[c-nsp] 6500 VSS for campus L3 core?
Gert Doering
gert at greenie.muc.de
Thu Feb 14 09:26:46 EST 2013
Hi,
On Thu, Feb 14, 2013 at 09:49:50PM +1100, Andrew Miehs wrote:
> And that leads to the next question - Which do you trust more, your
> firewall vendors BGP implementation or VSS?
The whole point of BGP-to-the-next-device is that you do not have to
*trust* it. You filter what you accept...
(And getting the "announce the right bits plus keepalive" stuff in BGP
right is not that hard, even some firewall vendors can get it done)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20130214/b4c77d2a/attachment.sig>
More information about the cisco-nsp
mailing list