nanog mailing list archives
Re: Cisco and the tobacco industry
From: "Jeffrey I. Schiller" <jis () MIT EDU>
Date: Sat, 30 Jul 2005 16:34:21 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Folks. All that is needed is for cisco to put an "upgrade" command into their router. The "upgrade" command determines the routers version (and current patch level) and requests the download of a version specific patch file. The command takes as arguments the on-disk (flash) version of the core image and the beginning of a URL where to find the file. The filename itself can be constructed based on the current version. The upgrade file itself contains the checksum of the image it should be applied against as well as the checksum of the final image. Of course it is digitally signed by cisco (so Cisco will need a public key installed in its images). The upgrade command then determines if sufficient flash exists to perform the change and performs the upgrade. It might even be able to patch in the in-core image (presumably this can be done via code that is included in the patch itself, I leave this as an exercise for cisco). The actual patch file can be located in a server at the customer's site and Cisco can distribute them via BitTorrent :-) Important points: * Upgrade is initiated by the user. If the necessary arguments are stored in the system configuration, perhaps the upgrade can be triggered by SNMP even (yeah right). * All patches are signed. * Patches know what version they apply to and are careful to ensure they are being applied to the right version (even if the customer improperly names the files on their server). This isn't trivial to do, but it isn't rocket science either! -Jeff - -- ============================================================================= Jeffrey I. Schiller MIT Network Manager Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice jis () mit edu ============================================================================ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC6+RK8CBzV/QUlSsRAmdAAKDCpvTl0sBIk5v0hX1Wbta1mRHe4ACg5/Or ONwi+567ZEAdtW7B1J/yDhk= =GJ2e -----END PGP SIGNATURE-----
Current thread:
- Re: Cisco and the tobacco industry, (continued)
- Re: Cisco and the tobacco industry Geo. (Jul 30)
- Re: Cisco and the tobacco industry Valdis . Kletnieks (Jul 30)
- Re: Cisco and the tobacco industry Owen DeLong (Jul 30)
- Re: Cisco and the tobacco industry Geo. (Jul 31)
- Re: Cisco and the tobacco industry Geo. (Jul 30)
- Re: Cisco and the tobacco industry Brad Knowles (Jul 30)
- Re: Cisco and the tobacco industry Geo. (Jul 30)
- Re: Cisco and the tobacco industry Roy Badami (Jul 30)
- Re: Cisco and the tobacco industry JC Dill (Jul 30)
- Re: Cisco and the tobacco industry Brad Knowles (Jul 30)
- Re: Cisco and the tobacco industry Jeffrey I. Schiller (Jul 30)
- Re: Cisco and the tobacco industry Tony Li (Jul 30)
- Re: Cisco and the tobacco industry Jeffrey I. Schiller (Jul 30)
- Re: Cisco and the tobacco industry Ivan Groenewald (Jul 30)
- Re: Cisco and the tobacco industry Jeffrey I. Schiller (Jul 30)
- Re: Cisco and the tobacco industry Geo. (Jul 31)
- RE: Cisco and the tobacco industry Christopher X. Candreva (Jul 28)
- RE: Cisco and the tobacco industry Christopher L. Morrow (Jul 28)
- Re: Cisco and the tobacco industry Daniel Golding (Jul 28)