nanog mailing list archives
Re: Proper authentication model
From: "Gernot W. Schmied" <gernot.schmied () chello at>
Date: Sun, 16 Jan 2005 12:19:37 +0100
Iljitsch van Beijnum wrote:
On 12-jan-05, at 11:30, Gernot W. Schmied wrote:True out of band management networks are very hard to build and very hard to use, and you run the risk that you can't get at your stuff because the management network is down.IS-IS can be highly recommended for true out of band management, it is reachable when IP goes down the drain entirely.To me, true "out of band management" means that the management traffic doesn't flow over production links. You are right that IS-IS can continue to function when IP is confused (although with integrated IS-IS OSI will probably be just as confused as IP). But IS-IS isn't a management protocol, of course. :-)IPv6 is also very useful in providing non-IPv4 management.
True, but integrated IS-IS is not true IS-IS strictly speaking. I am referring to ISO CLNS/CLNP, who actually needs IP if you have other fine network layer protocols alt your disposal ,-)?
I used to recommend this measure in combination with BRI ISDN management lines, it's affordable and works without constantly testing analog dialin. A dedicated infrastructure beyond that measure simply is not justifiable economically. Besides, SDH and DWDM use separate management approaches as well, so does SS7 infrastructure. It is always a combination. Some people also use management VCIs/DLCIs which does not buy you much.
my 0.02$, Gernot
Current thread:
- Proper authentication model Kim Onnel (Jan 11)
- Re: Proper authentication model Daniel Golding (Jan 11)
- Re: Proper authentication model Iljitsch van Beijnum (Jan 11)
- Re: Proper authentication model Gernot W. Schmied (Jan 12)
- Re: Proper authentication model Iljitsch van Beijnum (Jan 12)
- Re: Proper authentication model David Gethings (Jan 12)
- Re: Proper authentication model Erik Haagsman (Jan 12)
- Re: Proper authentication model Daniel Golding (Jan 12)
- Re: Proper authentication model Erik Haagsman (Jan 13)
- Re: Proper authentication model Iljitsch van Beijnum (Jan 11)
- Re: Proper authentication model Daniel Golding (Jan 11)
- Re: Proper authentication model Gernot W. Schmied (Jan 16)
- Re: Proper authentication model Joe Abley (Jan 11)
- Re: Proper authentication model Stephen Stuart (Jan 12)
- <Possible follow-ups>
- RE: Proper authentication model Hannigan, Martin (Jan 12)
- Re: Proper authentication model Joe Abley (Jan 12)
- RE: Proper authentication model Steve Gibbard (Jan 12)
- RE: Proper authentication model Hannigan, Martin (Jan 12)
- Re: Proper authentication model Joe Abley (Jan 12)
- Re: Proper authentication model Daniel Golding (Jan 12)
- Re: Proper authentication model Joe Abley (Jan 12)