[j-nsp] SNMP on logical-system fxp0
Jeff Wheeler
jsw at inconcepts.biz
Wed Apr 24 20:54:17 EDT 2013
On Wed, Apr 24, 2013 at 7:17 PM, Brandon Ross <bross at pobox.com> wrote:
> On Wed, 24 Apr 2013, Pavel Lunin wrote:
>> This is what I never understood. Why people want to use fxp0 (or any
>> other "dedicated management") iface for real production management?
>
> Are you suggesting that they should purchase a 10/100/1000 copper card just
> for management? Or are you suggesting that they should buy 10GbE switches
> for their out of band management network?
No, he's questioning the wisdom of doing SNMP queries, and other
automated, routine management functions, against fxp0 instead of an
interface that is protected by the hardware CoPP.
One of my clients uses an NMS that sometimes starts sending ~3k PPS of
SNMP BulkGets to a router. They don't know why. If that traffic was
hitting fxp0 with no policer, etc. then it would consume a lot of CPU.
My view is that fxp0 is an out-of-band interface for manual
intervention; not one that I ever use for SNMP.
--
Jeff S Wheeler <jsw at inconcepts.biz>
Sr Network Operator / Innovative Network Concepts
More information about the juniper-nsp
mailing list