On 03/09/2012 10:27 AM, David Harrington wrote:
> Hi,
>
> I am not sure what proposal you are referring to.
> I know multicast SNMP for discovery was proposed quite a few years ago,
> but multicast SNMP would depend on the non-secure nature of SNMPv1 and a
> well-known community string. This is at odds with the IETF declaring
> SNMPv1 Historic and not recommended.
>
> The multicast approach won't work with the built-in SNMPv3 security, and
> to my knowledge all effort to do this (at least in IETF) was dropped
> precipitously.
> Hopefully, nobody is seriously considering this approach again, if it
> builds on SNMPv1.
I was just observing comments I came across in code being used for
printer discovery.
That doesn't mean SNMP multicast is actually used significantly; it's
mostly an example of another protocol that *could* cause trouble when we
route rather than bridge everything inside the home. Having
(apparently) demonstrated (we hope) that mDNS doesn't really present a
major problem by implementation, I still have concerns if there are
other protocols that matter that we'll have to worry about to get rid of
the bridging horror we face today.
I have *no* information that makes me think it's a *real* problem as
yet, and see no way to do so before having running code in the hands of
probably thousands of testers. At the moment, we have code in the
hands of testers of the fingers on one or two hands.... More testers
would be welcome....
I am encouraging everyone to think about potential problems that might
be caused by other multicast protocols that may be in use; knowing
sooner rather than later would be nice ;-).
And thanks for the details about SNMP, they are indeed reassuring.
- Jim
On 3/9/12 9:38 AM, "Jim Gettys" <[email protected]> wrote:
>> On 03/08/2012 11:42 PM, Livingood, Jason wrote:
>>> I think that E2E into the home for SNMP is perhaps one of the
>>> things that would motivate an ISP to support homenet.
>>>
>>>
>>> E2E network management and/or monitoring, yes. SNMP, at least on a
>>> public interface, maybe not so much. We may be entering a phase where
>>> ISPs consider blocking TCP/UDP 161.
>>>
>>> The reason is that SNMP is becoming more and more widely abused. I
>>> still have no idea why for example (1) some gear ships with public as
>>> the default string and the daemon running by default as such, (2) some
>>> gear does not present the user with an interface to turn off SNMP or
>>> change the community string at all (so you may be stuck with
>>> on/public).
>>>
>>> So maybe on SNMP, tread carefully. ;-)
>>>
>> Just to make it clear, I was worrying about the possible use of
>> multicast to *discover* SNMP devices, and routing versus bridging where
>> the multicast packet might need forwarding to other networks in the
>> hime, not SNMP in general. I had noted its possible use to *discover*
>> printers to initially configure them.
>> - Jim
>>
>> _______________________________________________
>> homenet mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/homenet
>
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
