Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: it's here

  • From: jerry scharf
  • Date: Wed Feb 13 11:41:02 2002


C'mon guys. Exchange point rate anti-spoof filtering is not necessary to solve this problem.

This is why there are switches (using vlans if you choose) and router interfaces. Unless you are taking an OC3's worth of management traffic, you create a net just for your management traffic, put in on an interface and hang your entire site's snmp gear off of that. If you want it to be private, GRE and 1918 addresses are your friends, and filter to allow only traffic from those nets. None of this is new or hard.

Also, most everyone now supports snmpv3 security, so you can do that as well. (I just do it the old way I know how, so I haven't played much with this.)

jerry





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.