[j-nsp] SNMP on logical-system fxp0

Brandon Ross bross at pobox.com
Thu Apr 25 12:56:08 EDT 2013 

On Thu, 25 Apr 2013, Saku Ytti wrote:

> On (2013-04-25 08:29 -0700), joel jaeggli wrote:
>
>>>> It's not OOB, it's completely fate-sharing the freebsd/junos.
>> it's not part of the forwarding plane so it certainly is not
>> in-band, what you connect it to of course is your business. we
>> connect them to our oob network.
>
> Yes it's not fate-sharing forwarding-plane, but it's fate-sharing the whole
> control-plane.
> You need ports, wiring to build fxp0 management network, which isn't even
> redundant, single port down and it's not reachable.

Which is MUCH better that not reachable, ever, at all.

> Lot of cost+complexity for only benefit of being able to configure router
> when forwarding is broken but router not.

Which never happens, right?

I guess I'm just the lucky one that gets routers that freak out due to a 
bug (not necessarily just Juniper, but in general) or attack or whatever 
and become unreachable except for out of band access.  I'm also probably 
the only one that has worked on networks that had cascading routing 
protocol failure and needed some emergency reconfiguration (which could 
only be done from out of band).

I'm sure Joel is the only one that's had this happen too.  Right Joel?

>> inline flow export is generated in linecard asics so it's not really
>> suitable for the oob port.
>
> I think this is really my point, you need
>
> * fxp0 for ssh, snmp
> * inband for netflow, snmp (if HW)  (redundant)
> * rs232 to attempt recovering box from control-plane software failure
>
> Why build fxp0, if you need inband for something anyhow? It costs money,
> adds complexity, and delivers no value if RS232 is also implemented with
> in-band.

I think we've covered this multiple times now and you even covered it 
above a bit.  ssh, snmp, software loads, etc. require the fxp0 port 
if/when you have no in-band access for wahtever reason, of which there 
could be many.

-- 
Brandon Ross                                      Yahoo & AIM:  BrandonNRoss
+1-404-635-6667                                                ICQ:  2269442
Schedule a meeting:  https://doodle.com/bross            Skype:  brandonross

More information about the juniper-nsp mailing list