[c-nsp] NCS-5001 - MPLS L3VPN Issue
Phil Mayers
p.mayers at imperial.ac.uk
Tue Mar 1 06:21:11 EST 2016
On 01/03/16 08:22, Gert Doering wrote:
> It's an expression of distrust to the software upgrade process...
Numerous vendors who build their network OSes on top of third-party
general-purpose OSes (e.g. Linux) have problems which justify this distrust.
It's not uncommon for the vendor-specific interface to push some of the
config (e.g. SSH, NTP, syslog) down onto the underlying OS, and in some
cases, fail to clean this config up because it has "forgotten" about it.
An example might be that the OS image has a file:
/etc/daemon.conf:
include /etc/daemon.d/*
...and a file gets dropped into /etc/daemon.d when a feature is
configured, but fails to get removed when it is unconfigured, but the
include continues to read it.
I don't want to name any names here, although I am *not* thinking of
Cisco (or Juniper, in fact). But it's a problem I've fought with.
Upgrades != Fresh installs, unless the OS is a complete, self-contained,
read-only image, with the only mutable state being config applied to the
ramdisk *after* boot ;o)
More information about the cisco-nsp
mailing list