On 9/1/15, 1:36 PM, "NANOG on behalf of Roland Dobbins" <nanog-bounces@nanog.org on behalf of rdobbins@arbor.net> wrote:
It should've already been spent for an OOB/DCN network, which should've been provisioned with flow telemetry in mind.
I'm going to interpret that "should" in the same way as the MUST in RFC6919. :-) Yes, it's a good practice, but like most other proactive security measures, is extremely hard to justify spending money on it to avoid the risk that it breaks fantastically when it is needed most. Though you could provide a little insurance against the problem you're highlighting here via a QoS policy that prioritizes flow data over customer traffic. Several of the OOB networks/designs I'm familiar with significantly predate the entire concept of flow telemetry, as well as my own networking career, and are still rocking the same set of Cisco 2500 routers with async cards (many with uptimes measured in years) and 64k leased lines or dialup on demand they've been using for literally almost 2 decades. When one of those ancient devices dies of old age, you scrounge for the cheapest equivalent you can find to replace it to maintain your oob access to the 9600/8/1/none console ports for when things have gone truly pear-shaped. Often there is a separate management network that can deal with ethernet speeds, but it's separate for security reasons and not always as rigidly independent from the in band network for connectivity, i.e. It might be a VPN riding over the regular network and thus not completely protected from the problem you're concerned about. Thanks, Wes Anything below this line has been added by my company’s mail server, I have no control over it. -----------
This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.