[130304] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Using crypto auth for detecting corrupted IGP packets?

daemon@ATHENA.MIT.EDU (Manav Bhatia)
Fri Oct 1 01:38:08 2010

In-Reply-To: <8943BD09-32CF-4F83-9EBE-1558679E1FEF@puck.nether.net>
Date: Fri, 1 Oct 2010 11:07:58 +0530
From: Manav Bhatia <manavbhatia@gmail.com>
To: Jared Mauch <jared@puck.nether.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

>
> I really wish there was a good way to (generically) keep a 4-6 hour buffer of all control-plane traffic on devices. While you can do that with some, the forensic value is immense when you have a problem.
>

Buffering for 4-6 hours worth of control traffic is HUGE! What about
mirroring your control traffic arriving on your network ports to some
other dedicated port?

Manav


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[130304] in North American Network Operators' Group

Re: Using crypto auth for detecting corrupted IGP packets?

daemon@ATHENA.MIT.EDU (Manav Bhatia)Fri Oct 1 01:38:08 2010

daemon@ATHENA.MIT.EDU (Manav Bhatia)
Fri Oct 1 01:38:08 2010