On 2 Sep 2015, at 2:38, George, Wes wrote:
Often there is a separate management network that can deal with
ethernet
speeds, but it's separate for security reasons and not always as
rigidly
independent from the in band network for connectivity, i.e. It might
be a
VPN riding over the regular network and thus not completely protected
from
the problem you're concerned about.
Sure, or a VRF, or whatever.
While that's not ideal, it's far better than doing management-plane
stuff inband in the production network, though.
And those 2500 console concentrator connections are a great resource to
have when everything goes haywire and you need something that lets you
get to and actually type on the console. I'm not knocking them, and I
understand that old, grandfathered equipment is used for these
applications, and understand that in many cases they're underprovisioned
for flow telemetry.
Which is why using VLANs, VRFs, whatever on the production network gear
is completely understandable, and a lot of folks do just as you say.
-----------------------------------
Roland Dobbins <rdobb...@arbor.net>
