You'll be hard pressed to find a network these days that doesn't have a VMware server (ESX/ESXi) connected. While this is a common scenario there seems to be some misunderstanding on the way that a vSwitch handles frames and their tags.
First off:
The vSwitch does not support untagged frames. This means, that VLAN 1 and all of the traffic that gets passed along will only be dropped.
Second:
The vSwitch does not support DTP, so set the port to no-negotiate.
Third:
It's best practice to manually prune the link to only carry required VLAN's.
This can be done with the switchport allowed command.
For example, on the physical switch port:
* interface GigabitEthernet1/1
* description VMware ESX - Trunk A - NIC 0 – Port Description
* switchport trunk encapsulation dot1q – ESX only supports dot1q and not ISL
* switchport trunk allowed vlan 100,200 – Allowed VLANs
* switchport mode trunk – Enables Trunk
* switchport nonegotiate – ESX does not support DTP dynamic trunking protocol. When configuring trunk port, set it to nonegotiate.
* spanning-tree portfast trunk – Enables PortFast on the interface when it is in trunk mode.
Tuesday, February 8, 2011
Tuesday, February 1, 2011
ATM skimmers
I typically don't may too much attention to ATM machines and recent scams. I rarely use ATM and when I do I'm fairly selective, but it's only a few times a year so when articles are published I'm likely to skim by them. That said, I've found an excellent repository of information about ATM card skimming. Kerbs has a series of articles that I thought I'd link to just in case anyone who follows me is interested.
ATM card skimming articles.
ATM card skimming articles.
Subscribe to:
Posts (Atom)
Posts
