nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cisco ASR9902 SNMP polling ... is interesting

From: Saku Ytti via NANOG <nanog () lists nanog org>
Date: Sat, 2 Aug 2025 10:32:25 +0300
On Fri, 1 Aug 2025 at 21:45, Mel Beckman <mel () beckman org> wrote:


Cisco is likely to say that the control plane is only fully supported on the management port. After all, the control 
plane was invented to separate management functions from the data forwarding process.



Cisco will 100% fully support control-plane on in-line ports, before
cloudy shop in-line was the norm, MGMT port exception.

Management ports to this day are extremely dangerous and I consider
using them anti pattern.


If you have MGMT L2 broadcast domain, you can potentially break every
control-plane by having L2 storms (actual risk that has happened).
Because you cannot protect the control-plane on MGMT ETH port, for
obvious reasons. And you can protect (some platforms better, some
worse) control-plane on in-line ports by combination of QoS, ACL,
control-plane ACL, control-plane police/shape/ACL.


It might be easier to contribute, if there is familiarity to the subject matter.

-- 
  ++ytti
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/RDGGSP5K4OGNLISRI3T6H6MIE3TL3P6Y/
Previous By Date Next
Previous By Thread Next

Current thread: