[127789] in North American Network Operators' Group
Re: Vyatta as a BRAS
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Wed Jul 14 10:27:50 2010
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG list <nanog@nanog.org>
Date: Wed, 14 Jul 2010 14:27:15 +0000
In-Reply-To: <8239vmnoz8.fsf@mid.bfk.de>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jul 14, 2010, at 8:59 PM, Florian Weimer wrote:
> There might be contractual reasons not to enable that feature. 8-/
Ignoring is generally pretty harmless; dropping can break traceroute, RSVP,=
et. al.
Conversely, there are also generally pretty strong contractual reasons not =
to have one's edge routers go down due to excessive punts.
;>
> Some vendors can process options in hardware, though.
True.
> It's probably not a high-priority issue for vendors until there are
> network issues (as opposed to potential problems seen in labs),
This is always true when it comes to security, and especially to availabili=
ty. That being said, I know that at least one major vendor is cognizant of=
the header-extenstion issue, and is taking steps to mitigate the associate=
d risk.
> so it's going to take quite a bit of time.
Yes, this is always the case, unfortunately.
> Demand for devices with some IP-layer inspection capability that can han=
dle (Fast or Gigabit)
> Ethernet at line rate, no matter what type of frames come in, is also
> a pretty recent thing, and I would be surprised if vendors can provide
> such capabilities across their entire relevant product line (where
> they advertise line-based forwarding).
With large vendors, these things are generally accomplished piecemeal, on a=
BU-by-BY, product-by-product basis. Unfortunate, but true, nonetheless.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
