{"id":150,"date":"2005-02-03T20:14:02","date_gmt":"2005-02-03T20:14:02","guid":{"rendered":""},"modified":"2005-02-03T20:14:02","modified_gmt":"2005-02-03T20:14:02","slug":"","status":"publish","type":"post","link":"https:\/\/www.sungate.co.uk\/?p=150","title":{"rendered":"Cisco switch, vLANs etc."},"content":{"rendered":"<p>Our department has inherited a Cisco 4006 network switch:<\/p>\n<p><img decoding=\"async\" src=\"http:\/\/www.sungate.co.uk\/images\/cisco4006.jpg\" border=\"0\" alt=\"\" \/><\/p>\n<p>This is a Proper Piece Of Computing Equipment.  I say this because it is heavy, noisy and hot.<\/p>\n<p>We will eventually have two of them in our new network setup when we move premises later in the year.  This will be interesting for a number of reasons, mainly because this is not something that we&#8217;ve &#8220;got our hands dirty with&#8221; previously.  One security measure that we are interested in introducing is the following:<\/p>\n<ul>\n<li>Allow the switch to manage a number of virtual LANs on the private network;<\/li>\n<li>Ensure that the switch allocates &#8216;known&#8217; machines to one of a number of virtual LANs (e.g. called &#8216;desktops&#8217;, &#8216;laptops&#8217;, &#8216;servers&#8217; etc,);<\/li>\n<li>Ensure that the switch allocates &#8216;unknown&#8217; machines to a different virtual LAN, called &#8216;unknown&#8217;.<\/li>\n<\/ul>\n<p>It turns out that the latter two objectives can be done using something called <a href=\"http:\/\/www.cisco.com\/en\/US\/tech\/tk389\/tk814\/tk839\/tech_protocol_home.html\">VMPS<\/a>  (VLAN Membership Policy Server).  In this setup, the switch retrieves a configuration file of MAC addresses (and vLAN assignments) from a TFTP server and then manages the vLANs as appropriate.  This is incredibly useful.<\/p>\n<p>In fact, I discovered this was possible only this afternoon, after chatting to <a href=\"http:\/\/omahns-home.bishopb-college.ac.uk\">Omahn<\/a> about a related feature (Being more experienced with Cisco kit than me, I had asked him to explain something).  I found the documentation on the Cisco web site.  &#8220;That really is a killer feature&#8221;, I think he said.  Certainly looks very useful.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our department has inherited a Cisco 4006 network switch: This is a Proper Piece Of Computing Equipment. I say this because it is heavy, noisy and hot. We will eventually have two of them in our new network setup when we move premises later in the year. This will be interesting for a number of&#8230;&nbsp;(<a href=\"https:\/\/www.sungate.co.uk\/?p=150\">read more<\/a>)<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-150","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=150"}],"version-history":[{"count":0,"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/150\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sungate.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}