Tim Hall
Recently you contributed to the above reference post. I am in a similar situation where our network team would like me to add DMZ vlans to an already existing LACP bonded interface that supports our inside networks. I view this as a security risk. I have always practiced keeping my inside networks separated by physical interfaces from my DMZ's or Internet. This is to limit the risk of potential DDOS attacks flooding the interface. They argue that ports on the core are limited is this is the design they want to implement moving forward. Am I wrong in my thinking?
Thank you.
