Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: AW: [FW1] backup firewall

To: "'Ejvind Kristian'" <[email protected]>, "'Axel Eble'" <[email protected]>, "Zeltser, Roman" <[email protected]>
Subject: RE: AW: [FW1] backup firewall
From: "Zeltser, Roman" <[email protected]>
Date: Thu, 21 Dec 2000 08:45:11 -0500
Cc: [email protected], [email protected], [email protected]
Sender: [email protected]

Thanks for this info, it's quite interesting and useful.

=========================================================
Best,

Roman M. Zeltser
RS Information Systems, Inc.NCC, DNE
*** Securing your retirement money from hackers.***



-----Original Message-----
From: Ejvind Kristian [mailto:[email protected]]
Sent: Thursday, December 21, 2000 4:18 AM
To: 'Axel Eble'; Zeltser, Roman
Cc: [email protected]; [email protected];
[email protected]
Subject: RE: AW: [FW1] backup firewall


> > I wonder why you are going to copy MAC addresses for the network cards
that
> > have they own MAC addresses?  Correct me if I'm wrong, but every network
> > card has a unique MAC address in the entire world.  The only option is
left
> > to remove the NICs from the dead firewall and insert it into the backup
> > firewall. It this case copied ARP configuration will be eligible and
> > correct.
> 
> In principle, you are correct. But: Sun has only one MAC address per
> Machine since the MAC addresses are part of the host ID and 
> not built-in into the network adapters.

  It is true that every network port in the world has it's own
unique MAC address, even for Suns. Wheither to use it or not,
that's another issue.
  For Sun's, the network ports that are built into the mother
board get their MAC-address from the hostid prom. If there are
several ports, the last digit is incremented by 1 for each port.
All add-in ports have their own MAC-address programmed into them.
However, by default Suns uses the MAC-address of the first port
for all ports.
  There's a variable in the OBP EEPROM, 'local-mac-address?', which,
if set to 'true', forces the machine to use the programmed-in
MAC-address for all ports, instead of the address of the first
port (=hostid-based).
  The ethernet standard says the all machines on a single ethernet
segment must have unique MAC addresses, and says nothing about a
single machine having the same address on several segments.

  I don't know really why, but I've seen recommendations from 
several sources, that if you have many network ports on a Sun,
you can increase performance if you let the network ports use
their own addresses (= "setenv local-mac-address?=true")


/Kristian

-----------------------------------------
Kristian Ejvind - [email protected]
System admin at SPP Investment Management 
-----------------------------------------


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Nokia question
Next by Date: Rép. : [FW1] license Price request
Previous by thread: RE: AW: [FW1] backup firewall
Next by thread: RE: AW: [FW1] backup firewall
Index(es):
- Date
- Thread