Controlling access at the Ethernet level
Sten Daniel Sørsdal
sten.daniel.sorsdal at wan.no
Mon Apr 5 09:08:57 PDT 2004
> What would you recommand ? Are there any other elegant solutions ?
>
How about using 802.1Q vlan's and dedicate a vlan to each port.
If more than 4000 users then add more gateways.
Just be sure to go for switches that allow you to deny incoming already
tagged packets on the user side as some switches passes already tagged packets.
For a wireless environment i would suggest PPPoE and VLANs (separating them).
> I also heard about 802.1x technology and seems to be an
> interesting and professional alternative; I just don't know
> how well supported is on the server side, namely FreeBSD.
>
802.1x is fairly new and not very well supported yet, expect bugs.
_// Sten Daniel Sørsdal
More information about the freebsd-isp
mailing list