nanog mailing list archives

RE: OOB

From: "Paul Stewart" <paul () paulstewart org>
Date: Tue, 26 Jul 2011 11:04:40 -0400

Honestly - in our core network, this has only happened once in almost 10
years... seriously.  Everything in our core networks is redundant ... yes, I
know redundancy breaks of course ;)

When it did happen, we had remote hands reboot the equipment and everything
was restored in approximately 30 minutes.

I'm not saying boldly that we won't get caught with our pants down some day
- just that previous experience has shown us to be prepared for the worst
and the worst hasn't occurred. We have looked at OOB options and it's been
discussed many times - it just slips off the radar constantly.  Maybe it's
"once bitten, twice shy" that needs to occur for the priority to change
again.


-----Original Message-----
From: christopher.morrow () gmail com [mailto:christopher.morrow () gmail com] On
Behalf Of Christopher Morrow
Sent: Tuesday, July 26, 2011 10:14 AM
To: Paul Stewart
Cc: NANOG list
Subject: Re: OOB

On Tue, Jul 26, 2011 at 10:03 AM, Paul Stewart <paul () paulstewart org> wrote:

We do everything in-band with strict monitoring/policies in place.


what do you do if your in-band fails? if a router/switch/ROADM is
isolated from the rest of your network?
(isn't that the core point of the OP?)

-----Original Message-----
From: harbor235 [mailto:harbor235 () gmail com]
Sent: Tuesday, July 26, 2011 9:57 AM
To: NANOG list
Subject: OOB

I am curious what is the best practice for OOB for a core
infrastructure environment. Obviously, there is
an OOB kit for customer managed devices via POTS, Ethernet, etc ... And
there is OOB for core infrastructure
typically a separate basic network that utilizes diverse carrier and

diverse

path when available.

My question is, is it best practice to extend an inband VPN throughout for
device management functions as well?
And are all management services performed OOB, e.g network management,

some

monitoring, logging,
authentication, flowdata, etc ..... If a management VPN is used is it also
extended to managed customer devices?

What else is can be done for remote management and troubleshooting
capabilities?

Mike

Current thread:

OOB harbor235 (Jul 26)
- RE: OOB Paul Stewart (Jul 26)
  - Re: OOB Eric Clark (Jul 26)
  - Re: OOB Christopher Morrow (Jul 26)
    - RE: OOB Jensen Tyler (Jul 26)
    - Re: OOB Jeff Kell (Jul 26)
    - RE: OOB Leigh Porter (Jul 26)
    - RE: OOB Paul Stewart (Jul 26)
    - Re: OOB Christopher Morrow (Jul 26)
    - Re: OOB bmanning (Jul 26)
    - Re: OOB Måns Nilsson (Jul 26)
    - Re: OOB Christopher Morrow (Jul 26)
    - Re: OOB Joel Jaeggli (Jul 26)
    - Re: OOB Måns Nilsson (Jul 26)
    - Re: OOB PC (Jul 27)
- Re: OOB Cameron Byrne (Jul 26)
  - Re: OOB Arnold Nipper (Jul 26)
- Re: OOB Tim Eberhard (Jul 26)

(Thread continues...)