On Wed, Apr 24, 2013 at 7:17 PM, Brandon Ross <br...@pobox.com> wrote: > On Wed, 24 Apr 2013, Pavel Lunin wrote: >> This is what I never understood. Why people want to use fxp0 (or any >> other "dedicated management") iface for real production management? > > Are you suggesting that they should purchase a 10/100/1000 copper card just > for management? Or are you suggesting that they should buy 10GbE switches > for their out of band management network?
No, he's questioning the wisdom of doing SNMP queries, and other automated, routine management functions, against fxp0 instead of an interface that is protected by the hardware CoPP. One of my clients uses an NMS that sometimes starts sending ~3k PPS of SNMP BulkGets to a router. They don't know why. If that traffic was hitting fxp0 with no policer, etc. then it would consume a lot of CPU. My view is that fxp0 is an out-of-band interface for manual intervention; not one that I ever use for SNMP. -- Jeff S Wheeler <j...@inconcepts.biz> Sr Network Operator / Innovative Network Concepts _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
