RE: ip-precedence for management traffic

["Sachs, Marcus Hans (Marc)" <marcus.sachs () verizon com>]

Totally out of the box, but here goes:  why don't we run the entire Internet management plane "out of band" so that 
customers have minimal ability to interact with routing updates, layer 3/4 protocols, DNS, etc.?  I don't mean 100% 
exclusion for all customers, but for the average Joe-customer (residential, business, etc., not the researcher, network 
operator, or clueful content provider) do they really need to have full access to the Internet mechanisms (routing, 
naming, numbering, etc.)?

We already provide lots of proxy services for end users, so why not finish the job and move all of the management 
mechanisms out of plain sight?

Marc

-----Original Message-----
From: Mehmet Akcin [mailto:mehmet () akcin net] 
Sent: Tuesday, December 29, 2009 6:03 AM
To: NANOG list
Subject: Re: ip-precedence for management traffic


On Dec 29, 2009, at 2:07 AM, Dobbins, Roland wrote:

> On Dec 29, 2009, at 6:02 PM, Luca Tosolini wrote:
>
> > this leaves out only ipp 7 for management traffic, on the premise that routing and management should not share the 
> > same queue and resources.....
>
> Management-plane traffic should be sent/received via your DCN/OOB network, so that it's not competing with customer 
> traffic nor subject to network partitions or other disruptive events.  It should not be co-mingled with traffic on 
> the production network.

Agreed, it's very important to have a management network that is reachable while you are under ddos or some kind of 
mess you or someone else've created. Often having something like an ADSL like connection will save trips to colo and 
will give you nice abilities to work on stuff when combined with serial management tools.

Mehmet