cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Get the latest Cisco news in this February issue of the Cisco Small Business Monthly Newsletter

234
Views
4
Helpful
1
Replies
Beginner

Static IPs in Cisco L2 switch

Hi Guys!

In a 24-port Cisco 2960X L2 switch I configure my client statically (for some reason) with these IP ranges;

Work Group A - 192.168.10.XXX /24

Work Group B - 192.168.20.XXX /24

Work Group C - 192.168.30.XXX /24

Is there a way that Work Group A can affect traffic on B and C? Same as with Work Group B to A and C? And Work Group C to A and B? Like if there is a virus as an example.

Logically analysis, A will not able to ping B and C, and same with other, so I'm assumming they are actually no connection at all to each subnet.

Any idea is appreciated. Thanks!

Chris

Everyone's tags (1)
1 REPLY 1
Highlighted
Advisor

If they are in separate VLANs

If they are in separate VLANs with no routability then packets can't go from from VLAN to another VLAN.

Otherwise if the virus obeys the laws of unicast routing and only uses unicast then they shouldn't be able to talk to each other.  But being a virus it doesn't have to obey any rules.  It could try using multicast or broadcast to talk to other machines.  It could try malforming layer 2 or layer 3 frames to see what happens.  It might even change the machines L3 configuration.  Perhaps it might try using a different protocol like IPX, or a service lcoation protocol like mDNS and Bonjour.  Perhaps it might use a Toredo IPv6 gateway, and an IPv6 link local network.

When you have something deliberately written with the intent on creating damage you can't rely on it following the rules.  Only proper layer 2 separation from the switch can stop the packets being spread.