[45721] in North American Network Operators' Group
Re: it's here
daemon@ATHENA.MIT.EDU (Jake Khuon)
Wed Feb 13 12:51:07 2002
Message-Id: <200202131750.g1DHoGGY008836@llama.wooj.com>
From: "Jake Khuon" <khuon@NEEBU.Net>
To: nanog@merit.edu
In-reply-to: Eric Brandwine's message of 13 Feb 2002 15:55:25 +0000.
<gu9bsetv0k2.fsf@rampart.argfrp.us.uu.net>
Reply-To: khuon@NEEBU.Net (Jake Khuon)
Date: Wed, 13 Feb 2002 09:50:16 -0800
Errors-To: owner-nanog-outgoing@merit.edu
### On 13 Feb 2002 15:55:25 +0000, Eric Brandwine <ericb@UU.NET> casually
### decided to expound upon Ron da Silva <ron@aol.net> the following
### thoughts about "Re: it's here":
EB> Without control plane seperation (and it's not possible with Cisco,
EB> Juniper, or most other routers out there), management services are
EB> listening on the public network, and that makes this very scary,
EB> regardless of filtering policies, etc.
Huh? Junipers have the fxp0 interface which can be used for management.
You're just not supposed to route between the management fxp0 and your
production interfaces.
--
/*===================[ Jake Khuon <khuon@NEEBU.Net> ]======================+
| Packet Plumber, Network Engineers /| / [~ [~ |) | | --------------- |
| for Effective Bandwidth Utilisation / |/ [_ [_ |) |_| N E T W O R K S |
+=========================================================================*/
