From: Daniel Sheedy (dansheedy@gmail.com)
Date: Sat Mar 12 2005 - 06:17:54 GMT-3
Hi Pat,
In the end, we all have some favourite commands we like to stick into all of
our day to day configs. However, just blindly going ahead and putting them
in can add another layer of complication to the whole config.
For example, as a matter of habit, i also turn off http access. In my
opinion... if they can't use the command line, then they have no business
accessing the router/switch. But then I had a question in a test lab that
involved passworded access to the http level. I lost the points, because of
my habit of turning off something automatically.
So... if you aren't asked to do it explicitly, think twice before adding
something else to your config. Will it affect something further on? Will
not adding it affect something further on?
So, unfortunately, like most questions... the answer is really, it all
depends. But thats half the fun, gaining that insight! :)
Dan Sheedy
----- Original Message -----
From: "Pat Chui" <cui666@gmail.com>
To: "Daniel Sheedy" <dansheedy@gmail.com>
Cc: <ccielab@groupstudy.com>
Sent: Friday, March 11, 2005 10:14 PM
Subject: Re: Encryption and QOS (should be: iBGP loopback)
> Daniel,
> Thanks, I understood the technical aspect of my question.
> I guess if I asked the questions in another way: would you use some
> common practices like using LP as iBGP neighbor id's whenever
> applicable? most people would say "no" per KISS rule. one can
> optimize the network they build in the lab, but without points reward,
> it would be worthless effort.
>
> Pat
>
>
> On Fri, 11 Mar 2005 21:35:06 +0100, Daniel Sheedy <dansheedy@gmail.com>
> wrote:
>> Hi Pat,
>>
>> Rather than asking how, I think the question better asked here is... why?
>>
>> Why would we want to use a loopback address to peer with? Basically, to
>> provide an IP address that won't change, even if the path to the router
>> does
>> change. ie.. Serial line collapses, but the ISDN suddenly pops up.
>> Therefore, the peering starts again, over the new path.
>>
>> So, instead of rushing off and using loopbacks all the time, ask the
>> simple
>> question...
>> If the link goes down, that BGP is established over, is there another
>> route
>> going to be available? If not.. then there is no point to setting up
>> peering with loopbacks.
>> If another route will be available, then you will need to pick an IP
>> address
>> that will aways be available, like the loopback IP addresses. Then we
>> have
>> to make sure that the loopbacks are known to the other side as well...
>> but
>> thats another story.
>>
>> hth
>>
>> Dan Sheedy
>>
>> ----- Original Message -----
>> From: "Pat Chui" <cui666@gmail.com>
>> To: <ccielab@groupstudy.com>
>> Sent: Friday, March 11, 2005 8:12 PM
>> Subject: Re: Encryption and QOS
>>
>> > Hi, Group
>> >
>> > Do you define a loopback for iBGP sessions? it's a common practice in
>> > production networks, but in ccie lab, is it worthwhile to configure
>> > the loopback for the purpose? and if not, do you just randomly pickup
>> > ip addresses on the neighbor routers?
>> >
>> > TIA
>> > Pat
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:45 GMT-3