Winstar says there is no TCP/BGP vulnerability

• Previous message (by thread): Winstar says there is no TCP/BGP vulnerability
• Next message (by thread): Winstar says there is no TCP/BGP vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Apr 21, 2004, at 10:38 AM, Jared Mauch wrote:

> On Wed, Apr 21, 2004 at 10:19:10AM -0400, Patrick W.Gilmore wrote:
>>
>>> Yes, it generates more work to update the database,
>>> but OTOH it provides the LIII engineer with a lot more to 
>>> troubleshoot
>>> issues. Is it simply not worth the work at your scale?
>>
>> Exactly.
>>
>> And you do not have to be at 701's scale for this to not work.
>
> 	We've not had these issues and have been using
> bgp passwords/md5 for years.  We do have a fancy configuration
> managment system in place, whereby people put things into the
> database first before they configure the router.

Sorry, in this particular post, we were (or at least I was) talking 
about having prefix filters for all your peers.  I know I've talked a 
lot about MD5 lately, just thought it would be a nice change of 
subject. :)

If you do prefix filter all your peers, that is impressive.  Do you get 
out of sync a lot?  Does it help keep the network more stable?  Or do 
process problems make it worse than just max-prefixes on a peer?

-- 
TTFN,
patrick

• Previous message (by thread): Winstar says there is no TCP/BGP vulnerability
• Next message (by thread): Winstar says there is no TCP/BGP vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]