[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ops-operator-req-mgmt-01

To: ops-nm@ops.ietf.org
Subject: ops-operator-req-mgmt-01
From: john heasley <heas@shrubbery.net>
Date: Wed, 26 Dec 2001 16:09:42 -0800
User-agent: Mutt/1.2.5i

   First, every device (where a "device" is a piece of network
   equipment intended for configuration by professional operators, as
   defined above) MUST feature an RS-232 serial port (commonly referred
   to as a "console port" or a "craft interface") with an RJ-45 female
   form-factor, offering access to the device's command line via a
   login prompt at 9600 baud.  This uniform interface allows the
   operator to perform initial configuration of the device, endowing it
   with user accounts, passwords, network interfaces, and frequently
   the ability to communicate in-band via an interactive communications
   network protocol.  New, unconfigured devices MUST NOT require or
   have knowledge of a username or password at the time of the
   operator's first login on the console port.


   Regardless of the method of physical transport, the developer must
   provide sufficient input buffer to accept at a minimum, a
   maximum-length configuration at line speed without dropping any
   characters from the input.  As of the time of this draft many
   vendors drop characters from a "pasted" configuration via telnet,
   ssh, or most notably, the craft port.

this doesnt make sense.  whether a serial console or a tcp connection,
there should be a sense of flow-control and size of buffer space should
not matter.  if anyone has experienced dropped characters, i suggest its
lack of flow-control (or mismatch), faulty user-agent (ie: windowing
system or tip/cu configuration), etc.  maybe this is lacking specification
of s/w or h/w flow-control, data-bits, parity, etc for serial consoles?

   Devices MAY also implement bootp, xmodem, and zmodem.  FTP SHOULD
   NOT be included, as it passes passwords across the wire unencrypted.

i completely disagree with omission of FTP.  ftp is an excellent method
to upload router core dumps that exceed the size capabilities of tftp.
just as it a good way to download images, while tftp is udp and i sure
dont want scp logins from routers to my config servers.  ftpd can be run
anonymous only and can use tcp_wrapper like filtering features.  ftp
client should be a requirement.

Follow-Ups:
- Re: ops-operator-req-mgmt-01
  - From: Randy Bush <randy@psg.com>
- Re: ops-operator-req-mgmt-01
  - From: Bill Woodcock <woody@pch.net>

Prev by Date: Re: -01 ops-nm draft?
Next by Date: Re: ops-operator-req-mgmt-01
Previous by thread: -01 ops-nm draft?
Next by thread: Re: ops-operator-req-mgmt-01
Index(es):
- Date
- Thread