On 18/Nov/18 18:00, Saku Ytti wrote:
In 7600 it is simply not possible because of hardware limitation. I'd be surprised if 7600 was alone here.
I've never ran the 7600 (the 6500 was as close as I got, but that was just purely for Ethernet switching). While it wouldn't surprise me that shops were still running this platform in 2018, it's starting to show its age...
But does this actually matter? Probably not. I assume we have functional market, and if there was business case in having secure control-planes we would have them. Networks work because no one is motivated to attack the infrastructure, not because we can or have protected it. I expect in time of crisis all state actors can disable the infrastructure in matter of minutes, as they likely have collection of these problems that control-plane protection has. But we will probably fix the infrastructure in matter of days, so probably even then not a big deal.
Fair point. Mark.