[f-nsp] XMR Software Upgrade Path from 4.0.1a

Abello, Vinny Vinny_Abello at dell.com
Tue Feb 15 23:28:34 EST 2011


Dunc,

This limits ipv6 telnet/ssh traffic to the device on any interface/ip address in my network.

-Vinny

On Feb 3, 2011, at 5:32 AM, Dunc wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Ah, the docs suggest that this only affects access on the management
> port. I need to do this for all ports.
> 
> Vinny, can you confirm if this just works for the management port for
> you or all interfaces?
> 
> 
> Cheers,
> 
> Dunc
> 
> 
> On 03/02/11 10:11, Dunc wrote:
>> Oooh, I hadn't spotted that before. So does that filter traffic to the
>> control plane?
>> 
>> 
>> Cheers,
>> 
>> Dunc
>> 
>> 
>> On 02/02/11 16:40, Abello, Vinny wrote:
>>> I'm running 3.9.x currently on the XMR 4000's and filter SSH/telnet on IPv6 using ipv6 access-lists just fine. I'm applying it with "ipv6 access-class" in the global configuration.
>> 
>>> -Vinny
>> 
>>> -----Original Message-----
>>> From: foundry-nsp-bounces at puck.nether.net [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Dunc
>>> Sent: Thursday, January 27, 2011 5:05 PM
>>> To: foundry-nsp at puck.nether.net
>>> Subject: Re: [f-nsp] XMR Software Upgrade Path from 4.0.1a
>> 
>>> Hi Igor,
>> 
>>> Have you tried to do an ACL for v6 SSH access? I just tried to do it, and it doesn't seem to exist in 4.0.1b. I have the docco for version 4.1 here which says it's there, so I'm wondering if I've been unlucky enough to be /just/ behind where it was introduced.
>> 
>>> Weirdly our RXes which are running much older code (I know it's different code, but we've had it for years now) are happy to restrict v6 SSH.
>> 
>> 
>>> Cheers,
>> 
>>> Dunc
>> 
>> 
>>> On 17/01/11 21:02, Igor Ybema wrote:
>>>> Hi,
>> 
>>>> We at Oxilion, dutch based hosting provider, are running 4.0.0a for
>>>> about 2 years now without any problems. Basic functions like OSPF,
>>>> BGP, IPv4/IPv6 dualstack etc.
>> 
>>>> No need to upgrade to 5.1 here yet.
>> 
>>>> regards, Igor
>>>> _______________________________________________
>>>> foundry-nsp mailing list
>>>> foundry-nsp at puck.nether.net
>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>> 
>> 
>> ________________________________
>> This email and any attachments it may contain is confidential and
>> solely intended for the use of the named addressee(s) only. Any views or
>> opinions presented are solely those of the author and do not necessarily
>> represent those of The Bunker. If you are not the intended recipient, be
>> advised that you have received this email in error and that you should
>> not rely on it or take any action based on it. You should not publish,
>> use, disseminate, print, forward or copy this email as it is strictly
>> prohibited. Please contact the sender if you have received this email in
>> error and destroy it.
>> 
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>> 
>> 
> ________________________________
> This email and any attachments it may contain is confidential and
> solely intended for the use of the named addressee(s) only. Any views or
> opinions presented are solely those of the author and do not necessarily
> represent those of The Bunker. If you are not the intended recipient, be
> advised that you have received this email in error and that you should
> not rely on it or take any action based on it. You should not publish,
> use, disseminate, print, forward or copy this email as it is strictly
> prohibited. Please contact the sender if you have received this email in
> error and destroy it.
> 
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
> 
> 
> - --
> Duncan Lockwood
> Principal Network Engineer
> 
> The Bunker Secure Hosting Limited
> Ash Radar Station
> Marshborough Road
> Sandwich
> Kent CT13 0PL
> UNITED KINGDOM
> 
> t: 01304 814 800
> f: 01304 814 899
> e: dunc at thebunker.net
> w: www.thebunker.net
> PGP on Key Servers
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.15 (GNU/Linux)
> Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
> 
> iEYEARECAAYFAk1KhCUACgkQOZKi9YO9TB6zQgCfRdbroDae7AU/5smhZgr1Vnng
> s8sAnjoJfMXeEudNvJbb08fA4ULT8J4T
> =xu0W
> -----END PGP SIGNATURE-----
> ________________________________
> This email and any attachments it may contain is confidential and solely intended for the use of the named addressee(s) only. Any views or opinions presented are solely those of the author and do not necessarily represent those of The Bunker. If you are not the intended recipient, be advised that you have received this email in error and that you should not rely on it or take any action based on it. You should not publish, use, disseminate, print, forward or copy this email as it is strictly prohibited. Please contact the sender if you have received this email in error and destroy it.
> 
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp





More information about the foundry-nsp mailing list