|
|
Subscribe / Log in / New account

Possible alternative: Raspberry Pi + Modem

Possible alternative: Raspberry Pi + Modem

Posted Aug 1, 2014 18:45 UTC (Fri) by dlang (guest, #313)
In reply to: Possible alternative: Raspberry Pi + Modem by kjp
Parent article: The EFF launches a router project

yep, all your security boils down to control over the management server, if you get hold of that you can configure anything to talk to anything else.

convenient if you have a network that changes a lot (like a lab), for a production network I'm not so sure.

to post comments

Possible alternative: Raspberry Pi + Modem

Posted Aug 1, 2014 20:47 UTC (Fri) by raven667 (subscriber, #5198) [Link] (2 responses)

That's in some way the same security problem of any network management plane, there is less fundamental difference between a JunOS or IOS supervisor and a PC running Linux than one might think, in fact most of the modern network gear runs on Linux or FreeBSD, sometimes on re-badged commodity servers, with just an old-timey CLI put on top. Whether you have an SDN controller or management server talking over a network devices or you have a chassis connected to a FEX it is surprisingly similar when you get down to the details. So protecting your management plane, which has traditionally been done with local packet filters/ACLs on the device could be extended into the new designs.

Possible alternative: Raspberry Pi + Modem

Posted Aug 1, 2014 22:10 UTC (Fri) by dlang (guest, #313) [Link] (1 responses)

That is true, but the more you centralize, the more dangerous that control system becomes. With the virtual datacenter you have the same system configuring the switches as is configuring the servers.

As I say, it's nice for highly dynamic environments, but I question the value of it for production networks.

There's also the question of if the dynamically configured switches are going to create unexpected bottlenecks. not a problem on a small network, but a serious concern on a large one.

Possible alternative: Raspberry Pi + Modem

Posted Aug 2, 2014 23:55 UTC (Sat) by bronson (subscriber, #4806) [Link]

Production environments tend to be highly dynamic these days.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds