[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A few potential requirements

To: Bill Woodcock <woody@pch.net>
Subject: Re: A few potential requirements
From: "R.P. Aditya" <aditya@grot.org>
Date: Mon, 25 Jun 2001 15:46:40 -0700
Cc: ops-nm@ops.ietf.org
Delivery-date: Mon, 25 Jun 2001 15:46:54 -0700
Envelope-to: ops-nm-data@psg.com
Reply-To: "R.P. Aditya" <aditya@grot.org>

On Mon, Jun 25, 2001 at 03:28:20PM -0700, Bill Woodcock wrote:
> I guess I agree, and there are certainly kinds of devices that I like to
> have menus for, but I also think we need to be careful about making
> suggestions to vendors which are beyond what we _really really want them
> to do_, since it may encourage them to invest effort in menu stuff, rather
> than in a uniform CLI.

agreed. Do we need to say that everything configurable via any interface
*must* also be configurable via the CLI?

> I agree, basically, but think we need a little more discussion.  What
> you say is definitely correct and important with respect to big iron.
> What about small boxes, like CPE?  End-users won't have serial cables
> and terminals, and may really need web access enabled by default.

It's a really difficult call for CPE -- do they really need multiple user
levels? 

I currently have so called "enterprise" equipment that can only be configured
via SNMPv1 over IP over Ethernet and defaults to having the rw string to
"public". So how do I soft-boot it when it becomes unreachable over the
ethernet?  Ugh.

I would advocate that all configurable network equipment must include an RS232
(either male-db9 or RJ-45) port for configuration and a cable that connects to
either male db9 or RJ45. If we could settle on rollover RJ45, that would make
me weep with joy.

While talking about hardware-access requirements, what do folks feel about
"reset to factory default" requirements? or is that out-of-scope?

>     > The serial console "out-of-band" should always be on.
> 
> Specifically, do you mean that it should be on by default when a box
> comes from the factory (I assume we have consensus on that), or that it
> should be _impossible to disable_?  I think I'd agree with the latter as
> well, but it's likely to be more controversial.

I think at least one management interface should be impossible to disable.
Serial console seems most appropriate for that.

> I think this is another reason why we need multiple permissions-levels in
> the box, so that people won't feel that they need to disable craft ports.

yes.

Adi

Prev by Date: Re: text format of configurations
Next by Date: Re: text format of configurations
Prev by thread: Re: A few potential requirements
Next by thread: Re: A few potential requirements
Index(es):
- Date
- Thread