"wocexeg869---" == wocexeg869--- via Devel <devel@sel4.systems> writes:
wocexeg869---> Many enterprise grade switches from Cisco to Juniper wocexeg869---> switches are running on Linux. That also is the case wocexeg869---> with prosumer hardware such as Ubiquiti, Mikrotik (CRS wocexeg869---> line), Aruba, etc... Wouldn't this be a good use case wocexeg869---> for LionsOS? The security of the layer 2 is an wocexeg869---> important part of the security of the overall network wocexeg869---> and it should be easier to implement compared to the wocexeg869---> firewall that is currently being worked on. Thank you wocexeg869---> for your attention to this matter! f you want to give it a go, go ahead --- it is an interesting use case. You should be aware though that without specialised switch hardware, the complexity of a LionsOS system at build time (numbers of components and interconnections) is super-linear in the number of network interfaces. Also switches do _more_ work than simple firewalls do. Keeping track of MAC addresses on each port for layer-2 routing; participating in the Spanning-Tree protocol; VLAN management; SNMP support; LACP --- the list goes on. A simple two-port firewall that does stateful packet inspection is _much_ simpler, both to build and to analyse. --- Dr Peter Chubb https://trustworthy.systems/ Trustworthy Systems Group CSE, UNSW Core hours: Mon 8am-3pm; Wed: 8am-5pm; Fri 8am-12pm.