On Thu, 25 Apr 2013, Saku Ytti wrote:
On (2013-04-25 08:29 -0700), joel jaeggli wrote:
It's not OOB, it's completely fate-sharing the freebsd/junos.
it's not part of the forwarding plane so it certainly is not
in-band, what you connect it to of course is your business. we
connect them to our oob network.
Yes it's not fate-sharing forwarding-plane, but it's fate-sharing the whole
control-plane.
You need ports, wiring to build fxp0 management network, which isn't even
redundant, single port down and it's not reachable.
Which is MUCH better that not reachable, ever, at all.
Lot of cost+complexity for only benefit of being able to configure router
when forwarding is broken but router not.
Which never happens, right?
I guess I'm just the lucky one that gets routers that freak out due to a
bug (not necessarily just Juniper, but in general) or attack or whatever
and become unreachable except for out of band access. I'm also probably
the only one that has worked on networks that had cascading routing
protocol failure and needed some emergency reconfiguration (which could
only be done from out of band).
I'm sure Joel is the only one that's had this happen too. Right Joel?
inline flow export is generated in linecard asics so it's not really
suitable for the oob port.
I think this is really my point, you need
* fxp0 for ssh, snmp
* inband for netflow, snmp (if HW) (redundant)
* rs232 to attempt recovering box from control-plane software failure
Why build fxp0, if you need inband for something anyhow? It costs money,
adds complexity, and delivers no value if RS232 is also implemented with
in-band.
I think we've covered this multiple times now and you even covered it
above a bit. ssh, snmp, software loads, etc. require the fxp0 port
if/when you have no in-band access for wahtever reason, of which there
could be many.
--
Brandon Ross Yahoo & AIM: BrandonNRoss
+1-404-635-6667 ICQ: 2269442
Schedule a meeting: https://doodle.com/bross Skype: brandonross
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp