Proxy attack is an attempt to bypass a PVLAN implementation so if a
question says we should stop this attack , the solutions recommended
by Yusuf Bhaiji is that we use an acl that denies any packet with
same source and destination ip address of the subnet in question or
DHCP snooping on the switch .
I was thinking no ip redirects on the router interface should suffice
as well even though it is an overkill.
Correct me if i am wrong.
-- Warm Regards, Eseosa CCIE #23782 Before God we are all equally wise - and equally foolish. Albert Einstei Blogs and organic groups at http://www.ccie.netReceived on Sat Sep 18 2010 - 18:42:58 ART
This archive was generated by hypermail 2.2.0 : Fri Oct 01 2010 - 05:58:05 ART