[j-nsp] CVE-2023-4481
Gert Doering
gert at greenie.muc.de
Sun Sep 17 09:52:31 EDT 2023
Hi,
On Sun, Sep 17, 2023 at 03:07:26PM +0200, Tobias Heister via juniper-nsp wrote:
> So, like with all features and knobs, you might want to consider whether it
> brings you any benefit to keep the prefixes in hidden state or "minimize"
> processing of things you will maybe never look at.
From an operational perspective, knowing that a given prefix *did* arrive
at the local router, and was then dropped (= hidden) for a specific reason
is very valuable. Without that information, you can only guess "did my
peer send it at all?" and troubleshooting *this* means "talk to people
outside your organization" which is way more time consuming than just
looking at hidden prefixes.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany gert at greenie.muc.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20230917/4cc8b8aa/attachment.sig>
More information about the juniper-nsp
mailing list