nanog mailing list archives
Re: OOB core router connectivity wish list
From: Leo Bicknell <bicknell () ufp org>
Date: Wed, 9 Jan 2013 10:18:22 -0800
In a message written on Wed, Jan 09, 2013 at 06:39:28PM +0100, Mikael Abrahamsson wrote:
IPMI is exactly what we're going for.
For Vendors that use a "PC" motherboard, IPMI would probably not be difficult at all! :) I think IPMI is a pretty terrible solution though, so if that's your target I do think it's a step backwards. Most IPMI cards are prime examples of my worries, Linux images years out of date, riddled with security holes and universally not trusted. You're going to need a "firewall" in front of any such solution to deploy it, so you can't really eliminate the extra box I proposed just change its nature. I also still think there's a lot of potential here to take gigantic steps backwards. Replacing a serial console with a Java applet in a browser (a la most IPMI devices) would be a huge step backwards. Today it's trival to script console access, in a Java applet world, not so much. Having a IPMI like device with dedicated ethernet and connection to the management bus would allow it to have a web interface to do things like power cycle individual line cards and may be a win, but I would posit these things are to work around horribly broken upgrade procedures that vendors have not given enough thought. They could be solved with more intelligent software in the ROM and on the main box without needing any add on device.
So I want to retire serial ports in the front to be needed for normal
operation. Look at the XR devices from Cisco for instance. For "normal
maintenance" you pretty much require both serial console (to do rommon
stuff one would imagine shouldn't be needed) and also mgmt ethernet (to
use tftp for downloading software when you need to turbo-boot because the
system is now screwed up because the XR developer ("install") team messed
up the SMUs *again*).
Your vendor is going to hire those same developers to write the code for
your OOB device. The solution here is not bad developers writing and
deploying even more code, it's to demand your vendors uplevel their
developers and software.
Ever have these problems on Vendor J? No, the upgrade process there is
smooth as silk. Not to say that vendor is perfect, they just have
different warts.
--
Leo Bicknell - bicknell () ufp org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Attachment:
_bin
Description:
Current thread:
- Re: OOB core router connectivity wish list, (continued)
- Re: OOB core router connectivity wish list joel jaeggli (Jan 13)
- RE: OOB core router connectivity wish list Jamie Bowden (Jan 14)
- Re: OOB core router connectivity wish list Nick Hilliard (Jan 13)
- Re: OOB core router connectivity wish list Justin M. Streiner (Jan 09)
- Re: OOB core router connectivity wish list Leo Bicknell (Jan 09)
- Re: OOB core router connectivity wish list Saku Ytti (Jan 09)
- Re: OOB core router connectivity wish list Jared Mauch (Jan 10)
- Re: OOB core router connectivity wish list Saku Ytti (Jan 10)
- Re: OOB core router connectivity wish list Blake Dunlap (Jan 10)
- Re: OOB core router connectivity wish list Saku Ytti (Jan 09)
- Re: OOB core router connectivity wish list Mikael Abrahamsson (Jan 09)
- Re: OOB core router connectivity wish list Leo Bicknell (Jan 09)
- Re: OOB core router connectivity wish list Saku Ytti (Jan 09)
- Re: OOB core router connectivity wish list Steven Bellovin (Jan 31)
- Re: OOB core router connectivity wish list Saku Ytti (Jan 09)
- RE: OOB core router connectivity wish list Adam Vitkovsky (Jan 10)
- Re: OOB core router connectivity wish list Dobbins, Roland (Jan 10)
- Re: OOB core router connectivity wish list Mikael Abrahamsson (Jan 10)
- Re: OOB core router connectivity wish list Dobbins, Roland (Jan 10)
- Re: OOB core router connectivity wish list Mikael Abrahamsson (Jan 10)