Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Merike Kaeo <merike () doubleshotsecurity com>]

On Aug 13, 2014, at 6:52 AM, Warren Kumari <warren () kumari net> wrote:

> On Wed, Aug 13, 2014 at 1:40 AM,  <Valdis.Kletnieks () vt edu> wrote:
> > On Wed, 13 Aug 2014 08:08:04 +0300, Hank Nussbacher said:
> >
> > > We went with 768 - enough time to replace the routers with ASR9010s.  It is
> > > merely a stop-gap measure to give everyone time to replace their routers in
> > > an orderly fashion.
> >
> > The same people who, knowing the 6509 had this default config issue, and
> > neither replaced the gear nor did the reconfig to buy time *before* the
> > wall got hit, are going to replace said 6509 in orderly fashion?
>
>
> Sadly enough:
> A: not everyone knew about the issue - there are a large number of
> folk running BGP on 65xx and taking full tables who are not plugged
> into NANOG / the community. In many cases they are single homed
> enterprise folk, but run BGP anyway (because com consultant set it up,
> some employee with clue did it years ago and then left, etc).

I suspect this is true to some extent.  Last NANOG had a record attendance and if I remember
correctly, 300(!!!!) NEW attendees.

Also, Philip Smith is STILL doing the BGP fundamentals tutorials with a full house every time.  Granted
this is mostly around rest of world but there are new folks coming along all the time and while many
old timers are aware of all the historical info on route aggregation, this should be brought up ad nauseum
for new folks.  Do enterprise type educational folks who include routing tutorials do anything with route
aggregation?  Just wondering out loud.  

> B: they *did* know about the issue, but convincing management to spend
> the cash to buy hardware that doesn't suck was hard, because
> "everything is working fine at the moment" -- some folk needed things
> to fail spectacularity to be able to justify shelling out the $$$ (
> yes, they could recard the TCAM, but they are using this as an excuse
> to get some real gear)…

Oh yeah, I'd bet this is also the case.  Just like in 'security' related issues….

-  merike

> Am I overly cynical, or does this all work out perfectly for some
> vendors? I'm guessing that a certain vendor is going to see a huge
> number of orders for new equipment, for an event that could have been
> (and was) easily predicted... "Here, buy my widget... and then you'll
> come back in a few years and buy another one.. <mwahahahah>".
> Yup, folk purchasing these *should* have known (not like there was no
> discussions of this), but, well, not everyone spends all day reading
> NANOG / RIPE / CIDR report...
>
> W
>
>
> > Hank, you gotta learn to wear respiratory apparatus when working near
> > open containers of magic router pixie dust - that stuff can screw you up
> > if you inhale it. :)
>
>
>
> -- 
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>   ---maf

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail