[143055] in North American Network Operators' Group
Re: OOB
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Jul 26 22:34:34 2011
In-Reply-To: <20110726213404.GG20415@besserwisser.org>
Date: Tue, 26 Jul 2011 22:33:54 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: =?ISO-8859-1?Q?M=E5ns_Nilsson?= <mansaxel@besserwisser.org>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Jul 26, 2011 at 5:34 PM, M=E5ns Nilsson <mansaxel@besserwisser.org>=
wrote:
> Subject: Re: OOB Date: Tue, Jul 26, 2011 at 10:14:21AM -0400 Quoting Chri=
stopher Morrow (morrowc.lists@gmail.com):
>> On Tue, Jul 26, 2011 at 10:03 AM, Paul Stewart <paul@paulstewart.org> wr=
ote:
>> > We do everything in-band with strict monitoring/policies in place.
>>
>> what do you do if your in-band fails? if a router/switch/ROADM is
>> isolated from the rest of your network?
>> (isn't that the core point of the OP?)
>
> Vendor C sells nice small routers with something like CAB-OCTAL-ASYNC
> _and_ a 3G modem instead of the BRI port. The 3G modem keeps its
> connection up (our telecom provider has true flat rate on domestic 3G,
> YMMV) and VPN's to the head office much like any other telecommuter. This
> cuts through all telco stupidity with firewalled or NAT'ed 3G phones
> etc, especially if one uses the break-out-from-hotel-LAN functions of
> the VPN system. The router of course actively keeps the VPN up and
> reestablishes it if needed.
how well does that work inside a big metal box like equinix?
You are, of course, just making a singular point: "Find something to
make yourself an OOB network, hey this thing does vpn over 3g, neato!"
I agree, it's neat.. it may not fit all square holes, sometimes you
need a round or triangle shaped plug.
