On Sun, 18 Nov 2018 at 17:35, Mark Tinka <mark.tinka@seacom.mu> wrote:
I've found my fair share of IS-IS bugs since I began using it back in 2007 (when SRC ruled the roost on 7200/7600). What matters is that stuff gets fixed.
In 7600 it is simply not possible because of hardware limitation. I'd be surprised if 7600 was alone here. But does this actually matter? Probably not. I assume we have functional market, and if there was business case in having secure control-planes we would have them. Networks work because no one is motivated to attack the infrastructure, not because we can or have protected it. I expect in time of crisis all state actors can disable the infrastructure in matter of minutes, as they likely have collection of these problems that control-plane protection has. But we will probably fix the infrastructure in matter of days, so probably even then not a big deal. -- ++ytti