gpg: failed to create temporary file '/var/lib/lurker/.#lk0x56f10100.hantslug.org.uk.3765': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Tue Sep 11 15:09:05 2007 BST
gpg: using DSA key 2099B64CBF15490B
gpg: Can't check signature: No public key
Hi Damian,
On Tue, Sep 11, 2007 at 02:18:22PM +0100, Damian Brasher wrote:
> Andy Smith wrote:
> > On Tue, Sep 11, 2007 at 01:16:55PM +0100, Damian Brasher wrote:
> >> Andy Smith wrote:
> >> > What's wrong with just making up your own and keeping a local
> >> > registry? MAC addresses don't pass between collision domains which
> >> > for any sizable network is a single VLAN.
> >>
> >> Depends on the size of an organisation: if you had roaming laptops with
> >> VM's then a large organisation would want to have some control if staff
> >> moved between VLAN's.
> >
> > If I had large numbers of staff with laptops and virtual machines
> > then their laptops would be NATting through one virtual machine as
> > it would otherwise be very difficult to get the networking correct
> > for any of the types of connection they may use (wired ethernet,
> > wifi, 3G, dialup). Therefore MAC addresses would not be an issue.
>
> Depending on how they set up their own VM's, it's a very small chance that
> there would be a conflict - I agree.
In a NAT setup there is zero possibility for a MAC conflict as there
is a router in the way (the NAT device).
> >> Creating the wrong kind of traffic on a VLAN might cause problems
> >> with firewalls or old network equipment.
> >
> > Not a MAC issue..
>
> I'm not sure about that, could accidentally enabling the mulitcast bit in
> a MAC cause problems with non mulitcast aware hubs connected on the same
> media segment?
Possibly, but there are lots of things you can do to screw up a VLAN
if you can plug arbitrary devices into it. A prime example being
you can pretend to be the IP of the default gateway.
> The other question is that can you consider a bridge diving media, does a
> software bridge on a VM server constitute a collision domain?
(I may have said collision domain in my first email, if I did then
it was a mistake and I meant broadcast domain)
A bridge can divide a network into multiple collision domains if it
acts similarly to a switch in that it learns which MAC addresses are
available on which ports. A dumb bridge would be more like a hub,
repeating traffic out of every port, and that would obviously not
divide collision domains.
Linux software bridges are smart enough to learn what is on which
port, so I expect VMWare ones would be also (if it doesn't use Linux
bridges internally anyway).
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
My words are my own and do not represent Jacqui Caren.
