should stay on the subnet
they originate on. If they are crossing the router, there is something
astray with the configuration of your router, or you have your
switches/VLANS tied together.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
