Re: 4 or smaller digit ASNs

[Mel Beckman]

James,

As far as I know, you can't buy an existing ASN for any amount of money. You 
can buy the company that owns it, but that seems like boiling tea with a 
blowtorch.

I sincerely doubt there are unused low-number ASNs, but you could always ask 
ARIN.

I'm curious what your client's rationale is for wanting a low ASN. It can't be 
efficiency, since the numbers all take the same number of bits ultimately. If 
they just like small numbers, I'd advise them to forget it -- life is too 
short. If they have a real technical reason that nobody has foreseen (or at 
least I haven't foreseen), I'd love to hear it.


 -mel beckman

> On Oct 11, 2017, at 10:01 PM, James Breeden  wrote:
> 
> Hello NANOG...
> 
> I have a client interested in picking up a new AS number but they really want 
> it to be 3 or 4 digits in length.
> 
> Is there a process to request this from ARIN, or doss anyone know of unused 
> ASns fitting this that anyone is looking to sell for some quick cash?
> 
> Thanks!
> James
> 
> 
> 
> 
> Sent via the Samsung Galaxy S7 active, an AT 4G LTE smartphone

4 or smaller digit ASNs

[James Breeden]

Hello NANOG...

I have a client interested in picking up a new AS number but they really want 
it to be 3 or 4 digits in length.

Is there a process to request this from ARIN, or doss anyone know of unused 
ASns fitting this that anyone is looking to sell for some quick cash?

Thanks!
James




Sent via the Samsung Galaxy S7 active, an AT 4G LTE smartphone

Re: replacing compromised biometric authenticators

[Wayne Bouchard]

I agree that multiple levels are best and, for the moment, I'd frankly
be hesitant to give anything like finger print data since one can
never change that and the harm of it getting loose can not yet be
determined. (Not that the data being taken by these scanners is
necessarily all that grandiose.)

I also would accept a facility that did something like handscan and
pin to access the lobby/security desk and keycard or fob to move
around once inside along with scan in/scan out enforcement. (No tail
gating.)

I've never really been keen on relying on biometrics though. The
handscanners can be convenient for not having to carry anything around
but when all is said and done, they are really not all that much
better than just a keycard.

-Wayne

On Wed, Oct 11, 2017 at 04:10:51PM -0500, Matt Harris wrote:
> I would definitely not say that it is current best practice not to deploy
> biometrics.  As part of a holistic approach, biometric systems can improve
> security greatly.  As a singular approach, using it as a single factor for
> authentication and authorization of access/actions, it's as terrible an
> idea as any other.  The difficult of passing a high-quality biometric
> authentication system, even knowing its success conditions, is
> non-trivial.  The good ones check for basic signs of life, as well, so
> simply cutting off someone's hand and trying to use it would fail, for
> example.  There are, of course, cheap biometric systems that are not as
> good, and ymmv depending on what and how you deploy biometrics.  Taking the
> specific threat level you're up against is always relevant.
> 
> All of the facilities I have in production have a three factor approach to
> access - "something you know, something you have, and something you are."
>  Biometrics being the latter, plus a badge or dongle, and a four digit
> code.  None of my production facilities can be access without all three.
> 
> Take care,
> Matt
> 
> 
> On Wed, Oct 11, 2017 at 4:04 PM, Ken Chase  wrote:
> 
> > (forking the thread here..)
> >
> > Biometrics are still the new hotness out in North America. Cologix whom I
> > deal
> > with in Canada has a dozen and a half odd POPs in canada/usa and I think
> > has
> > fingerprinting at all sites.
> >
> > If the current best operating practice is to avoid biometrics, why are they
> > still in use out here? Has anyone gotten the message? Is anyone in North
> > America
> > ripping them out yet?
> >
> > Other factors include your country's privacy regulations for storing
> > irreplaceable personal information, the burden of which might not be worth
> > the security 'benefit'.
> >
> > /kc
> >
> >
> > On Wed, Oct 11, 2017 at 04:46:02PM -0400, William Herrin said:
> >   >On Wed, Oct 11, 2017 at 4:32 PM, J??rg Kost  wrote:
> >   >
> >   >> Do you guys still at least have biometric access control devices at
> > your
> >   >> Level3 dc? They even removed this things at our site, because there
> > is no
> >   >> budget for a successor for the failing unit. And to be consistent,
> > they
> >   >> event want to remove all biometric access devices at least across
> > Germany.
> >   >>
> >   >
> >   >Hi  J??rg,
> >   >
> >   >IMO, biometric was a gimmick in the first place and a bad idea when
> >   >carefully considered. All authenticators can be compromised. Hence, all
> >   >authenticators must be replaceable following a compromise. If one of
> > your
> >   >DCs' palm vein databases is lost, what's your plan for replacing that
> > hand?
> >   >
> >   >Regards,
> >   >Bill Herrin
> >   >
> >   >
> >   >--
> >   >William Herrin  her...@dirtside.com  b...@herrin.us
> >   >Dirtside Systems . Web: 
> >
> > --
> > Ken Chase - m...@sizone.org Guelph Canada
> >
> 
> 
> 
> -- 
> Matt Harris - Chief Security Officer
> Main: +1 855.696.3834 ext 103
> Mobile: +1 908.590.9472
> Email: m...@netfire.net

---
Wayne Bouchard
w...@typo.org
Network Dude
http://www.typo.org/~web/

Re: Temp at Level 3 data centers

[Chuck Anderson]

Install an air conditioner in your rack.

On Wed, Oct 11, 2017 at 02:39:19PM -0500, Andrew Latham wrote:
> David
> 
> The issue has several components and is vendor agnostic.
> 
> Set Point: The systems are specifically set at a temperature
> Capacity Ability: The systems can maintain a temperature
> Customer Desire: What you expect from sales promises.
> Sales Promise: What they might carefully avoid promising.
> 
> I suggest you review your SLA and discuss with legal asap. You could have a
> document defining your question's answer already but it sits in a filing
> cabinet file labeled business continuity.
> 
> If the set point is X then they likely would answer quickly that that is
> the case.
> If the capacity is lacking then they would likely redirect the issue.
> If they don't care about the customer that alone should be an indicator
> If a promise exists in the SLA then the ball is in your court
> 
> >From the emails I fear that we have confirmed that this is normal. So your
> question "Is the temperature at Level 3 Data Centers normally in the 80-90F
> range?" sounds like a Yes.
> 
> Regardless of the situation always ask for names, titles, and ask vendors
> to repeat critical information like the status of cooling in a building
> designed to deal with cooling. Keep the vendors that do it well.
> 
> 
> 
> On Wed, Oct 11, 2017 at 7:31 AM, David Hubbard <
> dhubb...@dino.hostasaurus.com> wrote:
> 
> > Curious if anyone on here colo’s equipment at a Level 3 facility and has
> > found the temperature unacceptably warm?  I’m having that experience
> > currently, where ambient temp is in the 80’s, but they tell me that’s
> > perfectly fine because vented tiles have been placed in front of all
> > equipment racks.  My equipment is alarming for high temps, so obviously not
> > fine.  Trying to find my way up to whomever I can complain to that’s in a
> > position to do something about it but it seems the support staff have been
> > told to brush questions about temp off as much as possible.  Was wondering
> > if this is a country-wide thing for them or unique to the data center I
> > have equipment in.  I have equipment in several others from different
> > companies and most are probably 15-20 degrees cooler.
> >
> > Thanks,
> >
> > David

Re: Temp at Level 3 data centers

[Baldur Norddahl]

Den 11. okt. 2017 22.47 skrev "William Herrin" :

On Wed, Oct 11, 2017 at 4:32 PM, Jörg Kost  wrote:

> Do you guys still at least have biometric access control devices at your
> Level3 dc? They even removed this things at our site, because there is no
> budget for a successor for the failing unit. And to be consistent, they
> event want to remove all biometric access devices at least across Germany.
>

Hi  Jörg,

IMO, biometric was a gimmick in the first place and a bad idea when
carefully considered. All authenticators can be compromised. Hence, all
authenticators must be replaceable following a compromise. If one of your
DCs' palm vein databases is lost, what's your plan for replacing that hand?


Basic two or three factor authentication: something that you know
(password), something that you are (biometric) and something that you have
(access card).

You can tell your password to a coworker but he can not borrow your hand.
Hence you need both. The password is the replaceable part.

Re: replacing compromised biometric authenticators

[Matt Harris]

I would definitely not say that it is current best practice not to deploy
biometrics.  As part of a holistic approach, biometric systems can improve
security greatly.  As a singular approach, using it as a single factor for
authentication and authorization of access/actions, it's as terrible an
idea as any other.  The difficult of passing a high-quality biometric
authentication system, even knowing its success conditions, is
non-trivial.  The good ones check for basic signs of life, as well, so
simply cutting off someone's hand and trying to use it would fail, for
example.  There are, of course, cheap biometric systems that are not as
good, and ymmv depending on what and how you deploy biometrics.  Taking the
specific threat level you're up against is always relevant.

All of the facilities I have in production have a three factor approach to
access - "something you know, something you have, and something you are."
 Biometrics being the latter, plus a badge or dongle, and a four digit
code.  None of my production facilities can be access without all three.

Take care,
Matt


On Wed, Oct 11, 2017 at 4:04 PM, Ken Chase  wrote:

> (forking the thread here..)
>
> Biometrics are still the new hotness out in North America. Cologix whom I
> deal
> with in Canada has a dozen and a half odd POPs in canada/usa and I think
> has
> fingerprinting at all sites.
>
> If the current best operating practice is to avoid biometrics, why are they
> still in use out here? Has anyone gotten the message? Is anyone in North
> America
> ripping them out yet?
>
> Other factors include your country's privacy regulations for storing
> irreplaceable personal information, the burden of which might not be worth
> the security 'benefit'.
>
> /kc
>
>
> On Wed, Oct 11, 2017 at 04:46:02PM -0400, William Herrin said:
>   >On Wed, Oct 11, 2017 at 4:32 PM, J??rg Kost  wrote:
>   >
>   >> Do you guys still at least have biometric access control devices at
> your
>   >> Level3 dc? They even removed this things at our site, because there
> is no
>   >> budget for a successor for the failing unit. And to be consistent,
> they
>   >> event want to remove all biometric access devices at least across
> Germany.
>   >>
>   >
>   >Hi  J??rg,
>   >
>   >IMO, biometric was a gimmick in the first place and a bad idea when
>   >carefully considered. All authenticators can be compromised. Hence, all
>   >authenticators must be replaceable following a compromise. If one of
> your
>   >DCs' palm vein databases is lost, what's your plan for replacing that
> hand?
>   >
>   >Regards,
>   >Bill Herrin
>   >
>   >
>   >--
>   >William Herrin  her...@dirtside.com  b...@herrin.us
>   >Dirtside Systems . Web: 
>
> --
> Ken Chase - m...@sizone.org Guelph Canada
>



-- 
Matt Harris - Chief Security Officer
Main: +1 855.696.3834 ext 103
Mobile: +1 908.590.9472
Email: m...@netfire.net

Re: replacing compromised biometric authenticators

[Andrew Kirch]

Since I'm not squeamish about such things, I do have tin snips and will
happily assist in revocation of compromised biometric authentication
factors.

Andrew

On Wed, Oct 11, 2017 at 5:04 PM, Ken Chase  wrote:

> (forking the thread here..)
>
> Biometrics are still the new hotness out in North America. Cologix whom I
> deal
> with in Canada has a dozen and a half odd POPs in canada/usa and I think
> has
> fingerprinting at all sites.
>
> If the current best operating practice is to avoid biometrics, why are they
> still in use out here? Has anyone gotten the message? Is anyone in North
> America
> ripping them out yet?
>
> Other factors include your country's privacy regulations for storing
> irreplaceable personal information, the burden of which might not be worth
> the security 'benefit'.
>
> /kc
>
>
> On Wed, Oct 11, 2017 at 04:46:02PM -0400, William Herrin said:
>   >On Wed, Oct 11, 2017 at 4:32 PM, J??rg Kost  wrote:
>   >
>   >> Do you guys still at least have biometric access control devices at
> your
>   >> Level3 dc? They even removed this things at our site, because there
> is no
>   >> budget for a successor for the failing unit. And to be consistent,
> they
>   >> event want to remove all biometric access devices at least across
> Germany.
>   >>
>   >
>   >Hi  J??rg,
>   >
>   >IMO, biometric was a gimmick in the first place and a bad idea when
>   >carefully considered. All authenticators can be compromised. Hence, all
>   >authenticators must be replaceable following a compromise. If one of
> your
>   >DCs' palm vein databases is lost, what's your plan for replacing that
> hand?
>   >
>   >Regards,
>   >Bill Herrin
>   >
>   >
>   >--
>   >William Herrin  her...@dirtside.com  b...@herrin.us
>   >Dirtside Systems . Web: 
>
> --
> Ken Chase - m...@sizone.org Guelph Canada
>

replacing compromised biometric authenticators

[Ken Chase]

(forking the thread here..)

Biometrics are still the new hotness out in North America. Cologix whom I deal
with in Canada has a dozen and a half odd POPs in canada/usa and I think has
fingerprinting at all sites.

If the current best operating practice is to avoid biometrics, why are they
still in use out here? Has anyone gotten the message? Is anyone in North America
ripping them out yet?

Other factors include your country's privacy regulations for storing
irreplaceable personal information, the burden of which might not be worth
the security 'benefit'.

/kc


On Wed, Oct 11, 2017 at 04:46:02PM -0400, William Herrin said:
  >On Wed, Oct 11, 2017 at 4:32 PM, J??rg Kost  wrote:
  >
  >> Do you guys still at least have biometric access control devices at your
  >> Level3 dc? They even removed this things at our site, because there is no
  >> budget for a successor for the failing unit. And to be consistent, they
  >> event want to remove all biometric access devices at least across Germany.
  >>
  >
  >Hi  J??rg,
  >
  >IMO, biometric was a gimmick in the first place and a bad idea when
  >carefully considered. All authenticators can be compromised. Hence, all
  >authenticators must be replaceable following a compromise. If one of your
  >DCs' palm vein databases is lost, what's your plan for replacing that hand?
  >
  >Regards,
  >Bill Herrin
  >
  >
  >-- 
  >William Herrin  her...@dirtside.com  b...@herrin.us
  >Dirtside Systems . Web: 

-- 
Ken Chase - m...@sizone.org Guelph Canada

Re: Temp at Level 3 data centers

[William Herrin]

On Wed, Oct 11, 2017 at 4:32 PM, Jörg Kost  wrote:

> Do you guys still at least have biometric access control devices at your
> Level3 dc? They even removed this things at our site, because there is no
> budget for a successor for the failing unit. And to be consistent, they
> event want to remove all biometric access devices at least across Germany.
>

Hi  Jörg,

IMO, biometric was a gimmick in the first place and a bad idea when
carefully considered. All authenticators can be compromised. Hence, all
authenticators must be replaceable following a compromise. If one of your
DCs' palm vein databases is lost, what's your plan for replacing that hand?

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: Temp at Level 3 data centers

[Jörg Kost]

Hi there,

been there, done that, rocky way ahead.

In Europe the standard temperature Level3 SLA is 26C. The measurement is 
done on the cool aisle, at a distance of 45 cm to the equipment and a 
height of 100 cm. You can use a Testo 625 handheld for measurements, 
that is also handled by Level3 staff.


Do you guys still at least have biometric access control devices at your 
Level3 dc? They even removed this things at our site, because there is 
no budget for a successor for the failing unit. And to be consistent, 
they event want to remove all biometric access devices at least across 
Germany.


Regards
Jörg

On 11 Oct 2017, at 14:31, David Hubbard wrote:

Curious if anyone on here colo’s equipment at a Level 3 facility and 
has found the temperature unacceptably warm?  I’m having that 
experience currently, where ambient temp is in the 80’s, but they 
tell me that’s perfectly fine because vented tiles have been placed 
in front of all equipment racks.  My equipment is alarming for high 
temps, so obviously not fine.  Trying to find my way up to whomever I 
can complain to that’s in a position to do something about it but it 
seems the support staff have been told to brush questions about temp 
off as much as possible.  Was wondering if this is a country-wide 
thing for them or unique to the data center I have equipment in.  I 
have equipment in several others from different companies and most are 
probably 15-20 degrees cooler.


Thanks,

David

Re: Calgary <-> Toronto 100% Canadian Fibre Resiliency on failover

[Jean-Francois Mezei]

BTW,

a web site showing list of registered cellular towers in Canada:

http://www.ertyu.org/steven_nikkel/cancellsites.html

In areas where the 17 or 11 stray from railroad, you could cobine that
map with Street View to try to spot towers to see if they are on
microwave or not.

If I were to cycle the route again, I would be able to spot signs of
fibre along the road. (do not dig, or orange tags on telephone pole
lines where they exist).

There may be stretches where there is fibre along the 17 (between
Sudbury and White River, there are no through tracks, and a few towns,
so one assumes some fibre has been laid).

The folks at ViaNet.ca have laid FTTH in towns such as Chapleau, so they
would know what fibre trunks exist in the region.

Re: Temp at Level 3 data centers

[Bryan Holloway]

On 10/11/17 9:42 AM, Sam Kretchmer wrote:

with a former employer we had a suite at the L3 facility on Canal in
Chicago. They had this exact issue for the entire time we had the suite.
They kept blaming a failing HVAC unit on our floor, but it went on for
years no matter who we complained to, or what we said.

Good luck.



At $dayjob-1, we had a couple cabinets at that facility, and sometime 
around 2007, if I recall correctly, they kicked out all of the customers 
that were server-farms. Only carriers were allowed to stay (with a few 
exceptions, I'm sure ...) I know because we picked up a few of their 
customers.


That facility was built out around 2000/2001, and things were a lot 
different back then (e.g. no one was really using 208/240 yet.) I think 
they just couldn't keep up when things really took off again post 
dot-com bust.




On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
 wrote:


Curious if anyone on here colo¹s equipment at a Level 3 facility and has
found the temperature unacceptably warm?  I¹m having that experience
currently, where ambient temp is in the 80¹s, but they tell me that¹s
perfectly fine because vented tiles have been placed in front of all
equipment racks.  My equipment is alarming for high temps, so obviously
not fine.  Trying to find my way up to whomever I can complain to that¹s
in a position to do something about it but it seems the support staff
have been told to brush questions about temp off as much as possible.
Was wondering if this is a country-wide thing for them or unique to the
data center I have equipment in.  I have equipment in several others from
different companies and most are probably 15-20 degrees cooler.

Thanks,

David

Re: Temp at Level 3 data centers

[Andrew Latham]

David

The issue has several components and is vendor agnostic.

Set Point: The systems are specifically set at a temperature
Capacity Ability: The systems can maintain a temperature
Customer Desire: What you expect from sales promises.
Sales Promise: What they might carefully avoid promising.

I suggest you review your SLA and discuss with legal asap. You could have a
document defining your question's answer already but it sits in a filing
cabinet file labeled business continuity.

If the set point is X then they likely would answer quickly that that is
the case.
If the capacity is lacking then they would likely redirect the issue.
If they don't care about the customer that alone should be an indicator
If a promise exists in the SLA then the ball is in your court

>From the emails I fear that we have confirmed that this is normal. So your
question "Is the temperature at Level 3 Data Centers normally in the 80-90F
range?" sounds like a Yes.

Regardless of the situation always ask for names, titles, and ask vendors
to repeat critical information like the status of cooling in a building
designed to deal with cooling. Keep the vendors that do it well.



On Wed, Oct 11, 2017 at 7:31 AM, David Hubbard <
dhubb...@dino.hostasaurus.com> wrote:

> Curious if anyone on here colo’s equipment at a Level 3 facility and has
> found the temperature unacceptably warm?  I’m having that experience
> currently, where ambient temp is in the 80’s, but they tell me that’s
> perfectly fine because vented tiles have been placed in front of all
> equipment racks.  My equipment is alarming for high temps, so obviously not
> fine.  Trying to find my way up to whomever I can complain to that’s in a
> position to do something about it but it seems the support staff have been
> told to brush questions about temp off as much as possible.  Was wondering
> if this is a country-wide thing for them or unique to the data center I
> have equipment in.  I have equipment in several others from different
> companies and most are probably 15-20 degrees cooler.
>
> Thanks,
>
> David
>



-- 
- Andrew "lathama" Latham -

Re: Temp at Level 3 data centers

[Ken Chase]

As temp goes up wire resistance increases too, increasing heat, increasing
resistance, etc - and I find breakers trip more easily at hotter temps too.

/kc


On Wed, Oct 11, 2017 at 01:08:33PM -0400, Zachary Winnerman said:
  >That's a good point, though if you are running your breakers that close
  >I think you have bigger problems, as a power outage, however unlikely,
  >could cause your equipment to not come back up at all. Software updates
  >that reboot several servers in quick succession could also cause a
  >breaker to trip under those circumstances. Unfortunately, there's no way
  >to tell how close a breaker is to tripping without tripping it. Breakers
  >may have amp meteres and a rated size, but the actual load before
  >tripping is +-20% for common models, meaning a 20A breaker may trip as
  >low as 16A.

-- 
Ken Chase - m...@sizone.org Guelph Canada

RE: Private Link between TOR and CHI

[Adam Gregory]

HE, I use them for similar applications.


Best Regards,

--
adam gregory

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ryan Gard
Sent: Wednesday, October 11, 2017 3:05 PM
To: nanog@nanog.org
Subject: Private Link between TOR and CHI

Trying to source some cost effective solutions or vendors that could provide 
connectivity in this scenario. Essentially I'll be looking to expand presence 
into Chicago, and as such, will need to source a third party to provide 
connectivity from 151 Front Street in Toronto to 350 Cermak in Chicago. 
Specifically, we're looking to build a presence in Chicago to pursue peering 
agreements with other providers at 350 Cermak.

If you're aware of any providers that would be able to provide this 
connectivity, that would be perfect.

Thanks!

--
Ryan Gard

Re: Calgary <-> Toronto 100% Canadian Fibre Resiliency on failover

[Jean-Francois Mezei]

On 2017-10-11 11:40, Jacques Latour wrote:
> Does anyone know if there's fibre resiliency between Calgary and Toronto over 
> the Great lakes, I thinking redundancy could be achieved by using two paths 
> one following the railroad and the other following the Trans-Canadian 
> highway.  Does anyone know if there is fibre following the Trans-Canadian 
> highway and who owns it?


More than likely one around lake Superior on CP Rail tracks, and the
other along the CN tracks further north.

Zayo in Canada is formerly CNCP telecommunications, and they are likely
first to have fibre along tracks.

Since the Trans Canada highway in that part of Ontario is actually a 2
lane rural road, I am not sure people would have laid fibre along it
knowing the progressive work to widen it might require frequent
relocation of the fibre.

Private Link between TOR and CHI

[Ryan Gard]

Trying to source some cost effective solutions or vendors that could
provide connectivity in this scenario. Essentially I'll be looking to
expand presence into Chicago, and as such, will need to source a third
party to provide connectivity from 151 Front Street in Toronto to 350
Cermak in Chicago. Specifically, we're looking to build a presence in
Chicago to pursue peering agreements with other providers at 350 Cermak.

If you're aware of any providers that would be able to provide this
connectivity, that would be perfect.

Thanks!

-- 
Ryan Gard

Re: Temp at Level 3 data centers

[Thomas Bellman]

On 2017-10-11 19:09, Naslund, Steve wrote:

> I would also be concerned because if they lose one of the a/c units
> what would the ambient temperature rise to?

It doesn't matter much if the "normal" temperature in your DC is 10
or 30 degrees Celcius; if the cooling system is barely keeping up
with that, and you loose half your cooling capacity, then temperature
will rise pretty quickly, until the servers are literally cooked (i.e.
temperature reaching 100°C or more).

The spare capacity of the cooling system is the important information,
not the starting temperature.  That difference of 10-20°C in starting
temperature will just give you a few minutes extra, not *save* you, if
there is not enough spare capacity in the cooling system.

Assuming a reasonably densly packed data centre, at least; with low
power density, thin unisolated walls, and winter outside, you might
survive even a full cooling failure. :-)

Also, depending on your cooling solution, a partial failure might not
be very common.  We have district cooling providing us with cold water,
and if that stops pumping water, and we use up our 30m³ buffer tank
(which is enough for 30-40 minutes), *all* cooling stops.  But on the
other hand, we have capacity enough to survive even if they give us
16°C water instead of the normal 9°C water.

> I would want them to tell me what the set point of the a/c actually is.

That I agree with.

> Bottom line 80 F input air is too hot in my opinion and apparently
> the equipment's opinion as well.

Unfortunately the default settings of most servers are not very well
thought through.  They will typically spin up fans *much* more than
is actually needed to protect the hardware, and often there is no way
of changing that for the user.  And if you try to get the manufacturer
to tell you what the most power-efficient inlet temperature is, they
will just tell you "oh, we support anything between 5°C and 40°C" (or
whatever their actual limits are), and absolutely refuse to answer your
actual question.


-- 
Thomas Bellman 
National Supercomputer Centre, Linköping University, Sweden



signature.asc
Description: OpenPGP digital signature

Re: Temp at Level 3 data centers

[Eric Kuhnke]

Also worth noting that temperature tolerances for large scale numbers of 1U
servers, Open Compute platform type high density servers, or blade servers
is a very different thing than air intake temperatures for more sensitive
things like DWDM platforms...  There's laser and physics related issues
where temperature stability is important as channel sizes get narrower in
terms of optical THz.



On Wed, Oct 11, 2017 at 10:05 AM, Leo Bicknell  wrote:

> In a message written on Wed, Oct 11, 2017 at 12:54:26PM -0400, Zachary
> Winnerman wrote:
> > I recall some evidence that 80+F temps can reduce hard drive lifetime,
> > though it might be outdated as it was from before SSDs were around. I
>
> This is very much a "your infrastructure may vary" situation.
>
> The servers we're currently buying when speced with SSD only and
> the correct network card (generally meaning RJ45 only, but there
> are exceptions) are waranteed for 105 degree inlet operations.
> While we do not do "high temperature operations" we have seen
> operations where folks run them at 90-100 degree input chasing
> effiency.
>
> Famously, Intel ran computers outside in a tent just to prove it works
> fine:
>
> https://www.computerworld.com/article/2533138/data-center/
> running-servers-in-a-tent-outside--it-works.html
>
> It should be easy to purchase equipment that can tolerate 80-90
> degree input without damage.  But that's not the question here.
> The question is if the temp is within the range specified in the
> contract.  If it is, deal with it, and if it is not, hold your
> vendor to delivering what they promised.
>
> --
> Leo Bicknell - bickn...@ufp.org
> PGP keys at http://www.ufp.org/~bicknell/
>

Re: Temp at Level 3 data centers

[Jeremy Austin]

My 0.041 BTC:

1) For small facilities, without separate temperature-controlled UPS zones,
the optimum temperature for lead-acid batteries may be the lower bound.
77°F is optimal, with significant reduction in battery life even 15°F above
that. Given that batteries' internal temperature will be higher than
ambient, 80° set point is not stupid. I run cooler, FWIW.

2) Headroom. I try to have documented for each facility the climb in
degrees per hour (determined empirically) as a backup so I know required
response times when AC failure occurs.

On Wed, Oct 11, 2017 at 10:09 AM, Naslund, Steve 
wrote:

>
> Bottom line 80 F input air is too hot in my opinion and apparently the
> equipment's opinion as well.
>
> --
Jeremy Austin
jhaus...@gmail.co m

(907) 895-2311 office
(907) 803-5422 cell

Heritage NetWorks  - Whitestone Power &
Communications - Vertical Broadband, LLC 

RE: Temp at Level 3 data centers

[Naslund, Steve]

I think the key here is that if your set point is at 80 F, you better be able 
to hit it with a unit down and you better be able to react instantly to any 
environmental failure.  You just have no headroom to play with.

Steven Naslund
Chicago IL

>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Zachary Winnerman
>Sent: Wednesday, October 11, 2017 11:54 AM
>To: nanog@nanog.org
>Subject: Re: Temp at Level 3 data centers
>
>I recall some evidence that 80+F temps can reduce hard drive lifetime, though 
>it might be outdated as it was from before SSDs were around. I would imagine 
>that while it may not impact the ability for a server to handle load, it may 
>>reduce equipment lifetime. It also could be an indication that they lack 
>redundancy in the case of an AC failure. This could cause equipment damage if 
>the datacenter is unattended and temperatures are allowed to rise.

RE: Temp at Level 3 data centers

[Naslund, Steve]

If the ambient temperature is higher is means the temperatures throughout the 
device would be higher and the temp at those points is what really matters.  I 
would also be concerned because if they lose one of the a/c units what would 
the ambient temperature rise to?  I would want them to tell me what the set 
point of the a/c actually is.

Bottom line 80 F input air is too hot in my opinion and apparently the 
equipment's opinion as well.


Steven Naslund
Chicago IL




  

>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Zachary Winnerman
>Sent: Wednesday, October 11, 2017 11:54 AM
>To: nanog@nanog.org
>Subject: Re: Temp at Level 3 data centers
>
>I recall some evidence that 80+F temps can reduce hard drive lifetime, though 
>it might be outdated as it was from before SSDs were around. I would imagine 
>that while it may not impact the ability for a server to handle load, it may 
>>reduce equipment lifetime. It also could be an indication that they lack 
>redundancy in the case of an AC failure. This could cause equipment damage if 
>the datacenter is unattended and temperatures are allowed to rise.

Re: Temp at Level 3 data centers

[Zachary Winnerman]

That's a good point, though if you are running your breakers that close
I think you have bigger problems, as a power outage, however unlikely,
could cause your equipment to not come back up at all. Software updates
that reboot several servers in quick succession could also cause a
breaker to trip under those circumstances. Unfortunately, there's no way
to tell how close a breaker is to tripping without tripping it. Breakers
may have amp meteres and a rated size, but the actual load before
tripping is +-20% for common models, meaning a 20A breaker may trip as
low as 16A.


On 2017年10月11日 12:58, Matt Harris wrote:
> Another thing to remember - and I've actually seen breakers tripped on
> PDUs due to heat before because of this - is that it's going to spin
> all of your fans harder to keep internal temps down if the ambient
> temp is higher. This will increase your power draw, which means that
> if you're paying for metered power by usage, you're going to pay more
> - those fans really do add up in terms of power. In extreme cases, you
> can draw too much power and trip a breaker on a PDU because every host
> in a rack, or especially those towards the top, are spinning full
> tilt. It's not a good condition and one that you should force them to
> correct. 
>
>
> On Wed, Oct 11, 2017 at 11:54 AM, Zachary Winnerman
> > wrote:
>
> I recall some evidence that 80+F temps can reduce hard drive lifetime,
> though it might be outdated as it was from before SSDs were around. I
> would imagine that while it may not impact the ability for a server to
> handle load, it may reduce equipment lifetime. It also could be an
> indication that they lack redundancy in the case of an AC failure.
> This
> could cause equipment damage if the datacenter is unattended and
> temperatures are allowed to rise.
>
>
> On 2017年10月11日 11:45, Keith Stokes wrote:
> > There are plenty of people who say 80+ is fine for equipment and
> data centers aren’t built for people.
> >
> > However other things have to be done correctly.
> >
> > Are you sure your equipment is properly oriented for airflow
> (hot/cold aisles if in use) and has no restrictions?
> >
> > On Oct 11, 2017, at 9:42 AM, Sam Kretchmer
>   >> wrote:
> >
> > with a former employer we had a suite at the L3 facility on Canal in
> > Chicago. They had this exact issue for the entire time we had
> the suite.
> > They kept blaming a failing HVAC unit on our floor, but it went
> on for
> > years no matter who we complained to, or what we said.
> >
> > Good luck.
> >
> >
> > On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
> >   > on behalf of
> dhubb...@dino.hostasaurus.com
> 
>  >> wrote:
> >
> > Curious if anyone on here colo¹s equipment at a Level 3 facility
> and has
> > found the temperature unacceptably warm?  I¹m having that experience
> > currently, where ambient temp is in the 80¹s, but they tell me
> that¹s
> > perfectly fine because vented tiles have been placed in front of all
> > equipment racks.  My equipment is alarming for high temps, so
> obviously
> > not fine.  Trying to find my way up to whomever I can complain
> to that¹s
> > in a position to do something about it but it seems the support
> staff
> > have been told to brush questions about temp off as much as
> possible.
> > Was wondering if this is a country-wide thing for them or unique
> to the
> > data center I have equipment in.  I have equipment in several
> others from
> > different companies and most are probably 15-20 degrees cooler.
> >
> > Thanks,
> >
> > David
> >
> >
> >
> > ---
> >
> > Keith Stokes
> >
> >
> >
> >
>
>
>
>
>
> -- 
> Matt Harris - Chief Security Officer
> Main: +1 855.696.3834 ext 103
> Mobile: +1 908.590.9472
> Email: m...@netfire.net 



signature.asc
Description: OpenPGP digital signature

Re: Temp at Level 3 data centers

[Leo Bicknell]

In a message written on Wed, Oct 11, 2017 at 12:54:26PM -0400, Zachary 
Winnerman wrote:
> I recall some evidence that 80+F temps can reduce hard drive lifetime,
> though it might be outdated as it was from before SSDs were around. I

This is very much a "your infrastructure may vary" situation.

The servers we're currently buying when speced with SSD only and
the correct network card (generally meaning RJ45 only, but there
are exceptions) are waranteed for 105 degree inlet operations.
While we do not do "high temperature operations" we have seen
operations where folks run them at 90-100 degree input chasing
effiency.

Famously, Intel ran computers outside in a tent just to prove it works
fine:

https://www.computerworld.com/article/2533138/data-center/running-servers-in-a-tent-outside--it-works.html

It should be easy to purchase equipment that can tolerate 80-90
degree input without damage.  But that's not the question here.
The question is if the temp is within the range specified in the
contract.  If it is, deal with it, and if it is not, hold your
vendor to delivering what they promised.

-- 
Leo Bicknell - bickn...@ufp.org
PGP keys at http://www.ufp.org/~bicknell/


signature.asc
Description: PGP signature

Re: Temp at Level 3 data centers

[Josh Reynolds]

http://www.datacenterknowledge.com/archives/2008/10/14/google-raise-your-data-center-temperature

On Oct 11, 2017 11:56 AM, "Zachary Winnerman" 
wrote:

> I recall some evidence that 80+F temps can reduce hard drive lifetime,
> though it might be outdated as it was from before SSDs were around. I
> would imagine that while it may not impact the ability for a server to
> handle load, it may reduce equipment lifetime. It also could be an
> indication that they lack redundancy in the case of an AC failure. This
> could cause equipment damage if the datacenter is unattended and
> temperatures are allowed to rise.
>
>
> On 2017年10月11日 11:45, Keith Stokes wrote:
> > There are plenty of people who say 80+ is fine for equipment and data
> centers aren’t built for people.
> >
> > However other things have to be done correctly.
> >
> > Are you sure your equipment is properly oriented for airflow (hot/cold
> aisles if in use) and has no restrictions?
> >
> > On Oct 11, 2017, at 9:42 AM, Sam Kretchmer  > wrote:
> >
> > with a former employer we had a suite at the L3 facility on Canal in
> > Chicago. They had this exact issue for the entire time we had the suite.
> > They kept blaming a failing HVAC unit on our floor, but it went on for
> > years no matter who we complained to, or what we said.
> >
> > Good luck.
> >
> >
> > On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
> >  on behalf of
> dhubb...@dino.hostasaurus.com>
> wrote:
> >
> > Curious if anyone on here colo¹s equipment at a Level 3 facility and has
> > found the temperature unacceptably warm?  I¹m having that experience
> > currently, where ambient temp is in the 80¹s, but they tell me that¹s
> > perfectly fine because vented tiles have been placed in front of all
> > equipment racks.  My equipment is alarming for high temps, so obviously
> > not fine.  Trying to find my way up to whomever I can complain to that¹s
> > in a position to do something about it but it seems the support staff
> > have been told to brush questions about temp off as much as possible.
> > Was wondering if this is a country-wide thing for them or unique to the
> > data center I have equipment in.  I have equipment in several others from
> > different companies and most are probably 15-20 degrees cooler.
> >
> > Thanks,
> >
> > David
> >
> >
> >
> > ---
> >
> > Keith Stokes
> >
> >
> >
> >
>
>
>

Re: Temp at Level 3 data centers

[Zachary Winnerman]

I recall some evidence that 80+F temps can reduce hard drive lifetime,
though it might be outdated as it was from before SSDs were around. I
would imagine that while it may not impact the ability for a server to
handle load, it may reduce equipment lifetime. It also could be an
indication that they lack redundancy in the case of an AC failure. This
could cause equipment damage if the datacenter is unattended and
temperatures are allowed to rise.


On 2017年10月11日 11:45, Keith Stokes wrote:
> There are plenty of people who say 80+ is fine for equipment and data centers 
> aren’t built for people.
>
> However other things have to be done correctly.
>
> Are you sure your equipment is properly oriented for airflow (hot/cold aisles 
> if in use) and has no restrictions?
>
> On Oct 11, 2017, at 9:42 AM, Sam Kretchmer 
> > wrote:
>
> with a former employer we had a suite at the L3 facility on Canal in
> Chicago. They had this exact issue for the entire time we had the suite.
> They kept blaming a failing HVAC unit on our floor, but it went on for
> years no matter who we complained to, or what we said.
>
> Good luck.
>
>
> On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
>  on behalf of 
> dhubb...@dino.hostasaurus.com> wrote:
>
> Curious if anyone on here colo¹s equipment at a Level 3 facility and has
> found the temperature unacceptably warm?  I¹m having that experience
> currently, where ambient temp is in the 80¹s, but they tell me that¹s
> perfectly fine because vented tiles have been placed in front of all
> equipment racks.  My equipment is alarming for high temps, so obviously
> not fine.  Trying to find my way up to whomever I can complain to that¹s
> in a position to do something about it but it seems the support staff
> have been told to brush questions about temp off as much as possible.
> Was wondering if this is a country-wide thing for them or unique to the
> data center I have equipment in.  I have equipment in several others from
> different companies and most are probably 15-20 degrees cooler.
>
> Thanks,
>
> David
>
>
>
> ---
>
> Keith Stokes
>
>
>
>




signature.asc
Description: OpenPGP digital signature

Re: Temp at Level 3 data centers

[Ken Chase]

My house isnt built for moving furniture, it's built for living in. I've not
moved a bed in or out of the bedroom in 8 years now. But for the 15 minutes
I did move a bed, the door and hallway had to accomodate it.

Humans have to go into datacenters - often in an emergency. Complicating the
servicing of equipment by having sweat drip off you into the electronics is
not condusive to uptime.

/kc

On Wed, Oct 11, 2017 at 03:45:30PM +, Keith Stokes said:
  >There are plenty of people who say 80+ is fine for equipment and data 
centers aren???t built for people.
  >
  >However other things have to be done correctly.
  >
  >Are you sure your equipment is properly oriented for airflow (hot/cold 
aisles if in use) and has no restrictions?
  >
  >On Oct 11, 2017, at 9:42 AM, Sam Kretchmer 
> wrote:
  >
  >with a former employer we had a suite at the L3 facility on Canal in
  >Chicago. They had this exact issue for the entire time we had the suite.
  >They kept blaming a failing HVAC unit on our floor, but it went on for
  >years no matter who we complained to, or what we said.
  >
  >Good luck.
  >
  >
  >On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
  > on behalf of 
dhubb...@dino.hostasaurus.com> wrote:
  >
  >Curious if anyone on here colo??s equipment at a Level 3 facility and has
  >found the temperature unacceptably warm?  I??m having that experience
  >currently, where ambient temp is in the 80??s, but they tell me that??s
  >perfectly fine because vented tiles have been placed in front of all
  >equipment racks.  My equipment is alarming for high temps, so obviously
  >not fine.  Trying to find my way up to whomever I can complain to that??s
  >in a position to do something about it but it seems the support staff
  >have been told to brush questions about temp off as much as possible.
  >Was wondering if this is a country-wide thing for them or unique to the
  >data center I have equipment in.  I have equipment in several others from
  >different companies and most are probably 15-20 degrees cooler.
  >
  >Thanks,
  >
  >David
  >
  >
  >
  >---
  >
  >Keith Stokes
  >
  >
  >
  >

/kc
--
Ken Chase - m...@sizone.org Guelph Canada

Re: Temp at Level 3 data centers

[Keith Stokes]

There are plenty of people who say 80+ is fine for equipment and data centers 
aren’t built for people.

However other things have to be done correctly.

Are you sure your equipment is properly oriented for airflow (hot/cold aisles 
if in use) and has no restrictions?

On Oct 11, 2017, at 9:42 AM, Sam Kretchmer 
> wrote:

with a former employer we had a suite at the L3 facility on Canal in
Chicago. They had this exact issue for the entire time we had the suite.
They kept blaming a failing HVAC unit on our floor, but it went on for
years no matter who we complained to, or what we said.

Good luck.


On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
 on behalf of 
dhubb...@dino.hostasaurus.com> wrote:

Curious if anyone on here colo¹s equipment at a Level 3 facility and has
found the temperature unacceptably warm?  I¹m having that experience
currently, where ambient temp is in the 80¹s, but they tell me that¹s
perfectly fine because vented tiles have been placed in front of all
equipment racks.  My equipment is alarming for high temps, so obviously
not fine.  Trying to find my way up to whomever I can complain to that¹s
in a position to do something about it but it seems the support staff
have been told to brush questions about temp off as much as possible.
Was wondering if this is a country-wide thing for them or unique to the
data center I have equipment in.  I have equipment in several others from
different companies and most are probably 15-20 degrees cooler.

Thanks,

David



---

Keith Stokes

Calgary <-> Toronto 100% Canadian Fibre Resiliency on failover

[Jacques Latour]

Hi,

Does anyone know if there's fibre resiliency between Calgary and Toronto over 
the Great lakes, I thinking redundancy could be achieved by using two paths one 
following the railroad and the other following the Trans-Canadian highway.  
Does anyone know if there is fibre following the Trans-Canadian highway and who 
owns it?

Is this achievable?

Thanks,

Jacques
CTO, CIRA

Re: Temp at Level 3 data centers

[Sam Kretchmer]

with a former employer we had a suite at the L3 facility on Canal in
Chicago. They had this exact issue for the entire time we had the suite.
They kept blaming a failing HVAC unit on our floor, but it went on for
years no matter who we complained to, or what we said.

Good luck.


On 10/11/17, 7:31 AM, "NANOG on behalf of David Hubbard"
 wrote:

>Curious if anyone on here colo¹s equipment at a Level 3 facility and has
>found the temperature unacceptably warm?  I¹m having that experience
>currently, where ambient temp is in the 80¹s, but they tell me that¹s
>perfectly fine because vented tiles have been placed in front of all
>equipment racks.  My equipment is alarming for high temps, so obviously
>not fine.  Trying to find my way up to whomever I can complain to that¹s
>in a position to do something about it but it seems the support staff
>have been told to brush questions about temp off as much as possible.
>Was wondering if this is a country-wide thing for them or unique to the
>data center I have equipment in.  I have equipment in several others from
>different companies and most are probably 15-20 degrees cooler.
>
>Thanks,
>
>David

Re: ATT NOC

[Nimrod Levy]

We're not accepting the route from our peers due to the AS-SET in the path:
  174 199659 {65002}, (aggregated by 199659 10.10.10.3), (received-only)
  2914 199659 {65002}, (aggregated by 199659 10.10.10.1), (received-only)



On Tue, Oct 10, 2017 at 12:35 PM Gavin Henry  wrote:

> Hi Nimrod,
>
> Sorry. Our resolvers that are having the issue live at:
>
> 185.8.92.12
> 185.8.92.13
>
> part of 185.8.92.0/22
>
> Destination IP's we're trying to reach are:
>
> dns4.hertz.com has address 12.5.245.250
> dns5.hertz.com has address 12.147.231.250
> dns6.hertz.com has address 12.28.81.250
>
> These live within in our routing table:
>
> 12.5.245.0/24
> 12.147.231.0/24
> 12.28.81.0/24
>
> Thanks.
>
-- 

--
Nimrod

Re: ATT NOC

[Nimrod Levy]

Please provide source and destination.

On Tue, Oct 10, 2017 at 12:22 PM Gavin Henry  wrote:

> Hi all,
>
> For a while now (11 days) we've been trying to reach ATT as it some of
> our traffic is dying within their network. It's traffic destined for
> their customer networks so we can't raise a ticket with ATT directly.
> We've emailed their NOC, but nothing and since then been trying to
> raise tickes via phone with their customers that we can't reach, but
> we're not their customers eitherI'm pretty certain one of our /22
> is getting dropped, as our other /22 works (we're small guys).
>
> Can anyone help confirm our theory by putting us in touch?
>
> Thanks.
>
> --
> Kind Regards,
>
> Gavin Henry.
> Managing Director.
>
-- 

--
Nimrod

Re: Why don't large carriers use alternate communication routes?

[Leo Bicknell]

In a message written on Tue, Oct 10, 2017 at 07:19:15PM -0400, Sean Donelan 
wrote:
> Are the penalties for subscribe outages so minimal that it makes business 
> sense not to use backup alternate routes?

There are penalties for subscriber outages?  Do tell!  Where?

-- 
Leo Bicknell - bickn...@ufp.org
PGP keys at http://www.ufp.org/~bicknell/


signature.asc
Description: PGP signature

Temp at Level 3 data centers

[David Hubbard]

Curious if anyone on here colo’s equipment at a Level 3 facility and has found 
the temperature unacceptably warm?  I’m having that experience currently, where 
ambient temp is in the 80’s, but they tell me that’s perfectly fine because 
vented tiles have been placed in front of all equipment racks.  My equipment is 
alarming for high temps, so obviously not fine.  Trying to find my way up to 
whomever I can complain to that’s in a position to do something about it but it 
seems the support staff have been told to brush questions about temp off as 
much as possible.  Was wondering if this is a country-wide thing for them or 
unique to the data center I have equipment in.  I have equipment in several 
others from different companies and most are probably 15-20 degrees cooler.

Thanks,

David

Re: Question about Customer Population by ASN for Canada

[Radu-Adrian Feurdean]

On Mon, Oct 2, 2017, at 22:15, Filip Hruska wrote:
> * OVH is also a home ISP - just in France though; but not sure if/how 
> APNIC separated OVH as an ISP and OVH as a server provider.
> I think it's all under the same ASN (might be wrong though)

Hi,

OVH ISP uses a slightly weird set-up:
 - separate AS for residentian IPv4 ranges. That AS is only seen in GRT
 via OVH main AS.
 - IPv6 is provided from the "main pool", advertised by the main AS.

And yes, their hosting business hosts tons of VPNs (on VPS or dedicated
servers) which are also used by a number of french users in order to get
decent internet performance (for the case when their ISP does saturate
transit - which is every day 17h-24h).