Re: [j-nsp] SNMP on logical-system fxp0

Thu, 25 Apr 2013 11:01:02 -0700 

On Thu, 25 Apr 2013, Saku Ytti wrote:


On (2013-04-25 08:29 -0700), joel jaeggli wrote:


It's not OOB, it's completely fate-sharing the freebsd/junos.

it's not part of the forwarding plane so it certainly is not
in-band, what you connect it to of course is your business. we
connect them to our oob network.


Yes it's not fate-sharing forwarding-plane, but it's fate-sharing the whole
control-plane.
You need ports, wiring to build fxp0 management network, which isn't even
redundant, single port down and it's not reachable.


Which is MUCH better that not reachable, ever, at all.


Lot of cost+complexity for only benefit of being able to configure router
when forwarding is broken but router not.


Which never happens, right?
I guess I'm just the lucky one that gets routers that freak out due to a bug (not necessarily just Juniper, but in general) or attack or whatever and become unreachable except for out of band access. I'm also probably the only one that has worked on networks that had cascading routing protocol failure and needed some emergency reconfiguration (which could only be done from out of band). 

I'm sure Joel is the only one that's had this happen too.  Right Joel?


inline flow export is generated in linecard asics so it's not really
suitable for the oob port.


I think this is really my point, you need

* fxp0 for ssh, snmp
* inband for netflow, snmp (if HW)  (redundant)
* rs232 to attempt recovering box from control-plane software failure

Why build fxp0, if you need inband for something anyhow? It costs money,
adds complexity, and delivers no value if RS232 is also implemented with
in-band.
I think we've covered this multiple times now and you even covered it above a bit. ssh, snmp, software loads, etc. require the fxp0 port if/when you have no in-band access for wahtever reason, of which there could be many. 

--
Brandon Ross                                      Yahoo & AIM:  BrandonNRoss
+1-404-635-6667                                                ICQ:  2269442
Schedule a meeting:  https://doodle.com/bross            Skype:  brandonross
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Reply via email to