Broadcast Domain Control
With a sufficiently sophisticated switch, it is possible to create a network in which the normal notion of a broadcast domain is strictly controlled. One implementation of this concept is termed a "private VLAN". Another implementation is possible with Linux and ebtables. One helpful analogy is that by creating multiple VLANs, the number of broadcast domains increases, but the size of each broadcast domain decreases. This is because a virtual LAN (or VLAN) is technically a broadcast domain.
This is achieved by designating one or more "server" or "provider" nodes, either by MAC address or switch port. Broadcast frames are allowed to originate from these sources, and are sent to all other nodes. Broadcast frames from all other sources are directed only to the server/provider nodes. Traffic from other sources not destined to the server/provider nodes ("peer-to-peer" traffic) is blocked.
The result is a network based on a nominally shared transmission system; like Ethernet, but in which "client" nodes cannot communicate with each other, only with the server/provider. A common application is Internet providers. Allowing direct data link layer communication between customer nodes exposes the network to various security attacks, such as ARP spoofing. Controlling the broadcast domain in this fashion provides many of the advantages of a point-to-point network, using commodity broadcast-based hardware.
Read more about this topic: Broadcast Domain
Famous quotes containing the words broadcast, domain and/or control:
“I’m a lumberjack
And I’m OK,
I sleep all night
And I work all day.”
—Monty Python’s Flying Circus. broadcast Dec. 1969. Monty Python’s Flying Circus (TV series)
“You are the harvest and not the reaper
And of your domain another is the keeper.”
—John Ashbery (b. 1927)
“Who can control his fate?”
—William Shakespeare (1564–1616)