i have a question regarding VLANS & really i want you to explain to me if i was correct or not ?
The Question is :-
if i have Cisco Switch 3560 Series, and this switch is 48 Ports.
i did not do any thing on this switch except add IP-Address , & Subnet mask.
the switch does not have any VLANS at all and its only 1 switch .
Now Here is my question :-
if i have 2 PC , the first one is in Fe 0/1 , and the second one is in Fe 0/2.
the First PC have this IP-Address ( 192.168.1.1 / 255.255.255.0 ) & No GW & No DNS at all .
the Second PC have THis IP-Address ( 172.16.1.1 / 255.255.0.0 ) & No GW & No DNS at all.
Now, if the First PC get infected by SPYWARE or VIRUSE or What ever Or MALWARE, Do you think the Second well get affected as well, becasue there is one Broadcast domain , and all the Ports are in same Broadcast domain and all the traffic will be in the same braodcast domain , but if i have 2 broadcast domain as 2 VLANS, only the PC's which is in this Broadcast domain only where ever its located accross the network will get affect only . but all the others PC which they are in another Broadcast domain will not get affected.
is that correct or not ?
i know this is not the only thing from using the VLANS, But i want to know , is this Point Correct or Not ?
you do have a vlan on that switch. it is the default vlan 1. all ports belong to vlan 1 if they do not belong to another vlan.
A) you stated in the initial post that "the switch has no vlans at all...." i was just letting you know that in fact it does have a vlan and it is VLAN 1. aka. the default VLAN. all switches have a default VLAN 1.
Q2) what do you mean by :-
you also have two broadcast domains, ie: 22.214.171.124 and 172.16.255.255
A) you stated in your original post that the switch has one broadcast domain. you also stated that you have two PCs of different subnets plugged into the switch. i was just stating that in fact you now have two broadcast domains in the switch. one for each of the subnets you have your PCs on.
but if i have 2 broadcast domain , why i need to create a vlan.
can i understand .
becasue i do not know if what i understood is correct or not :-
Broadcast domain, its only for the switch VLANS.
and if you have 2 pc with diffrent IP Schema, and all of them is in the same Broadcast domain for the switch ( i mean this switch have no VLANS at all except VLAN 1 for managment ), if you ping from PC1 to 2 , it will reply, becasue the traffic will pass , becasue nothing can stop it, is that corrcet ?
Whether or not the virus propagates will depend on it's mode of transmission.
If the virus uses broadcast, then the other (presumed unprotected) machine will be infected.
A layer two broadcast destination address is all ones, regardless of the layer three address. The second machine will accept the broadcast, as it must, according to Ethernet protocol.
If the layer three destination address is also a broadcast, then that packet will continue up the stack and, if whatever port the virus targets is open / vulnerable, then the machine is becomes infected.
In the same scenario with another VLAN enabled (each machine in it's own VLAN), then the infection is not likely to propagate. The VLAN tag supercededs the broadcast address and the control logic of the switch *shouldn't* allow the infected frame to be broadcast into the other VLANs domain ... so no exposure of the second machine.
Viruses that propagate using a "ping sweep" to find other active clients will take longer to infect the second machine, but many will still be successful, because once they have exhausted the native address range, they increment and sweep the next range. Given enough time, the infected machine will eventually hit the address of the second machine and infect it.
There is only one broadcast domain. A VLAN by (Cisco's) definition is a broadcast domain ... one VLAN, one broadcast domain.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...