Re: rack power question
this has been, to me, one of the most fascinating nanog threads in years. at the moment my own datacenter problem is filtration. isc lives in a place where outside air is quite cool enough for server inlet seven or more months out of the year. we've also got quite high ceilings. a 2HP roof fan will move 1 cubic feet per minute. we've got enough make-up air for that. but, the filters on the make-up air have to be cleaned several times a week, and at the moment that's a manual operation. mechanical systems, by comparison, only push 20% make-up air, and the filters seem to last a month or more between maintainance events. i'm stuck with the same question that vexes the U S Army when they send the M1A1 into sandstorms, or that caused a lot of shutdowns in NYC in the days after 9/11: what kind of automation can i deploy that will precipitate the particulates so that air can move (for cooling) and so that air won't bring grit (which is conductive)? -- Paul Vixie
RE: rack power question
Thanks for the spelling it out in more detail. One point I failed to make was that as power consumption and heat/sq.ft increases, the cost to dissipate that heat appears to reach a cost/performance curve which then swings up dramatically. There appears to be a sweet spot where it's cheaper to spread the power consumption/heat dissipation around with more racks than invest in products that solve those density problems. And that sweet spot is a moving target as vendors come up with products to address the density problems. So rather than argue about how much we can pack in, perhaps we should find the number with the maximum cost/benefit for the data center owner/operator, taking into the necessary variables. Previously in the thread the discussion was around identifying the highest number possible. Also, if one designs for the highest density technically possible, they're building an infrastructure that solves expensive power/heat density issues that won't exist for all customers, which translates into higher cost/sq foot when the sales team may only be able to earn prices that are equivalent to those who designed for 75% of their density capabilities. Again, I'm not sure what that upper-level number is, but it's there. Is the solution to segregate the data center into different tiers of low power/heat and those that need higher power/density? Perhaps people shouldn't be selling U's, but selling power consumption and heat dissipation (try and measure that!) and charging a nominal fee for U's. Please feel free to set me straight as I'm rambling on about something I don't know about. =) Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Deepak Jain Sent: Monday, March 24, 2008 10:27 PM Cc: nanog@merit.edu Subject: Re: rack power question While I enjoy hand waving as much as the next guy... reading over this thread, there are several definitions of sq ft (ft^2) here and folks are interchanging their uses whether aware of it or not. 1) sq ft = the amount of sq ft your cabinet/cage sits on. 2) sq ft = the amount of sq ft attributed to your cabinet/cage on the data center floor including aisles and access-ways 3) sq ft = the amount of sq ft attributed to your cabinet/cage on the data center floor including aisles and access-ways and on-the-floor cooling equipment 4) sq ft = the amount of sq ft attributed to your cabinet/cage on the data center floor including aisles and access-ways and on-the-floor cooling equipment AND the amount attributed to your cabinet/cage from the equipment room (UPS, batteries, transformers, etc). The first definition only applies to those renting cabinets. The first/second definitions apply to those renting cabinets and cages with aisles or access-ways in them The first/second/third definitions apply to operators of datacenters within non-datacenter buildings (where datacenter is NOT the entire load in the facility) and renters. All the definitions apply to anyone with a dedicated datacenter space (and equipment room) within a building or a stand-alone datacenter. By rough figuring... A 30KW cabinet while one sounds lovely, a huge amount of space is going to turned over to most or all of a dedicated PCU and 1/15th of the infrastructure of 500KVA UPS (@0.9PF) including batteries, transformers, etc. Assuming power costs and associated maintenance are assigned appropriately to this one cabinet, the amount of square footage associated (definition #4) for that one cabinet changes by less than 30% whether you are going 30KW in one-cabinet or 3KW in each of 10 cabinets. As an owner/operator of very large dedicated data centers for very large customers of all sorts, I can promise you no one is doing datacenters full (500+ cabinets) of 10KW+ (production, not theoretical) each in a dedicated facility with no other uses to lower the average heat demand. Even smaller numbers probably too. Easy caveat: A "datacenter" that is a fraction of a large building (e.g. a 20,000 sq ft data center within a 250,000 sq ft building) can appear to bend these rules because the overall load (by definition #4) is averaged against it. There is simply no economic reason to do so (at scale) -- short of water cooling -- there is a fixed amount of space taken up per unit-ton of air cooling (medium--medium) for heat-rejection. Factor in the premiums associated with the highest density equipment (e.g. blades, PDUs -in-cabinet, etc) and the economics become even clearer. Even ignoring heat rejection, the battery + UPS gear for 500KVA (even with minimal battery times) is approximately the same size (physically) as the 12 cabinets or so it takes to reach that capacity. [same applies for flywheel/kinetic systems] Our friends who do calculus in their heads can already figure out the engineering or business min-max equation to optimize this equation based on a certain level of redundancy, run-time, etc and there aren't multiple answers. (Hint: certain vari
Re: rack power question
While I enjoy hand waving as much as the next guy... reading over this thread, there are several definitions of sq ft (ft^2) here and folks are interchanging their uses whether aware of it or not. 1) sq ft = the amount of sq ft your cabinet/cage sits on. 2) sq ft = the amount of sq ft attributed to your cabinet/cage on the data center floor including aisles and access-ways 3) sq ft = the amount of sq ft attributed to your cabinet/cage on the data center floor including aisles and access-ways and on-the-floor cooling equipment 4) sq ft = the amount of sq ft attributed to your cabinet/cage on the data center floor including aisles and access-ways and on-the-floor cooling equipment AND the amount attributed to your cabinet/cage from the equipment room (UPS, batteries, transformers, etc). The first definition only applies to those renting cabinets. The first/second definitions apply to those renting cabinets and cages with aisles or access-ways in them The first/second/third definitions apply to operators of datacenters within non-datacenter buildings (where datacenter is NOT the entire load in the facility) and renters. All the definitions apply to anyone with a dedicated datacenter space (and equipment room) within a building or a stand-alone datacenter. By rough figuring... A 30KW cabinet while one sounds lovely, a huge amount of space is going to turned over to most or all of a dedicated PCU and 1/15th of the infrastructure of 500KVA UPS (@0.9PF) including batteries, transformers, etc. Assuming power costs and associated maintenance are assigned appropriately to this one cabinet, the amount of square footage associated (definition #4) for that one cabinet changes by less than 30% whether you are going 30KW in one-cabinet or 3KW in each of 10 cabinets. As an owner/operator of very large dedicated data centers for very large customers of all sorts, I can promise you no one is doing datacenters full (500+ cabinets) of 10KW+ (production, not theoretical) each in a dedicated facility with no other uses to lower the average heat demand. Even smaller numbers probably too. Easy caveat: A "datacenter" that is a fraction of a large building (e.g. a 20,000 sq ft data center within a 250,000 sq ft building) can appear to bend these rules because the overall load (by definition #4) is averaged against it. There is simply no economic reason to do so (at scale) -- short of water cooling -- there is a fixed amount of space taken up per unit-ton of air cooling (medium--medium) for heat-rejection. Factor in the premiums associated with the highest density equipment (e.g. blades, PDUs -in-cabinet, etc) and the economics become even clearer. Even ignoring heat rejection, the battery + UPS gear for 500KVA (even with minimal battery times) is approximately the same size (physically) as the 12 cabinets or so it takes to reach that capacity. [same applies for flywheel/kinetic systems] Our friends who do calculus in their heads can already figure out the engineering or business min-max equation to optimize this equation based on a certain level of redundancy, run-time, etc and there aren't multiple answers. (Hint: certain variables drop out as rounding errors). TAANSTAFL, if you are a 1-4 cabinet (or similarly small) use in a larger datacenter (definitions 1-2) by all means shove as much gear as you can in as long as there is no additional power premium. If they are giving you space for power or the premium is too high, take as much space as you can for the amount of power you need -- your equipment and your budgets will thank you. If you are operating a data center without a bigger use in the building to average against, you really don't have many ways to cheat the math here. (e.g. geothermal only provides a delta between definition #3 and #4 and a lower energy premium). Deepak Jain AiNET
Re: Mitigating HTTP DDoS attacks?
On Mon, Mar 24, 2008 at 6:02 PM, Mike Lyon <[EMAIL PROTECTED]> wrote: > > Howdy all, > > So, i'm kind of new to this so please deal with my ignorance. But, > what is common practice these days for HTTP DDoS mitigation during an > attack? You can of course route every offending ip address to null0 at > your border. But, if it's a botnet or trojan or something, It's coming > from numerous different source IPs and Null0 routes can get very > cumbersome. obviously. How do you folk usually deal with this? > > Any input would be greatly appreciated. > > Cheers, > Mike > They're a few companies that specialize in "DDOS protection type services" one company that comes to mind is Prolexic and their IPN infrastructure protection service. Prolexic will basically absorbs all attacks filter out the bad data and then deliver clean traffic back to your network. Its completly transparent to you're clients. Its not cheap but i've worked with a few internet based trading companies who used this service to litigate DDOS attacks on their network infrastructure. -- [ Rodrick R. Brown ] http://www.rodrickbrown.com http://www.linkedin.com/in/rodrickbrown
Re: rack power question
On Mon, Mar 24, 2008 at 8:46 PM, Justin M. Streiner <[EMAIL PROTECTED]> wrote: > > While there are certainly customers out there who think along these lines, > most of the enterprise customers I've run across in the past who would be > in the market for data center colo would just as soon play the how-many- > servers-can-i-jam-into-this-rack game, which is one part of the > how-many-racks-can-i-jam-into-this-cage game for some folks... > > You might get some traction with the responsible deployment angle, but I > could only guess at how much traction... Speaking as one who used to play both of those games, it's a hard habit to break. The folks paying the bills don't like to see empty space, because they translate that into wasted $$'s. It's especially difficult when trying to justify building out an additional cage (or making the one you have bigger if there's empty adjacent space) because your current one is at max kva per ft^2 - but has physical room for several more racks. The trick for us was getting enough management clue in place to where you (gasp!) plan ahead for your power needs first and make raw ft^2 the secondary concern. --D
Re: Mitigating HTTP DDoS attacks?
Mike Lyon wrote: So, i'm kind of new to this so please deal with my ignorance. But, what is common practice these days for HTTP DDoS mitigation during an attack? You can of course route every offending ip address to null0 at your border. But, if it's a botnet or trojan or something, It's coming from numerous different source IPs and Null0 routes can get very cumbersome. obviously. How do you folk usually deal with this? Depends a lot on the size of the network. If it's more than a few colos I highly recommend Arbor Peakflow (http://www.arbornetworks.com/). Not cheap but it works and scales well. -- Roger Marquis Roble Systems Consulting http://www.roble.com/
RE: rack power question
On Mon, 24 Mar 2008, Frank Bulk - iNAME wrote: So perhaps the question isn't so much how many kW's I can pack into a 42U rack, but for the data center designer, what's the best price point if real estate is not a significant issue. Or to say it another way, what kW density per rack will give me the lowest priced capital and operating cost per square foot. Does it really matter if you can only offer 5kW/rack if you can price it at 80% of the guy who can sells a 10kW/rack product? Or is this a tough point for the sales person to make? While there are certainly customers out there who think along these lines, most of the enterprise customers I've run across in the past who would be in the market for data center colo would just as soon play the how-many- servers-can-i-jam-into-this-rack game, which is one part of the how-many-racks-can-i-jam-into-this-cage game for some folks... You might get some traction with the responsible deployment angle, but I could only guess at how much traction... jms
RE: rack power question
So perhaps the question isn't so much how many kW's I can pack into a 42U rack, but for the data center designer, what's the best price point if real estate is not a significant issue. Or to say it another way, what kW density per rack will give me the lowest priced capital and operating cost per square foot. Does it really matter if you can only offer 5kW/rack if you can price it at 80% of the guy who can sells a 10kW/rack product? Or is this a tough point for the sales person to make? Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Butler Sent: Sunday, March 23, 2008 12:11 PM To: nanog@merit.edu Subject: RE: rack power question There comes a point where you cant physically transfer the energy using air any more - not less you wana break the laws a physics captin (couldn't resist sorry) - to your DX system, gas, then water, then in rack (expensive) cooling, water and CO2. Sooner or later we will sink the hole room in oil, much like they use to do with Cray's. Alternatively we might need to fit the engineers with crampons, climbing ropes and ice axes to stop them being blown over by the 70 mph winds in your datacenter as we try to shift the volumes of area necessary to transfer the energy back to the HVAC for heat pump exchange to remote chillers on the roof. In my humble experience, the problems are 1> Heat, 2> Backup UPS, 3> Backup Generators, 4> LV/HV Supply to building. While you will be very constrained by 4 in terms of upgrades unless spending a lot of money to upgrade - the practicalities of 1,2&3 mean that you will have spent a significant amount of money getting to the point where you need to worry about 4. Given you are not worried about 1, I wonder about the scale of the application or your comprehension of the problem. The bigger trick is planning for upgrades of a live site where you need to increase Air con, UPS and Generators. Economically, that 10,000KW of electricity has to be paid for in addition to any charge for the rack space. Plus margined, credit risked and cash flowed. The relative charge for the electricity consumption - which has less about our ability to deliver and cool it in a single rack versus the cost of having four racks in a 2,500KW datacenter and paying for the same amount of electric. Is the racking charge really the significant expense any more. For the sake of argument, 4 racks at £2500 pa in a 2500KW datacenter or 1 rack at £10,000 pa in a 1KW datacenter - which would you rather have? Is the cost of delivering (and cooling) 1KW to a rack more or less than 400% of the cost of delivering 2500KW per rack. I submit that it is more that 400%. What about the hardware - per mip / cpu horse power am I paying more or less in a conventional 1U pizza box format or a high density blade format - I submit the blades cost more in Capex and there is no opex saving. What is the point having a high density server solution if I can only half fill the rack. I think the problem is people (customers) on the whole don't understand the problem and they can grasp the concept of paying for physical space, but cant wrap their heads around the more abstract concept of electricity consumed by what you put in the space and paying for that to come up with a TCO for comparisons. So they simply see the entire hosting bill and conslude they have to stuff as many processors as possible into the rack space and if that is a problem is is one for the colo facility to deliver at the same price. I do find myself increasingly feeling that the current market direction is simply stupid and had far to much input from sales and marketing people. Let alone the question of is the customers business efficient in terms of the amount of CPU compute power required for their business to generate 1$ of customer sales/revenue. Just because some colo customers have cr*ppy business models delivering marginal benefit for very high computer overheads and an inability to pay for things in a manner that reflects their worth because they are incapable of extracting the value from them. Do we really have to drag the entire industry down to the lowest common denominator of f*ckwit. Surly we should be asking exactly is driving the demand for high density computing and in which market sectors and is this actually the best technical solution to solve them problem. I don't care if IBM, HP etc etc want to keep selling new shiny boxes each year because they are telling us we need them - do we really? ...? Kind Regards Ben -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 23 March 2008 02:34 To: Patrick Giagnocavo Cc: [EMAIL PROTECTED] Subject: Re: rack power question
Re: Mitigating HTTP DDoS attacks?
On Mar 25, 2008, at 8:10 AM, Frank Bulk - iNAME wrote: In any case, it's reactive. Several SPs (quite a few, actually) are offering DDoS mitigation services based upon a variety of tools and techniques, and with various pricing models. Some provide the service for their own transit/hosting/colo customers, and some provide it as an OTT/overlay service. --- Roland Dobbins <[EMAIL PROTECTED]> // +66.83.266.6344 mobile It doesn't pay to dispute what you know to be true. -- Fred Reed
RE: Mitigating HTTP DDoS attacks?
There are also companies with whom you can contract for this service. It's my understanding that if you have a problem they will help you mitigate it. I'm not sure if they require some specific DDoS gear or if they are able to take advantage of their customer's gear to address the issue. In any case, it's reactive. Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Lyon Sent: Monday, March 24, 2008 5:02 PM To: NANOG Subject: Mitigating HTTP DDoS attacks? Howdy all, So, i'm kind of new to this so please deal with my ignorance. But, what is common practice these days for HTTP DDoS mitigation during an attack? You can of course route every offending ip address to null0 at your border. But, if it's a botnet or trojan or something, It's coming from numerous different source IPs and Null0 routes can get very cumbersome. obviously. How do you folk usually deal with this? Any input would be greatly appreciated. Cheers, Mike
Re: Mitigating HTTP DDoS attacks?
On Mon, Mar 24, 2008 at 11:34:58PM +, Paul Vixie wrote: > > i only use or recommend operating systems that have their own host based > firewalls. soon that will mean pf (from openbsd but available on freebsd) > but right now that means ipfw. ipfw has a "table" construct which uses a > data structure similar to the kernel's routing table. with a little bit > of tuning, and using X86_64 to get more kernel memory map space than I386, > i've listed every member of 60K-node botnets in a table whose only use is > "if a SYN comes from here, silently drop it with no ICMP response". with > more tuning work, a 200K-node botnet would pose no problem. we populate > these tables with a perl script that watches the apache server's logfiles. Even on an untuned fbsd i386, I had success with an ipfw table with well over 1e6 entries. What finally broke was doing a table list, possibly because the command prints in sorted order. No performance problems were observed at my limited volume of perhaps 3 hits per day. -- Barney Wolff I never met a computer I didn't like.
Re: Mitigating HTTP DDoS attacks?
Paul Vixie wrote: i only use or recommend operating systems that have their own host based firewalls. soon that will mean pf (from openbsd but available on freebsd) pf's tables are nifty too btw :) pfsense, which is FreeBSD + pf, also has a port of snort IDS available. Provided the OP has a signature of the attack he can match on, there's a wholly open-source solution (I know snort can be configured inline to drop packets on a filtering bridge, but of course you've got the problems of half-open connections accumulating as well as the potential for migration to https).
Re: Mitigating HTTP DDoS attacks?
[EMAIL PROTECTED] ("Mike Lyon") writes:
> So, i'm kind of new to this so please deal with my ignorance.
:-). on the internet, everybody's new to everything since it's all
changing every day. if anybody grumps at you for your ignorance, or
says "i can't type that into an IOS prompt" then the fault is theirs.
> But, what is common practice these days for HTTP DDoS mitigation during
> an attack? You can of course route every offending ip address to null0 at
> your border. But, if it's a botnet or trojan or something, It's coming
> from numerous different source IPs and Null0 routes can get very
> cumbersome. obviously. How do you folk usually deal with this?
i only use or recommend operating systems that have their own host based
firewalls. soon that will mean pf (from openbsd but available on freebsd)
but right now that means ipfw. ipfw has a "table" construct which uses a
data structure similar to the kernel's routing table. with a little bit
of tuning, and using X86_64 to get more kernel memory map space than I386,
i've listed every member of 60K-node botnets in a table whose only use is
"if a SYN comes from here, silently drop it with no ICMP response". with
more tuning work, a 200K-node botnet would pose no problem. we populate
these tables with a perl script that watches the apache server's logfiles.
--
Paul Vixie
Re: Mitigating HTTP DDoS attacks?
On Mar 25, 2008, at 6:18 AM, Tim Yocum wrote: If you're running Apache, you may also investigate mod_evasive, and in the case of exploits, mod_security. mod_evasive and mod_security are definitely recommended, good point. And a good relationship with your peers/upstreams/customers/vendors is also key, so that you can get assistance when you need it. --- Roland Dobbins <[EMAIL PROTECTED]> // +66.83.266.6344 mobile It doesn't pay to dispute what you know to be true. -- Fred Reed
Re: Mitigating HTTP DDoS attacks?
On Mon, Mar 24, 2008 at 5:18 PM, Roland Dobbins <[EMAIL PROTECTED]> wrote: > There are devices available today from different vendors (including > Cisco, full disclosure) which are intelligent DDoS-'scrubbers' and > which can deal with more sophisticated types of attacks at layer-7, > including HTTP and DNS. S/RTBH is also an option, keeping in mind > some of the caveats you mentioned (staying mindful of attacking hosts > behind proxies, botted hosts of legit customers, et. al.). Citrix (Netscaler), F5 (BIG-IP), and as Roland mentioned, Cisco, all offer varying levels of security for the content layer. If you're running Apache, you may also investigate mod_evasive, and in the case of exploits, mod_security. Naturally, your ability to filter and contain the attack with software is going to be limited by the host hardware, so it's best to take a layered approach to mitigating various attacks you face. Also important to be aware of your network architecture lest you find yourself with DDoS bits clogging the pipes just before your (expensive) defenses. :-) - Tim
Re: Mitigating HTTP DDoS attacks?
On Mar 25, 2008, at 5:02 AM, Mike Lyon wrote: Any input would be greatly appreciated. There are devices available today from different vendors (including Cisco, full disclosure) which are intelligent DDoS-'scrubbers' and which can deal with more sophisticated types of attacks at layer-7, including HTTP and DNS. S/RTBH is also an option, keeping in mind some of the caveats you mentioned (staying mindful of attacking hosts behind proxies, botted hosts of legit customers, et. al.). --- Roland Dobbins <[EMAIL PROTECTED]> // +66.83.266.6344 mobile It doesn't pay to dispute what you know to be true. -- Fred Reed
Re: Looking for Clue at Earthlink
At 05:31 PM 3/24/2008, Barry Shein wrote: > Specifically, the issue relates to the servers in 209.86.89.0/24, in > case anyone here is already aware of an issue with the servers in > this block and can help. Do you mean how they're pwned and just spew dictionary attacks? No, that's a problem that I've given up on trying to solve. Unfortunately, those servers also occasionally send some legitimate email, and my customers want to receive that, so not receiving email from those servers is actually a problem despite the welcome respite from Earthlink spam... I figured out that the problem has to do with their servers being very impatient and not wanting to wait for mine to check the RBLs. Which is, of course, pretty ironic considering how much spam they spew. You'd think that their servers would shuffle the mail off to another, more tolerant server, but instead the same server just keeps retrying it with the same aggressive timeout... *sigh* Seems as if over the past decade Earthlink and AOL have nearly traded places!
Mitigating HTTP DDoS attacks?
Howdy all, So, i'm kind of new to this so please deal with my ignorance. But, what is common practice these days for HTTP DDoS mitigation during an attack? You can of course route every offending ip address to null0 at your border. But, if it's a botnet or trojan or something, It's coming from numerous different source IPs and Null0 routes can get very cumbersome. obviously. How do you folk usually deal with this? Any input would be greatly appreciated. Cheers, Mike
Re: Looking for Clue at Earthlink
On March 24, 2008 at 11:19 [EMAIL PROTECTED] (Rob Szarka) wrote: > > > If someone here is from Earthlink, or knows someone who is, please > get in touch with me off-list. I have a mail-related issue to > resolve. (Sadly the ARIN-listed contact is not valid and mail to > postmaster seems to go into the same black hole as mail to abuse.) > > Specifically, the issue relates to the servers in 209.86.89.0/24, in > case anyone here is already aware of an issue with the servers in > this block and can help. Do you mean how they're pwned and just spew dictionary attacks? It comes and goes tho mostly comes. Mar 24 17:09:37 pcls5 sendmail[23040]: NOUSER: kprice5 relay=elasmtp-junco.atl.sa.earthlink.net [209.86.89.63] Mar 24 17:18:19 pcls5 sendmail[4351]: accept: 25 elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:30 pcls5 sendmail[4351]: NOUSER: kpm relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:33 pcls5 sendmail[4351]: NOUSER: kpm1 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:36 pcls5 sendmail[4351]: NOUSER: kpm10 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:39 pcls5 sendmail[4351]: NOUSER: kpm2 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:42 pcls5 sendmail[4351]: NOUSER: kpm3 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:24:41 pcls5 sendmail[13117]: accept: 25 elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:24:51 pcls5 sendmail[13117]: NOUSER: kpr relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:24:54 pcls5 sendmail[13117]: NOUSER: kpr1 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:24:57 pcls5 sendmail[13117]: NOUSER: kpr10 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:25:00 pcls5 sendmail[13117]: NOUSER: kpr2 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:25:03 pcls5 sendmail[13117]: NOUSER: kpr3 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: rack power question
Here's another project which has dubbed themselves "teraflops from milliwatts" which I believe is shipping iron. I have no first-hand experience with their products: http://www.sicortex.com/ -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: 10GE router resource
Joel Snyder wrote: >>> Also I'd love to hear recommendatios for "budget" 10GE >>> routers. The "budget" router would be used to hook up >>> client networks through one 10GE interface and connect >>> to different transit providers through two 10GE >>> interfaces. If you don't need BGP-ish power, David Newman just published his test of 10GigE switches today in Network World. He was focusing mostly on switching in the enterprise, but he has a variety of other performance metrics and results which may be helpful: http://www.networkworld.com/reviews/2008/032408-switch-test.html?t51hb The author's specifications eliminated Cisco's 4900M from the competition. That not unexpected though since it was a evaluation of access switches w/ 10G uplinks. The 4900M has 8 on-board 10G interfaces and expansion modules that can carry 8 more (not oversubscribed) or 16 (oversubscribed). It has has GigE support via TwinGig modules in the expansion module bays. It also has a 320Gbps backplane and can handle up to 200k v4 routes. It's an impressive little switch if you need 10G aggregation. It can't handle a full table of course but it still has a lot of use. No MPLS options. It's based on the 4500's Sup 6-E. http://www.cisco.com/en/US/products/ps9310/index.html The base unit starts at $16k. Justin
Re: 10GE router resource
>>> Also I'd love to hear recommendatios for "budget" 10GE >>> routers. The "budget" router would be used to hook up >>> client networks through one 10GE interface and connect >>> to different transit providers through two 10GE >>> interfaces. If you don't need BGP-ish power, David Newman just published his test of 10GigE switches today in Network World. He was focusing mostly on switching in the enterprise, but he has a variety of other performance metrics and results which may be helpful: http://www.networkworld.com/reviews/2008/032408-switch-test.html?t51hb jms -- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Senior Partner, Opus One Phone: +1 520 324 0494 [EMAIL PROTECTED]http://www.opus1.com/jms
Re: 10GE router resource
> From: Mark Tinka <[EMAIL PROTECTED]> > Date: Mon, 24 Mar 2008 19:12:57 +0800 > Sender: [EMAIL PROTECTED] > > On Monday 24 March 2008, user user wrote: > > > Hi everybody! > > Hello. > > > Also I'd love to hear recommendatios for "budget" 10GE > > routers. The "budget" router would be used to hook up > > client networks through one 10GE interface and connect > > to different transit providers through two 10GE > > interfaces. > > Today, from Cisco, the smallest router you'll get a 10Gbps > Ethernet port on is the Cisco ASR1000 series. Mind you, > though, FCS for this box isn't until about May. Also, this > box is oversubscribed as the current switch fabric is > 10Gbps. > > From Juniper, the smallest M-series box you'll get the same > port on is the M120 platform. > > You could also look at smaller switches from both vendors, > but if you plan on taking full BGP feeds from your upstream > providers, this might be an issue. Depending on how the box will be used, Foundry is probably the cheapest, followed by Force10. Since yo will be connecting to two transit providers, you probably need the full routing table, but if you don't need full routes, the new Juniper EX8200 looks like an option. It is limited to about 12K routes in the FIB. It's not shipping at this time and I don't know when FSR is scheduled. Note that F10 does not do MPLS and neither F10 or Foundry has the software stability of either C or J, so you will need to look closely at exactly the features needed. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 pgp1RIp462wmu.pgp Description: PGP signature
ARIN & CAIDA IPv6 Survey Is Now Closed
ARIN wishes to thank the 300+ people who completed the IPv6 survey. CAIDA will analyze the results and present them on 7 April during the ARIN XXI Public Policy Meeting in Denver. The results will be posted on the ARIN website in the IPv6 Information Center and on the IPv6 wiki at www.getipv6.info. ARIN thanks NANOG for the opportunity to announce the survey on its mailing list and appreciates the participation by many in the operator community. When available, ARIN will post a link to the survey results on the NANOG mailing list. Regards, Member Services American Registry for Internet Numbers (ARIN)
Looking for Clue at Earthlink
If someone here is from Earthlink, or knows someone who is, please get in touch with me off-list. I have a mail-related issue to resolve. (Sadly the ARIN-listed contact is not valid and mail to postmaster seems to go into the same black hole as mail to abuse.) Specifically, the issue relates to the servers in 209.86.89.0/24, in case anyone here is already aware of an issue with the servers in this block and can help. -- Rob Szarka, Bizgrok Inc. http://bizgrok.com/ 860-887-5600 800-954-INET
Re: 10GE router resource
On Monday 24 March 2008, user user wrote: > Hi everybody! Hello. > Also I'd love to hear recommendatios for "budget" 10GE > routers. The "budget" router would be used to hook up > client networks through one 10GE interface and connect > to different transit providers through two 10GE > interfaces. Today, from Cisco, the smallest router you'll get a 10Gbps Ethernet port on is the Cisco ASR1000 series. Mind you, though, FCS for this box isn't until about May. Also, this box is oversubscribed as the current switch fabric is 10Gbps. From Juniper, the smallest M-series box you'll get the same port on is the M120 platform. You could also look at smaller switches from both vendors, but if you plan on taking full BGP feeds from your upstream providers, this might be an issue. Cheers, Mark. signature.asc Description: This is a digitally signed message part.
10GE router resource
Hi everybody! I find myself in the market for some 10GE routers. As I don't buy these everyday, I was wondering if any of you guys had any good resources for evaluating different vendors and models. I'm mainly thinking about non-vendor resources as the vendorspeak sites are not that hard to find. Also I'd love to hear recommendatios for "budget" 10GE routers. The "budget" router would be used to hook up client networks through one 10GE interface and connect to different transit providers through two 10GE interfaces. - Zed Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs
