[c-nsp] 6500 VSS for campus L3 core?

Gert Doering gert at greenie.muc.de
Thu Feb 14 09:26:46 EST 2013


On Thu, Feb 14, 2013 at 09:49:50PM +1100, Andrew Miehs wrote:
> And that leads to the next question - Which do you trust more, your
> firewall vendors BGP implementation or VSS?

The whole point of BGP-to-the-next-device is that you do not have to
*trust* it.  You filter what you accept...

(And getting the "announce the right bits plus keepalive" stuff in BGP
right is not that hard, even some firewall vendors can get it done)

USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20130214/b4c77d2a/attachment.sig>

More information about the cisco-nsp mailing list