[c-nsp] HSRP MD5 Authentication and 12.2(18)SX*

Gert Doering gert at greenie.muc.de
Thu Apr 20 04:11:30 EDT 2006


Hi,

On Thu, Apr 20, 2006 at 11:52:29AM +1000, David J. Hughes wrote:
> Seeing as the 6500 is Cisco's primary ethernet aggregation device it's 
> surprising to see that MD5 based HSRP auth is still nowhere to be seen 
> in SX.  Is there any word from the Cisco folk on when we might see 
> this?  Running publicly visible HSRP auth in a managed server or colo 
> datacentre is a significant risk - and a risk I'd like to avoid.

Where exactly is the risk?

"Your customer can kill his uplink connection".  OK, so who is he hurting?
Himself.  Tough.

(You're not putting different customers into the same layer 3 network
segment, are you?  If you do that, there are lots of other funny things
that customers can do to each other - HSRP is one of your smaller worries)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de


More information about the cisco-nsp mailing list