[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A few potential requirements

To: "R.P. Aditya" <aditya@grot.org>
Subject: Re: A few potential requirements
From: john heasley <heas@shrubbery.net>
Date: Mon, 25 Jun 2001 16:41:52 -0700
Cc: Bill Woodcock <woody@pch.net>, ops-nm@ops.ietf.org
Delivery-date: Mon, 25 Jun 2001 16:43:17 -0700
Envelope-to: ops-nm-data@psg.com
User-Agent: Mutt/1.2.5i

Mon, Jun 25, 2001 at 03:46:40PM -0700, R.P. Aditya:
> On Mon, Jun 25, 2001 at 03:28:20PM -0700, Bill Woodcock wrote:
> > I guess I agree, and there are certainly kinds of devices that I like to
> > have menus for, but I also think we need to be careful about making
> > suggestions to vendors which are beyond what we _really really want them
> > to do_, since it may encourage them to invest effort in menu stuff, rather
> > than in a uniform CLI.
> 
> agreed. Do we need to say that everything configurable via any interface
> *must* also be configurable via the CLI?
> 
> > I agree, basically, but think we need a little more discussion.  What
> > you say is definitely correct and important with respect to big iron.
> > What about small boxes, like CPE?  End-users won't have serial cables
> > and terminals, and may really need web access enabled by default.
> 
> It's a really difficult call for CPE -- do they really need multiple user
> levels? 
> 
> I currently have so called "enterprise" equipment that can only be configured
> via SNMPv1 over IP over Ethernet and defaults to having the rw string to
> "public". So how do I soft-boot it when it becomes unreachable over the
> ethernet?  Ugh.
> 
> I would advocate that all configurable network equipment must include an RS232
> (either male-db9 or RJ-45) port for configuration and a cable that connects to
> either male db9 or RJ45. If we could settle on rollover RJ45, that would make
> me weep with joy.
> 
> While talking about hardware-access requirements, what do folks feel about
> "reset to factory default" requirements? or is that out-of-scope?

you mean 'erase config'?  REQUIRED.  as should a way to break into a box
who's password(s) have been forgotten (w/o flipping dipswitches - try
doing that with remote hands).

> >     > The serial console "out-of-band" should always be on.
> > 
> > Specifically, do you mean that it should be on by default when a box
> > comes from the factory (I assume we have consensus on that), or that it
> > should be _impossible to disable_?  I think I'd agree with the latter as
> > well, but it's likely to be more controversial.
> 
> I think at least one management interface should be impossible to disable.
> Serial console seems most appropriate for that.
> 
> > I think this is another reason why we need multiple permissions-levels in
> > the box, so that people won't feel that they need to disable craft ports.
> 
> yes.
> 
> Adi

Prev by Date: Re: Question regarding the scope of the WG
Next by Date: Re: A few potential requirements
Prev by thread: Re: A few potential requirements
Next by thread: Re: A few potential requirements
Index(es):
- Date
- Thread