I'm working on upgrading some networking equipment and part of that is converting some internal network segmentation rules. I noticed that the old equipment had a rule on some subnets to block traffic to 224.0.0.0/4 which is the range for IPv4 multicasting. I believe the goal was to prevent any unwanted traffic between internal subnets, but does this actually help anything from a security point of view? Does this hurt anything from a performance point of view? I don't believe there is any internal multicasting that needs to happen between subnets, but I do see a lot of devices trying to talk to these addresses.
No comments:
Post a Comment