jgp@harn.ceas.rochester.edu (Jim Prescott) writes:
> Our network topology rarely changes and when it does there is almost
> always prior notice and an expectation of at least some service
> interuption.
>
> For simple, relatively static networks I see having to edit a config
> file preferable and more secure than a constantly running root priv'ed
> daemon that listens to the network for routing info.

You can enable authentication if security is an issue there. Does
that mean you don't run name services such as DNS, because those can
be spoofed? What about ARP?

Or is it just the concern that in.routed runs as root and receives
packets -- and thus we had to be very careful in design and testing to
make sure it can't be compromised? If that's the issue, then it could
be run on S10 with limited privileges, but I suppose I see your point.

--
James Carlson, KISS Network <james.d.carlson@sun.com>
Sun Microsystems / 1 Network Drive 71.234W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.497N Fax +1 781 442 1677