[c-nsp] TIL: Maintenance Operations Protocol (MOP)

Drew Weaver drew.weaver at thenap.com
Thu Aug 5 13:20:44 EDT 2021


Yes, in my research I noticed that OS image age has nothing to do with it. Newer images with different trains have it enabled, older images in totally other trains as well.

Also even though it appears to emulate VTY simply configuring the transports doesn't disable it.

I mostly mentioned it because when I did some Googling I noticed it is referenced as being included in IOS XE.

It should be forcibly removed entirely in my opinion.

-----Original Message-----
From: Nick Hilliard <nick at foobar.org> 
Sent: Wednesday, August 4, 2021 5:09 PM
To: Drew Weaver <drew.weaver at thenap.com>
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] TIL: Maintenance Operations Protocol (MOP)

Drew Weaver wrote on 04/08/2021 16:43:
> Sorry for the noise if you are all aware of what MOP is but if you 
> aren't aware of what it is and use Cisco products (especially in a 
> multi-tenant environment) it may be a good idea to read about it and 
> evaluate any impact it may or may not have on your environment.
MOP is one of those services that seems to disappear and reappear on various cisco software versions and trains, almost at random.  It would be interesting to know how much of the old DECnet stack is needed to keep this particular fossil alive.

It leaks link-local frames. This is harmful.  We don't like it at IXPs.

"no mop enabled" disables it on a per interface basis - this is possibly the only cisco command that uses "enabled" instead of "enable" for this context, i.e. this is very ancient.

Nick


More information about the cisco-nsp mailing list