nanog mailing list archives
Re: cost of misconfigurations
From: Jared Mauch <jared () puck nether net>
Date: Thu, 9 Aug 2012 10:43:50 -0400
On Aug 2, 2012, at 10:31 AM, Brandt, Ralph wrote:
The misconfiguration cost is usually not calculable in itself. But I think the more important issue is, "How do we prevent it?" I would spend more time on prevention than assessing the cost.
Lots of people have developed best practices on these topics. The problem is pushing against the business side and keeping these in place, and not letting the bar be low at your upstream and peers. There is a secondary issue that is yet still unaddressed. Some vendors still send all routes they receive out to all external peers in the absence of a policy. This is something I want to see corrected as it will require a bit more intelligence when it comes to BGP policy to provide the expected behavior. - Jared
Current thread:
- Re: UCSF Network Admin??, (continued)
- Re: UCSF Network Admin?? Grant Ridder (Aug 01)
- Re: UCSF Network Admin?? Mark Andrews (Aug 01)
- Re: UCSF Network Admin?? Robert Glover (Aug 01)
- cost of misconfigurations Murat Yuksel (Aug 01)
- Re: cost of misconfigurations Diogo Montagner (Aug 01)
- Re: cost of misconfigurations Darius Jahandarie (Aug 01)
- Re: cost of misconfigurations Diogo Montagner (Aug 01)
- Re: cost of misconfigurations George Herbert (Aug 01)
- Re: cost of misconfigurations Simon Knight (Aug 01)
- RE: cost of misconfigurations Brandt, Ralph (Aug 02)
- Re: cost of misconfigurations Jared Mauch (Aug 09)
- cost of misconfigurations Murat Yuksel (Aug 01)
- RE: cost of misconfigurations Eric Wieling (Aug 02)
- Re: cost of misconfigurations Jimmy Hess (Aug 01)
- Re: cost of misconfigurations Randy Bush (Aug 01)
- Re: UCSF Network Admin?? Brian Henson (Aug 01)