“MACFF”的意思、由来-中文百科全书

MAC-Forced Forwarding (MACFF) is used to control unwanted broadcast traffic and host-to-host communication. This is achieved by directing network traffic from hosts located on the same subnet but at different locations to an upstream gateway device. This provides security at Layer 2 since no traffic is able to pass directly between the hosts.

MAC-Forced Forwarding (MACFF)用于控制计划外的广播包和主机对主机之间的通讯.这一功能主要通过以下来达成,位于统一子网内部但位于不同区域的主机之间的通讯,将网络传输包直接传输给网关设备.这也是网络二层提供的安全功能,因为主机与主机之间的数据包无法直接传输.

MACFF is suitable for Ethernet networks where a layer 2 bridging device, known as an Ethernet Access Node (EAN), connects Access Routers to their clients. MACFF is configured on the EANs.

MACFF适用于二层桥设备所在的以太网网络.也就是大家所知道以太网访问节点(EAN),后者将接入路由器与其客户端连接起来.MACFF就配置在EAN上.

MACFF is described in RFC 4562, MAC-Forced Forwarding: A Method for Subscriber Separation on an Ethernet Access Network.

MACFF在RFC 4562中有描述,MAC-Forced Forwarding.主要是在以太网访问网络中用于网络接入分离的一种方法.

Allied Telesis switches implement MACFF[1] using DHCP snooping to maintain a database of the hosts that appear on each switch port. When a host tries to access the network through a switch port, DHCP snooping checks the host’s IP address against the database to ensure that the host is valid.

Allied Telesis交换机将MACFF的概念应用到DHCP窥探(DHCP snooping)中,后者主要是用于维护一个连接到每个交换机端口的主机数据库信息.当一台主机试图通过一个交换机端口接入网络时,DHCP窥探(DHCP snooping)就会将这台主机的IP地址与数据库中的信息进行比对,以确认该主机具有接入网络的权限.

MACFF then uses DHCP snooping to check whether the host has a gateway Access Router. If it does, MACFF uses a form of Proxy ARP to reply to any ARP requests, giving the router's MAC address. This forces the host to send all traffic to the router, even traffic destined to a host in the same subnet as the source. The router receives the traffic and makes forwarding decisions based on a set of forwarding rules, typically a QoS policy or a set of filters.

然后MACFF使用DHCP窥探(DHCP snooping)来检查这台主机是否设置了网关接入路由器的相关信息.如果主机设置了该信息,那么MACFF通过Proxy ARP格式将路由器的MAC地址作为答案来应答任意的ARP请求.这将导致主机将所有数据包送给路由器,就算数据包的目的地是位于同一子网内部的一台主机.路由器在接收到数据包之后,基于一系列的转发规则,例如QoS策略或者过滤等决定是否转发或具体的转发操作.

词条	MACFF
释义	MAC-Forced Forwarding (MACFF) is used to control unwanted broadcast traffic and host-to-host communication. This is achieved by directing network traffic from hosts located on the same subnet but at different locations to an upstream gateway device. This provides security at Layer 2 since no traffic is able to pass directly between the hosts. MAC-Forced Forwarding (MACFF)用于控制计划外的广播包和主机对主机之间的通讯.这一功能主要通过以下来达成,位于统一子网内部但位于不同区域的主机之间的通讯,将网络传输包直接传输给网关设备.这也是网络二层提供的安全功能,因为主机与主机之间的数据包无法直接传输. MACFF is suitable for Ethernet networks where a layer 2 bridging device, known as an Ethernet Access Node (EAN), connects Access Routers to their clients. MACFF is configured on the EANs. MACFF适用于二层桥设备所在的以太网网络.也就是大家所知道以太网访问节点(EAN),后者将接入路由器与其客户端连接起来.MACFF就配置在EAN上. MACFF is described in RFC 4562, MAC-Forced Forwarding: A Method for Subscriber Separation on an Ethernet Access Network. MACFF在RFC 4562中有描述,MAC-Forced Forwarding.主要是在以太网访问网络中用于网络接入分离的一种方法. Allied Telesis switches implement MACFF[1] using DHCP snooping to maintain a database of the hosts that appear on each switch port. When a host tries to access the network through a switch port, DHCP snooping checks the host’s IP address against the database to ensure that the host is valid. Allied Telesis交换机将MACFF的概念应用到DHCP窥探(DHCP snooping)中,后者主要是用于维护一个连接到每个交换机端口的主机数据库信息.当一台主机试图通过一个交换机端口接入网络时,DHCP窥探(DHCP snooping)就会将这台主机的IP地址与数据库中的信息进行比对,以确认该主机具有接入网络的权限. MACFF then uses DHCP snooping to check whether the host has a gateway Access Router. If it does, MACFF uses a form of Proxy ARP to reply to any ARP requests, giving the router's MAC address. This forces the host to send all traffic to the router, even traffic destined to a host in the same subnet as the source. The router receives the traffic and makes forwarding decisions based on a set of forwarding rules, typically a QoS policy or a set of filters. 然后MACFF使用DHCP窥探(DHCP snooping)来检查这台主机是否设置了网关接入路由器的相关信息.如果主机设置了该信息,那么MACFF通过Proxy ARP格式将路由器的MAC地址作为答案来应答任意的ARP请求.这将导致主机将所有数据包送给路由器,就算数据包的目的地是位于同一子网内部的一台主机.路由器在接收到数据包之后,基于一系列的转发规则,例如QoS策略或者过滤等决定是否转发或具体的转发操作.
随便看	土耳其电信国际青年男篮邀请赛土耳其电信球场土耳其东部手绘旅行土耳其高速铁路土耳其共和国的政治民主化进程研究土耳其共和国国旗土耳其国父纪念馆土耳其海军高中土耳其航空634号班机土耳其货运航空公司土耳其基林级导弹驱逐舰土耳其金橙国际电影节土耳其金棕色猫土耳其禁军土耳其经典之旅土耳其军事中学土耳其君士坦丁堡攻陷战土耳其卡捷什会战土耳其空军土耳其空军航空学校土耳其冷杉土耳其里拉面土耳其陆军合成军官学校土耳其旅行笔记土耳其马刀