• R0cket_M00se@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      1 year ago

      If you have no RSTP/MSTP you’re just asking for trouble.

      Switching loops are unlikely unless you have bad or non-existent documentation or someone new.

        • MystikIncarnate@lemmy.ca
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          Fun story. I was tasked with figuring out a connection problem on a client’s network. STP was enabled, but everyone having problems were all connected to one switch.

          Some investigation later and STP’s root port is not the expected root port…

          After some investigation, a user took the ethernet cable for their computer (Daisy chained off their VoIP phone), and decided to store it, in the wall jack… Across the office.

          That was Jack was on a different switch, and it had a lower port cost than the primary root port between the switches, so naturally, let’s send all inter-switch traffic over to this… Telephone.

          /Facepalm

        • R0cket_M00se@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          The only switching hardware they should have physical access to is a dumb switch if absolutely needed. Then control the cables.

          • MystikIncarnate@lemmy.ca
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Yep. That happened once. The user plugged the cable for their laptop, from the dumb switch, into the same dumb switch and took out most of the network.

    • bleistift2@feddit.de
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Don’t the big internet-y routers also send packets to multiple interfaces if they don’t know how to correctly handle the target IP address?

    • PowerCrazy
      link
      fedilink
      arrow-up
      6
      arrow-down
      5
      ·
      1 year ago

      That is extraordinarily rare and I’m not even sure if it’s possible anymore. That was potential attack vector in the 90’s where you have a port on network switch, and then you flood the cam table with thousands of bogus mac addresses until you fill it up, then the switch turns into a hub, and you can now sniff all traffic traversing the switch. These days I’m not sure what will happen if you do successfully fill up a switches cam table. Also cam table sizes are are much much larger now. ~128k entry’s vs maybe 1000 back in the day.

      • Socsa@sh.itjust.works
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        You can bring a surprisingly large number of network segments down just by plugging both ends of the same cable into a dumb switch. It probably won’t happen immediately, but eventually you will get a broadcast storm which will propagate until it hits an element smart enough to snuff it out.