Re: an over-the-top data center

[Bill Stewart]

Data centers in used nuclear bunkers aren't new - www.thebunker.net
has done that for a decade in the UK.  They found that having a
cool-looking site made it easy to sell to bankers who wanted
reassurance about physical security, and at least with the computer
technology of the time it was easy to do HVAC, since the place was
naturally cold, and they had good redundant power grid connectivity to
work with.

As far as the risks of publishing the location of your data centers
go, I've generally been on the pro-publishing side; real attackers
would *never* think of looking for the large building downtown with no
windows, or looking for a data center business named "One Wilshire"
near Wilshire Blvd (:-)  More seriously, though, many customers need
physical diversity for their circuits, and while it's more reliable to
get that from a single fiber carrier than try to get predictable
diversity from multiple carriers, there's still a need to do some
auditing.

Of course, if you've got a bunker already, it's pretty cheap to get
your CEO a monocle and a white cat, whereas if you're starting with
the monocle and the cat, getting a bunker can be fairly expensive.

Re: an over-the-top data center

[Joe Greco]

> Gadi,
> I can't help that you need a few nights away in a lovely Swiss Hotel  
> in order to help those cynical thoughts lift:
> 
> http://www.news.com.au/travel/story/0,28318,24732642-5014090,00.html

That looks too noisy.  This seems to be a little more upscale.

http://www.budgettravel.com/bt-srv/gallery/0803_WeirdestHotels/index.html?jumpToPic=2

Interesting places:

http://www.budgettravel.com/bt-dyn/content/article/2008/02/19/AR2008021901535.html

So, an interesting question to contemplate.  Apparently some hotels have
figured out different angles.

Is there a point at which business will start looking at other models for
hosting purposes?  We already have cloud computing, fe.  With data center
prices skyrocketing, it would seem that there might be some advantages,
at least in some cases, to looking at alternatives.  I know that we find
our Equinix rack space very expensive, and that some of the things we do
just aren't worth $50/month/RU or whatever it is we're paying.  Putting
low bandwidth, less critical resources elsewhere seems to be a generally
good idea.  What workable options exist?  We have some clients that have
always maintained their own small server rooms on-site and never gave up
on bringing in bandwidth on T1 or whatever, and this strategy seems to
have worked out for them in the long run, as they've kept resources on-
site.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: an over-the-top data center

[Matthew Moyle-Croft]

Gadi,
I can't help that you need a few nights away in a lovely Swiss Hotel  
in order to help those cynical thoughts lift:


http://www.news.com.au/travel/story/0,28318,24732642-5014090,00.html

:-)

MMC

On 29/11/2008, at 2:05 PM, Gadi Evron wrote:


On Fri, 28 Nov 2008, Howard C. Berkowitz wrote:


It seems that all these cases are more under the bottom than over  
the top.




Every couple of years there is a story about some anti virus  
company, data center, or whatever running out of an old nuclear  
bunker/military base/middle of no where. It is exciting the first  
few times.


Gadi.



--
Matthew Moyle-Croft Internode/Agile Peering and Core Networks

Re: an over-the-top data center

[Måns Nilsson]

--On onsdag, onsdag 3 dec 2008 18.29.54 +0100 Måns Nilsson
<[EMAIL PROTECTED]> wrote:

>> In the pretty pictures of the swedish site, there didn't seem to be an
>> obvious raised floor.
> 
> There is a raised floor, iirc. 

There is a raised floor. Have a look at 



-- 
Måns NilssonM A C H I N A

I brought my BOWLING BALL -- and some DRUGS!!


pgpfdqDoiROwz.pgp
Description: PGP signature

Re: an over-the-top data center

[Måns Nilsson]

--On onsdag, onsdag 3 dec 2008 10.47.28 -0500 Jean-François Mezei
<[EMAIL PROTECTED]> wrote:

> 
> pardon me for resurrecting this topic...
> 
> For sites that are built in caves, how do they deal with cabling ?

Like any datacenter. Raceways on top of racks or under the floor. _Proper_
datacentres in caves (like, those made to actually be safe against all
those DHS-funding movie plots) consist of a pretty standard CO building
built inside a cave. Of course, there are a number of extras like EMP, gas
and blast barriers, but they normally are outside the house. 

Pionen (the site that trigered this offtopic thread) is a showoff, not
correctly expanded from the design originally made by those people who know
about blast waves and such. 
 
> In the pretty pictures of the swedish site, there didn't seem to be an
> obvious raised floor.

There is a raised floor, iirc. 

-- 
Måns NilssonM A C H I N A

Did an Italian CRANE OPERATOR just experience uninhibited sensations in
a MALIBU HOT TUB?


pgpgAIeWuQ7qN.pgp
Description: PGP signature

Re: an over-the-top data center

[Jean-François Mezei]

pardon me for resurrecting this topic...

For sites that are built in caves, how do they deal with cabling ?

In the pretty pictures of the swedish site, there didn't seem to be an
obvious raised floor. And it appeared to be solid concrete floor between
the wings containing the systems. And no massive cable risers or
suspended cable paths.

It is all nice if neat, but in real life, wouldn't they need to be
stringing tons and tons of cable ?

Or it is a case of the pretty pictures with the fog having been taken
with empty racks, before the data centre was outfitted with real
equipment and now, there would be cables everywhere ?

Re: an over-the-top data center

[Jeremy Jackson]

On Tue, 2008-12-02 at 21:49 +, Nick Hilliard wrote:
> chuck goolsbee wrote:
> > would look, other than the granite walls
> 
> On the subject of suitability problems, unless there is good air
> circulation in these bunkers from the outside, radon seepage from the
> surrounding granite has the potential to cause a lot of health problems for
> any unlucky punter who happens to work in there, although it's unlikely
> that it would have any effect on any equipment housed in the facility.

So control systems in nuclear power plants don't need any extra
shielding to prevent "glitches"?  

Re: an over-the-top data center

[Valdis . Kletnieks]

On Tue, 02 Dec 2008 13:26:51 EST, The Anarcat said:

> Am I the only one thinking that shady lights, tropical fog, creepy
> tunnels, blue/colored lights, and *waterfalls* are *bad* things in a
> datacenter?

Well, across the hall we have:

Photo-op version: http://www.vtnews.vt.edu/story.php?relyear=2006&itemno=621

Production version: http://www.arc.vt.edu/images/upgrade/IMG_2434.jpg


pgpPQNLosvjCr.pgp
Description: PGP signature

RE: an over-the-top data center

[Deepak Jain]

> > But we aren't talking about the military here, are we? We are talking
> about an ISP on an ISP forum.
> >
> 
> Yes but in a disaster scenario where critical communication links
> are down the military would respond and reestablish the links, if for
> nothing else to re establish situational awareness for themselves.

This is getting off-topic in a big way, but I can pretty much assure you that 
the US military isn't going to be re-establishing ISP circuits for the 
military's situational awareness. I can't speak of the Swedish military. In 
most countries with a big-bad-military, the most the military will do is allow 
the commercial entities to expedite their own repairs and perhaps bypass 
certain permit requirements -- which is as it should be.

If this is the reason to build a bomb proof datacenter, I encourage all my 
competitors to do so.

Someone said it earlier, its far cheaper, and far more reliable to be massively 
redundant than super hardened in one (or a few) locations. If you think you 
can't afford the former, but can get the latter, you don't understand what you 
are solving for.

Deepak

Re: an over-the-top data center

[Charles Wyble]

Deepak Jain wrote:

I bet the military or emergency services can establish a 10km fiber
stretch in a few hours. Replacing some telecom hw and set it up from
scratch would probably take weeks (I'm not talking about a single
router
here).



But we aren't talking about the military here, are we? We are talking about an ISP on an ISP forum. 
  


Yes but in a disaster scenario where critical communication links 
are down the military would respond and reestablish the links, if for 
nothing else to re establish situational awareness for themselves. 

RE: an over-the-top data center

[Deepak Jain]

> I bet the military or emergency services can establish a 10km fiber
> stretch in a few hours. Replacing some telecom hw and set it up from
> scratch would probably take weeks (I'm not talking about a single
> router
> here).

But we aren't talking about the military here, are we? We are talking about an 
ISP on an ISP forum. 

Deepak

Re: an over-the-top data center

[Nick Hilliard]

chuck goolsbee wrote:
> would look, other than the granite walls

On the subject of suitability problems, unless there is good air
circulation in these bunkers from the outside, radon seepage from the
surrounding granite has the potential to cause a lot of health problems for
any unlucky punter who happens to work in there, although it's unlikely
that it would have any effect on any equipment housed in the facility.
Having said that, radon seems to be a well known problem in Stockholm and
I've no doubt that they took measures to deal with it.

Nick

Re: an over-the-top data center

[chuck goolsbee]

Speaking as a Datacenter Manager who (believe it or not) at one time was an 
Art Director, I have to say that the "ambience" in those photographs, in 
the form of fog, odd/colored lighting, etc. was certainly  created at the 
time of the photo shoot by an Art Director ... with delusions (illusions) 
of grandeur in mind. I imagine that were any of us to visit the site in 
question on a normal working day we'd find no such special effects and it 
would look, other than the granite walls, not too different from any other 
datacenter, or NOC.


_
chuck goolsbee - fully RFC 1925 compliant

Re: an over-the-top data center

[George William Herbert]

>>> This discussion about plants, waterfalls and humidity is getting more
>>> and more off-tropic...
>>
>> Humidity is not off topic for a general or specific datacenter
>> conversation - it's a fairly routine issue in facilities.
>
>*woosh*
>
>tropic... not topic. It's a joke. :) 

D'oh.  Serves me right for trying to reply on NANOG while
composing and sending a politically sensitive nastygram to
(vendor redacted) service and escalation.


-george

Re: an over-the-top data center

[Howard C. Berkowitz]

George William Herbert wrote:
>
> Johnny writes:
>>This discussion about plants, waterfalls and humidity is getting more
>>and more off-tropic...
>
> Humidity is not off topic for a general or specific datacenter
> conversation - it's a fairly routine issue in facilities.
>
> NANOG isn't facilities focused but I think that it comes up
> enough (we're not hosting routers in closets anymore) that it's
> legit for some discussion.
>
> The plants and waterfalls is probably drifting a bit far afield,
> though...
>


Perhaps not as far as one might think. I once had to work with a large
data center, which was having a huge condensation and eventual corrosion
problem on one side of the room. No one had made the connection that it
was a shared wall with the main building atrium, which had an indoor
waterfall that made quite an evaporative cooler.

Extra wall insulation solved the problem.

Re: an over-the-top data center

[Charles Wyble]

George William Herbert wrote:

Johnny writes:
  

This discussion about plants, waterfalls and humidity is getting more
and more off-tropic...



Humidity is not off topic for a general or specific datacenter
conversation - it's a fairly routine issue in facilities.
  


*woosh*

tropic... not topic. It's a joke. :) 

RE: an over-the-top data center

[Goltz, Jim (NIH/CIT) [E]]

> From: Marshall Eubanks [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 02, 2008 15:15
>
> This is of course off-off-topic, but I would suspect the room
> temperature ultrasonic
> misters, not dry ice or wood smoke.

Still off-topic, but I hope they used distilled water.  If the water has a 
medium to high mineral content ("hard" water), the miniscule droplets produced 
by ultrasonic misters evaporate quickly into microscopic dust motes, small 
enough to evade most filtering systems.

(This data center actually reminds me of the old Kon-Tiki movie theater in 
Dayton, OH.)

--
Jim Goltz <[EMAIL PROTECTED]>
CIT/DCSS/HSB/ASIG
12/2216
DCSS Firewall group on-call: 240-338-2103

Re: an over-the-top data center

[George William Herbert]

Johnny writes:
>This discussion about plants, waterfalls and humidity is getting more
>and more off-tropic...

Humidity is not off topic for a general or specific datacenter
conversation - it's a fairly routine issue in facilities.

NANOG isn't facilities focused but I think that it comes up
enough (we're not hosting routers in closets anymore) that it's
legit for some discussion.

The plants and waterfalls is probably drifting a bit far afield,
though...


-george william herbert
[EMAIL PROTECTED]

Re: an over-the-top data center

[Johnny Eriksson]

> Marshall wrote:
> >This is of course off-off-topic, but I would suspect the room  
> >temperature ultrasonic
> >misters, not dry ice or wood smoke.
> >
> >Regards
> >Marshall
> 
> Concur.
> 
> As anyone who works with air conditioning knows, ultrasonic are
> the low maintenance option for your humidifier units anyways.
> A lot of your datacenters have those 8-)
> 
> There are also doors between the plants and NOC and the server
> rooms ...
> 
> Having them external to the AC and pumping visible fog out into
> the room instead of invisible into the air feeds is unusual, but 
> if the resulting humidity (in the NOC, not the server rooms)
> is normal it's no big deal.  You can have the floor covered in
> an inch of water and the air be perfectly safe humidity for
> systems (just don't drop a live power cable in the water...).
> 
> I wouldn't do this personally, but if done right it should be safe.

This discussion about plants, waterfalls and humidity is getting more
and more off-tropic...

> -george william herbert
> [EMAIL PROTECTED]

--Johnny

RE: an over-the-top data center

[Blake Pfankuch]

I would agree with the psychological effects.  That would be a downside to 
working in a place that aside from that is so unbelievably kickass.

-Original Message-
From: Jeff Shultz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 02, 2008 1:28 PM
To: NANOG list
Subject: Re: an over-the-top data center

Marshall Eubanks wrote:
>
>
> On Dec 2, 2008, at 2:25 PM, Brian Raaen wrote:
>
>> Maybe it isn't dry ice Maybe it is from liquid oxygen, in which
>> case it
>> better be a smoke free workplace.
>>
>
> This is of course off-off-topic, but I would suspect the room
> temperature ultrasonic
> misters, not dry ice or wood smoke.
>

I'd be more worried about the artificial waterfalls... the sound of
flowing water has an established physiological effect.

Um... where's the bathroom?

--
Jeff Shultz

Re: an over-the-top data center

[George William Herbert]

Marshall wrote:
>This is of course off-off-topic, but I would suspect the room  
>temperature ultrasonic
>misters, not dry ice or wood smoke.
>
>Regards
>Marshall

Concur.

As anyone who works with air conditioning knows, ultrasonic are
the low maintenance option for your humidifier units anyways.
A lot of your datacenters have those 8-)

There are also doors between the plants and NOC and the server
rooms ...

Having them external to the AC and pumping visible fog out into
the room instead of invisible into the air feeds is unusual, but 
if the resulting humidity (in the NOC, not the server rooms)
is normal it's no big deal.  You can have the floor covered in
an inch of water and the air be perfectly safe humidity for
systems (just don't drop a live power cable in the water...).

I wouldn't do this personally, but if done right it should be safe.


-george william herbert
[EMAIL PROTECTED]

Re: an over-the-top data center

[Jeff Shultz]

Marshall Eubanks wrote:



On Dec 2, 2008, at 2:25 PM, Brian Raaen wrote:

Maybe it isn't dry ice Maybe it is from liquid oxygen, in which 
case it

better be a smoke free workplace.



This is of course off-off-topic, but I would suspect the room 
temperature ultrasonic

misters, not dry ice or wood smoke.



I'd be more worried about the artificial waterfalls... the sound of 
flowing water has an established physiological effect.


Um... where's the bathroom?

--
Jeff Shultz

Re: an over-the-top data center

[Marshall Eubanks]

On Dec 2, 2008, at 2:25 PM, Brian Raaen wrote:

Maybe it isn't dry ice Maybe it is from liquid oxygen, in which  
case it

better be a smoke free workplace.



This is of course off-off-topic, but I would suspect the room  
temperature ultrasonic

misters, not dry ice or wood smoke.

Regards
Marshall



--

Brian Raaen
Network Engineer
[EMAIL PROTECTED]



On Tuesday 02 December 2008, Jay Hennigan wrote:

The Anarcat wrote:

On Tue, Dec 02, 2008 at 11:19:36AM -0500, Jeremy Jackson wrote:
Seems like dry-ice was used to make the "tropical fog" in the  
photos,

not water poured over hot rocks like a sauna/bath house.


I've tried to avoid stating the obvious reading through all this  
funny

thread, but I can't help it now.

Am I the only one thinking that shady lights, tropical fog, creepy
tunnels, blue/colored lights, and *waterfalls* are *bad* things in a
datacenter?

I mean, it make a good movie set, but seriously... I wouldn't want  
to be
looking for that damn blue "locator" LED on that 10th switch with  
a blue

neon light...


Not to mention dry ice = carbon dioxide which isn't particularly  
healthy

for the humans in that enclosed space.

--
Jay Hennigan - CCIE #7880 - Network Engineering - [EMAIL PROTECTED]
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV

Re: an over-the-top data center

[Brian Raaen]

Maybe it isn't dry ice Maybe it is from liquid oxygen, in which case it 
better be a smoke free workplace.


--

Brian Raaen
Network Engineer
[EMAIL PROTECTED]



On Tuesday 02 December 2008, Jay Hennigan wrote:
> The Anarcat wrote:
> > On Tue, Dec 02, 2008 at 11:19:36AM -0500, Jeremy Jackson wrote:
> >> Seems like dry-ice was used to make the "tropical fog" in the photos,
> >> not water poured over hot rocks like a sauna/bath house.
> > 
> > I've tried to avoid stating the obvious reading through all this funny
> > thread, but I can't help it now.
> > 
> > Am I the only one thinking that shady lights, tropical fog, creepy
> > tunnels, blue/colored lights, and *waterfalls* are *bad* things in a
> > datacenter?
> > 
> > I mean, it make a good movie set, but seriously... I wouldn't want to be
> > looking for that damn blue "locator" LED on that 10th switch with a blue
> > neon light...
> 
> Not to mention dry ice = carbon dioxide which isn't particularly healthy 
> for the humans in that enclosed space.
> 
> --
> Jay Hennigan - CCIE #7880 - Network Engineering - [EMAIL PROTECTED]
> Impulse Internet Service  -  http://www.impulse.net/
> Your local telephone and internet company - 805 884-6323 - WB6RDV
> 
> 

Re: an over-the-top data center

[Jay Hennigan]

The Anarcat wrote:

On Tue, Dec 02, 2008 at 11:19:36AM -0500, Jeremy Jackson wrote:

Seems like dry-ice was used to make the "tropical fog" in the photos,
not water poured over hot rocks like a sauna/bath house.


I've tried to avoid stating the obvious reading through all this funny
thread, but I can't help it now.

Am I the only one thinking that shady lights, tropical fog, creepy
tunnels, blue/colored lights, and *waterfalls* are *bad* things in a
datacenter?

I mean, it make a good movie set, but seriously... I wouldn't want to be
looking for that damn blue "locator" LED on that 10th switch with a blue
neon light...


Not to mention dry ice = carbon dioxide which isn't particularly healthy 
for the humans in that enclosed space.


--
Jay Hennigan - CCIE #7880 - Network Engineering - [EMAIL PROTECTED]
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV

Re: an over-the-top data center

[The Anarcat]

On Tue, Dec 02, 2008 at 11:19:36AM -0500, Jeremy Jackson wrote:
> Seems like dry-ice was used to make the "tropical fog" in the photos,
> not water poured over hot rocks like a sauna/bath house.

I've tried to avoid stating the obvious reading through all this funny
thread, but I can't help it now.

Am I the only one thinking that shady lights, tropical fog, creepy
tunnels, blue/colored lights, and *waterfalls* are *bad* things in a
datacenter?

I mean, it make a good movie set, but seriously... I wouldn't want to be
looking for that damn blue "locator" LED on that 10th switch with a blue
neon light...

A. 

-- 
In god we trust, others pay cash.
- Richard Desjardins, Miami


signature.asc
Description: Digital signature

Re: an over-the-top data center

[Kurt Erik Lindqvist]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On 2 dec 2008, at 00.47, Randy Bush wrote:


Despite the huge amount of "content which transcends the language
barrier" [tip of the hat wbn], it is worth noting that there is
a non-trivial amount of language-/culture-specific traffic that
doesn't need or want to traverse globally (viz massive IXes & large
xTTH deplyoments in otherwise 'small' countries).  Sometimes that
maps near to the political boundaries.


 slide 6

of course, these data are a bit long in the tooth



I most say I agree with Randy, already in 2001 I had a presentation  
(that Randy and those of you at RIPE in Dubai saw a copy of in EIX-WG)  
based on data from the KPNQwest network - where we saw that data had  
shifted from 80% US based to 80% national or regional. This was a  
clear change in traffic patterns all across Europe, at least from the  
data that I saw then. And keep in mind that this was before p2p skewed  
the data of user behavior.


I have been arguing for the theory that

1. Dense exchange of traffic in Europe early on came as a result of 
a) Dereguation in the telco market
	b) Unwillingess to pay the "big US telcos" for exchange of local/ 
european traffic


2. The dense exchange of traffic made local services more viable and  
attractive

3. (2) Helped local(-language) services develop
4. (3) Helped the development of broadband adoption

I do realize that the above is a huge simplification (And the slide  
set is much longer, and the paper will be even longer), but there are  
still lessons to be learnt in how the local language services and  
dense peering developed in Europe.


Best regards,

- - kurtis -



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkk1dBcACgkQAFdZ6xrc/t66+wCdFttkZsBxN7UuHlIS8x3jWFE1
3E8An2mfO++tc2BjO918KDf7yq0XVMJo
=D078
-END PGP SIGNATURE-

Re: an over-the-top data center

[Daniel Golding]

On Nov 28, 2008, at 8:34 AM, Steven M. Bellovin wrote:


http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-center-fit-for-a-james-bond-villain/
(No, I don't know if it's real or not.)


--Steve Bellovin, http://www.cs.columbia.edu/~smb



It has become de rigeur in some parts of the colocation and wholesale  
datacenter space to have a media puff-piece done on your new  
datacenter. Typically, that puff-piece is full of hyperbole and  
contains lots of power and efficiency numbers that don't add up. The  
tech media is a willing participant and, while they don't know any  
better, they don't make the effort to pick up the phone and ask  
someone who might know a bit more than they do.


The classier datacenter providers generally don't do this stuff. For  
one thing, its an absolute waste of time - it generates a lot of  
worthless and time wasting leads for your sales force.


Daniel Golding

Re: an over-the-top data center

[Daniel Golding]

On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:


Måns Nilsson wrote:

Exactly where is of course known in the business, but not so well  
that it

is OK to post their locations on Nanog.


The problem with this mentality is that it does not deter those  
wishing

to do harm to the data centre or corporation.



There are in fact, numerous public information sources and commercial  
databases that list every major and minor colocation and datacenter in  
the world. Please do not assume that folks don't know where you are  
peering - they have street addresses, postal codes, satellite photos,  
and the name of the guard at the door.


- Daniel Golding

RE: an over-the-top data center

[Jeremy Jackson]

On Tue, 2008-12-02 at 10:33 +0100, Måns Nilsson wrote:

> > 4) With all of that fog and plant life, I wonder how they critically
> > manage humidity. [Or if they even do].
> 
> I have been told by people who have been working with the construction of
> this very site that it is an unusually dry cave. It is pretty high up by
> Stockholm standards, which helps. 
> 

Seems like dry-ice was used to make the "tropical fog" in the photos,
not water poured over hot rocks like a sauna/bath house.

-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

Re: an over-the-top data center

[Ian Mason]

On 1 Dec 2008, at 19:19, Lyndon Nerenberg wrote:



An alternative would be to run a microwave link to shore, but I'm  
not sure I would want to bet the farm on the mechanics necessary to  
keep the dish aligned.




Actually this is pretty straightforward. Systems exist for getting  
rock steady film from moving helicopters and I'm sure that a system  
that can keep a camera aimed at a point can do the same for a

microwave dish.

Ian

Re: an over-the-top data center

[Paul Cosgrove]

Mikael Abrahamsson wrote:

On Mon, 1 Dec 2008, Deepak Jain wrote:

3) No one cares if the server farm is blast proof (it isn't), if the 
connectivity in/out of it gets blasted (submessage: silos were meant 
to deliver one thing, datacenters aren't in the same operational 
model once they need connectivity to the outside world)


It's much easier to restore fiber connectivity in a time of crisis 
than it is to source hardware manufacturered at the other end of the 
world and have this set up properly. I do think there is value in 
keeping the hw safer than the connectivity to the outside.


I bet the military or emergency services can establish a 10km fiber 
stretch in a few hours. Replacing some telecom hw and set it up from 
scratch would probably take weeks (I'm not talking about a single 
router here).



Hi Mikael,

The speed with which fibre can be pulled will very much depend on the 
available paths and other resources.  It may be that the previous path 
of the damaged fibre may now be blocked or otherwise unavailable such 
that construction work is required.


As you say it is likely to be more difficult to recover from a problem 
at a datacentre due to the greater potential for damage and diversity of 
resources required.   The point has already been made that not all 
customers may be able to avail of site resilience due to the associated 
cost, and so may be reliant on the one datacentre.  In addition one 
thing which I do not think has been mentioned is that damage to a 
building may make the site unsafe and possibly injure staff; perhaps 
causing planning, coordination and implementation of site recovery to be 
considerably more complicated than simply replacing equipment.


Most customers would not be willing to pay extra to get hardened 
datacentres, so despite the complexities of recovery Deepak is largely 
right when he said that no one cares about blast proof server farms, at 
least in the peaceful parts of the world.


Paul.

RE: an over-the-top data center

[Måns Nilsson]

--On måndag, måndag 1 dec 2008 18.19.14 -0500 Deepak Jain <[EMAIL PROTECTED]>
wrote:

> 1) This datacenter is only 12,000 sq ft. (submessage: who cares?)

For some things, it is OK. It is not the only one, only the best marketed
one.
 
> 2) The generators are underground. A leak in their exhaust system kills
> everyone -- worse, a leak in their fuel tank or filler lines (when being
> filled from above) could do the same. Yes, you could address this with
> alarms (provided they work and are tested, etc).

The original design and purpose required internal gensets. Keeping them
inside is still  important for a number of reasons. This is the Baltic, not
San Diego. Rain, fog, snow, etc. Both intake and exhaust are normally
coupled to the outside via boulder-blocked blasted tunnels, so the gas path
is not connected to the inside. 

> 3) No one cares if the server farm is blast proof (it isn't), if the
> connectivity in/out of it gets blasted (submessage: silos were meant to
> deliver one thing, datacenters aren't in the same operational model once
> they need connectivity to the outside world)

See what Mikael wrote. 

> 4) With all of that fog and plant life, I wonder how they critically
> manage humidity. [Or if they even do].

I have been told by people who have been working with the construction of
this very site that it is an unusually dry cave. It is pretty high up by
Stockholm standards, which helps. 

-- 
Måns NilssonM A C H I N A

if it GLISTENS, gobble it!!


pgpQ4H83atMf8.pgp
Description: PGP signature

RE: an over-the-top data center

[Mikael Abrahamsson]

On Mon, 1 Dec 2008, Deepak Jain wrote:

3) No one cares if the server farm is blast proof (it isn't), if the 
connectivity in/out of it gets blasted (submessage: silos were meant to 
deliver one thing, datacenters aren't in the same operational model once 
they need connectivity to the outside world)


It's much easier to restore fiber connectivity in a time of crisis than it 
is to source hardware manufacturered at the other end of the world and 
have this set up properly. I do think there is value in keeping the hw 
safer than the connectivity to the outside.


I bet the military or emergency services can establish a 10km fiber 
stretch in a few hours. Replacing some telecom hw and set it up from 
scratch would probably take weeks (I'm not talking about a single router 
here).


--
Mikael Abrahamssonemail: [EMAIL PROTECTED]

Re: an over-the-top data center

[Dragos Ruiu]

On 28-Nov-08, at 7:35 PM, Gadi Evron wrote:


On Fri, 28 Nov 2008, Howard C. Berkowitz wrote:


It seems that all these cases are more under the bottom than over  
the top.




Every couple of years there is a story about some anti virus  
company, data center, or whatever running out of an old nuclear  
bunker/military base/middle of no where. It is exciting the first  
few times.



Hey I'll defend the interest in this one. They at least have cool  
architecture.
And to all the folks debating the form of security, let me also remind  
that massive redundancy always provides even more security than one  
very, very, hard point.


cheers,
--dr



--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada  March 16-20 2009  http://cansecwest.com
London, U.K. May 27/28 2009 http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp

Re: an over-the-top data center

[Randy Bush]

> Despite the huge amount of "content which transcends the language 
> barrier" [tip of the hat wbn], it is worth noting that there is
> a non-trivial amount of language-/culture-specific traffic that 
> doesn't need or want to traverse globally (viz massive IXes & large
> xTTH deplyoments in otherwise 'small' countries).  Sometimes that 
> maps near to the political boundaries.

 slide 6

of course, these data are a bit long in the tooth

randy

Re: an over-the-top data center

[Joe Provo]

On Mon, Dec 01, 2008 at 08:14:20PM +0100, Kurt Erik Lindqvist wrote:
[snip]
> On 1 dec 2008, at 15.08, Patrick W. Gilmore wrote:
[snip]
> >I don't think any IXP can become a significant player on the  
> >Internet today by only attracting participants from the country in  
> >question.  The Internet is not bound by political borders.   
> >(Usually. :)

Despite the huge amount of "content which transcends the language 
barrier" [tip of the hat wbn], it is worth noting that there is
a non-trivial amount of language-/culture-specific traffic that 
doesn't need or want to traverse globally (viz massive IXes & large
xTTH deplyoments in otherwise 'small' countries).  Sometimes that 
maps near to the political boundaries.

Joe [by all means, do not take this as a SPoF endorsement]

-- 
 RSUC / GweepNet / Spunk / FnB / Usenix / SAGE

RE: an over-the-top data center

[Deepak Jain]

Apologies to the list. 

I didn't know whether to fork this into a couple of replies, or just run with 
it. I chose the latter. 

1) This datacenter is only 12,000 sq ft. (submessage: who cares?)

2) The generators are underground. A leak in their exhaust system kills 
everyone -- worse, a leak in their fuel tank or filler lines (when being filled 
from above) could do the same. Yes, you could address this with alarms 
(provided they work and are tested, etc).

3) No one cares if the server farm is blast proof (it isn't), if the 
connectivity in/out of it gets blasted (submessage: silos were meant to deliver 
one thing, datacenters aren't in the same operational model once they need 
connectivity to the outside world)

4) With all of that fog and plant life, I wonder how they critically manage 
humidity. [Or if they even do].



To the question of carrier hotels and their supposed secrecy, etc. If you need 
connectivity to multiple providers, those providers know where the buildings 
are, and presumably so do most of their employees. If 500,000 people (say the 
top 10 companies together) know where the building is, it's not a secret. **

Carrier hotels aren't meant to be more secure than the lines coming into them. 
Those lines are coming in on unsecured poles, manholes and the rest. Their most 
dramatic failure modes are pretty obvious if not well-studied. Internet 
"security" [as in resilience] is built on the concept of a point-of-view of 
connectivity with multiple failures and routing around them -- NOT sacred nodes 
that cannot fail or universal end-to-end reachability. Internet "security" [as 
in integrity] is not something that's been proven on the Internet yet [general 
case, please no banter about encryption/quantum oscillation, etc].

Lots of people have already said this is dull -- it is, it is also a nice set 
of pictures.

** Submitted without proof. This covers all the buildings that make claims 
about not having their name on the door and have loading docks with no security 
on them. (you know who you are).

Deepak

Re: an over-the-top data center

[Jean-François Mezei]

[EMAIL PROTECTED] wrote:

> The Internet can be mission critical.  (Well, not really, but it's =20
> trying.)  And for something mission critical, a single point, no =20
> matter how well reinforced, is not good enough.

It may not be "mission critical" for any one particular client, but when
you bundle all of the separate non critical applications on the net, the
 impact of downtime on the population becomes important enough to be
seen as "critical".  Think about airlines expecting passengers to
check-in via the internet more and more so that they can reduce staff at
airports.


> The exchange point should _NOT_ be mission critical.  As I explained =20
> multiple times in the thread, if that is your only vector, your design =20=
> is broken.  Period.  Care to argue otherwise?

Fair enough. However, in a particular city, you may have difficulty
finding multiple different transit providers whose fiber trunks are
truly differently routed. It is bad enough that different transit
providers may share the same dark fibre cable out of the city.

Very large cities such as New York may make it much easier to find truly
independant transit links. But for small, medium cities, it becomes
harder (especially if geography limits the number of truly separate links).

In the end, to form a truly redundant service, you probably need to have
a presence in multiple cities, each with its own carrier hotel. And at
that point, each carrier hotel need not be "mission critical" because
you can continue service from another city.

But even if you have backup, you still want the carrier hotels to be
robust.  And if you can't afford to have data centres/networks in
different cities, you do want to have a robust interconnect to the
internet. Consider the number of small/medium size ISPs whose
infrastructrure is located at the carrier hotel where the local exchange
resides. To them, the availability of services at that carrier hotel is
mission critical because their bueiness depends on it, and they can't
afford to be in multiple locations.

Re: an over-the-top data center

[Lamar Owen]

On Monday 01 December 2008 16:34:26 Steven M. Bellovin wrote:
> On Mon, 1 Dec 2008 16:03:39 -0500
> Lamar Owen <[EMAIL PROTECTED]> wrote:
> > You mean something akin to Sealand's HavenCo?  Yes, I know that's an
> > old fort, and not a ship, but a similar concept at least.

> HavenCo, which ran a datacenter on the "nation" of Sealand, is
> no longer operating there:
> http://www.theregister.co.uk/2008/11/25/havenco/

Which shows how well the concept works; which is why I mentioned it

Re: an over-the-top data center

[Jim Popovitch]

On Mon, Dec 1, 2008 at 16:34, Steven M. Bellovin <[EMAIL PROTECTED]> wrote:
> HavenCo, which ran a datacenter on the "nation" of Sealand, is
> no longer operating there:

Which is the same story for most (if not all) of these hype-driven
"bullet-proof" data centers.

I recall a .com CEO espousing the capabilities of his
datacenter-inside-an-old-bank-vault to prevent DoS attacks such as the
one that had hit Yahoo! the week before.   I must say that the
provided dinner, drinks and Hummer Limo ride, to the DC, made the
humor of the CEO more enjoyable.   Sadly a lot of older pensioners
were eating his every word.   At that time I worked for an
equipment/services reseller and I persisted quietly, as best I could,
to save some people's life savings.   I felt like a diver witnessing a
herring infused shark fest.

-Jim P.

Re: an over-the-top data center

[Martin List-Petersen]

Steven M. Bellovin wrote:


HavenCo, which ran a datacenter on the "nation" of Sealand, is
no longer operating there:
http://www.theregister.co.uk/2008/11/25/havenco/ 



--Steve Bellovin, http://www.cs.columbia.edu/~smb
  


If you do a bit more research on that one, it never got to a serious 
point. They had one 802.11b onto the platform and never got very far 
with it. No fiber and no redundancy.


However the idea was a bit of a novelty, because it's claimed to be 
sovereign territory.


Kind regards,
Martin List-Petersen

--
Airwire - Ag Nascadh Pobal an Iarthar
http://www.airwire.ie
Phone: 091-865 968 

Re: an over-the-top data center

[Steven M. Bellovin]

On Mon, 1 Dec 2008 16:03:39 -0500
Lamar Owen <[EMAIL PROTECTED]> wrote:

> On Monday 01 December 2008 13:27:30 Danny McPherson wrote:
> > On a related noted, some have professed that adapting old
> > ships into data centers would provide eco-friendly secure
> > data center solutions.  
> 
> You mean something akin to Sealand's HavenCo?  Yes, I know that's an
> old fort, and not a ship, but a similar concept at least.
> 
> 
HavenCo, which ran a datacenter on the "nation" of Sealand, is
no longer operating there:
http://www.theregister.co.uk/2008/11/25/havenco/ 


--Steve Bellovin, http://www.cs.columbia.edu/~smb

Re: an over-the-top data center

[Lamar Owen]

On Monday 01 December 2008 13:27:30 Danny McPherson wrote:
> On a related noted, some have professed that adapting old
> ships into data centers would provide eco-friendly secure
> data center solutions.  

You mean something akin to Sealand's HavenCo?  Yes, I know that's an old fort, 
and not a ship, but a similar concept at least.

Re: an over-the-top data center

[Kurt Erik Lindqvist]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- -BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


Patrick,

On 1 dec 2008, at 02.33, Patrick W. Gilmore wrote:


On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:

The thing about a carrier hotel is that it cannot be a secret  
location

since you need to allow various carriers and ISPs to have physical
access to the building so they can install/manage their
servers/routers/switches.

The advantage of this swedish data centre is that even if its  
location
is well known, it is pretty hard to harm the building. You can't  
run a

truck full of explosives into it for instance.


Unfortunately, you also cannot run your own fiber there, colo  
equipment there, visit it for any reason, etc.


for the non-Stockholm locations that is not true. As a matter of fact,  
you will have to get your own fibers to Netnod there. As for co-lo of  
equipment, not as easy as in a neutral co-location. As for visits, why  
would you need to?


As for fibers, Stockholm has a fiber monopoloy run by the city of  
Stockholm. So you would have to buy fibers from that monopoloy in any  
case.


I was going to say 'this probably hinders customers adoption at  
NetNod', but I know for a fact the "probably" is superfluous.



That is your judgement. We have seen the largest growth for a long  
time in the last year.


Best regards,

- - - kurtis -



- -BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkk0MeMACgkQAFdZ6xrc/t7REACfThTzW+3+mvA0ttvViTTVmMfv
qgUAmwQyiuAaB/+vTD9wMtqCq7PDhw0F
=ycFe
- -END PGP SIGNATURE-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkk0PIgACgkQAFdZ6xrc/t727wCgvi0zOw4ivBe7AG98hb+DqoGI
qicAn0WKn/yUoqYLln2yP7GuxM16NHzT
=7Njx
-END PGP SIGNATURE-

Re: an over-the-top data center

[Kurt Erik Lindqvist]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- -BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On 1 dec 2008, at 15.08, Patrick W. Gilmore wrote:


On Dec 1, 2008, at 4:58 AM, Måns Nilsson wrote:

--On söndag, söndag 30 nov 2008 23.05.01 -0500 "Patrick W. Gilmore"
<[EMAIL PROTECTED]> wrote:


In Sweden, the reason to not choose NetNod (and to go with the  
smaller

exchangepoints) is price and only price. No swedish ISP I know of has
stated that the fact that the Stokab fibre is bought by the IXP and  
not the

ISP is a problem per se. Some might have a better wholesale deal than
NetNod has but that is still just about price.


I don't think any IXP can become a significant player on the  
Internet today by only attracting participants from the country in  
question.  The Internet is not bound by political borders.   
(Usually. :)



I am not trying to defend myself here, everyone is entitled to their  
opinion on which IX model works better than another, but it might be  
worth pointing something out in the history of Netnod. Because of the  
fiber monopoly in Stockholm, that pre-dates the estblishment of any  
neutral co-lo, the Swedish operators built their own datacenters.  
Therefor, when NEtnod was established, there simply was no single  
point where the operators could have established the switches. This  
was *one* of the reasons the bunkers where chosen.


Best regards,

- - - kurtis -



- -BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkk0M9kACgkQAFdZ6xrc/t4oHgCgq1JRMxde9eWYchUyQvQgnITY
PnAAn1K6C5Lird6GWKuPqRSEFfKinjU9
=SA80
- -END PGP SIGNATURE-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkk0N4wACgkQAFdZ6xrc/t6OfgCgitw9i+PsfM76nc1UqxAfHNbj
PJUAn3jjtA2xQlH/r4LqsXr1KU+N3VVZ
=3QNe
-END PGP SIGNATURE-

Re: an over-the-top data center

[Lyndon Nerenberg]

Not if the ship is literally encased in concrete at the shore.   
Which solves all your other problems as well.


But that's not a ship, it's a building.

There are even examples of actual free-floating ships which have  
been stable for a decade or more.


And many counter-examples.

--lyndon

Re: an over-the-top data center

[Seth Mattinen]

Patrick W. Gilmore wrote:

On Dec 1, 2008, at 2:19 PM, Lyndon Nerenberg wrote:

On 1-Dec-08, at 10:27 AM, Danny McPherson wrote:


On a related noted, some have professed that adapting old
ships into data centers would provide eco-friendly secure
data center solutions.


Your data connection to shore is going to be tenuous at best. One good 
blow strong enough to make you drag anchor and you kiss goodbye your 
fibre trunk connection. Putting that back in service is a bit more 
than a four hour splice job.


Not if the ship is literally encased in concrete at the shore.  Which 
solves all your other problems as well.


There are even examples of actual free-floating ships which have been 
stable for a decade or more.  See the floating casinos in Louisiana, 
which have been hit by hurricanes, and are still attached to shore by 
electricity, bits, and physically.




The same ones that were moved inland and deposited on top of someone's 
house? Hardly a good example of stable.


http://www.katrina.noaa.gov/helicopter/images/katrina-biloxi-miss-grand-casino2-2005.jpg

~Seth

Re: an over-the-top data center

[Patrick W. Gilmore]

On Dec 1, 2008, at 2:19 PM, Lyndon Nerenberg wrote:

On 1-Dec-08, at 10:27 AM, Danny McPherson wrote:


On a related noted, some have professed that adapting old
ships into data centers would provide eco-friendly secure
data center solutions.


Your data connection to shore is going to be tenuous at best. One  
good blow strong enough to make you drag anchor and you kiss goodbye  
your fibre trunk connection. Putting that back in service is a bit  
more than a four hour splice job.


Not if the ship is literally encased in concrete at the shore.  Which  
solves all your other problems as well.


There are even examples of actual free-floating ships which have been  
stable for a decade or more.  See the floating casinos in Louisiana,  
which have been hit by hurricanes, and are still attached to shore by  
electricity, bits, and physically.


--
TTFN,
patrick

Re: an over-the-top data center

[Patrick W. Gilmore]

On Dec 1, 2008, at 2:05 PM, Jean-François Mezei wrote:

Patrick W. Gilmore wrote:


End of day, an IXP is not some magical thing.  It is an ethernet
switch allowing multiple networks to exchange traffic more easily  
than

direct interconnection - and that is all it should be.  It should not
be mission critical.  Treating it as such raises the cost, and
therefore barrier to entry, which lowers its value.


Exchange points are often located in the same building as a carrier
hotel which houses infrastructure for many ISPs and many transit  
providers.


If you consider the internet is used only by teenage males to learn
about female anatomy (pictures and movies), then your statement is
acceptable. But with the Internet now used for serious applications,  
the

focus point of a carrier hotel and exchange becomes much more mission
critical.

Ane because it is a focus point, it becomes much harder to have
redundancy in the buildings (to provide for disaster tolerance). So  
the

natural avenue is to strenghten/re-inforce your one central building.


It is not.

The Internet can be mission critical.  (Well, not really, but it's  
trying.)  And for something mission critical, a single point, no  
matter how well reinforced, is not good enough.


The exchange point should _NOT_ be mission critical.  As I explained  
multiple times in the thread, if that is your only vector, your design  
is broken.  Period.  Care to argue otherwise?


And if the IXP is not your only vector, if your redundancy is greater  
than any single building however deeply it is buried, then that IXP /  
building / vector is not mission critical.  Treating it at such raises  
its price, which raises its barrier of entry, which lowers its utility.


Unless you think only NORAD-approved networks should peer?

--
TTFN,
patrick

Re: an over-the-top data center

[Lyndon Nerenberg]

On 1-Dec-08, at 10:27 AM, Danny McPherson wrote:


On a related noted, some have professed that adapting old
ships into data centers would provide eco-friendly secure
data center solutions.


Your data connection to shore is going to be tenuous at best. One good  
blow strong enough to make you drag anchor and you kiss goodbye your  
fibre trunk connection. Putting that back in service is a bit more  
than a four hour splice job.


An alternative would be to run a microwave link to shore, but I'm not  
sure I would want to bet the farm on the mechanics necessary to keep  
the dish aligned.


And what do you do when it's time to haul out and paint the bottom?!?

Then there is the matter of power. It wouldn't be very hard to DOS the  
entire operation by taking out the fuel barges.


I suppose you could permanently tie up to a pier, but at that point  
you're just a building with a leaky basement. I don't see how anyone  
could claim this is more secure than a purpose-built data centre. (And  
even at anchor, how do you stop someone from taking you out with  
something as simple as a drill?)


--lyndon (mailing via Wimax from S/V Bandido I, at the dock in  
Vancouver :-)

Re: an over-the-top data center

[Jean-François Mezei]

Patrick W. Gilmore wrote:

> End of day, an IXP is not some magical thing.  It is an ethernet  
> switch allowing multiple networks to exchange traffic more easily than  
> direct interconnection - and that is all it should be.  It should not  
> be mission critical.  Treating it as such raises the cost, and  
> therefore barrier to entry, which lowers its value.

Exchange points are often located in the same building as a carrier
hotel which houses infrastructure for many ISPs and many transit providers.

If you consider the internet is used only by teenage males to learn
about female anatomy (pictures and movies), then your statement is
acceptable. But with the Internet now used for serious applications, the
focus point of a carrier hotel and exchange becomes much more mission
critical.

Ane because it is a focus point, it becomes much harder to have
redundancy in the buildings (to provide for disaster tolerance). So the
natural avenue is to strenghten/re-inforce your one central building.

But availability s measured by the weakest link. You can have a bunker
data centre like the one shown in this thread, but if, at the end of the
day, all of a city's fibre links to the rest of the world follow the
same railway track right of way to exit the city (and cross the same
bridges) , then you still have a weak spot and central points of failure.

Re: an over-the-top data center

[Måns Nilsson]

--On måndag, måndag 1 dec 2008 11.53.58 -0500 "Patrick W. Gilmore"
<[EMAIL PROTECTED]> wrote:

> On Dec 1, 2008, at 11:06 AM, Måns Nilsson wrote:
> 
>>> End of day, an IXP is not some magical thing.  It is an ethernet  
>>> switch
>>> allowing multiple networks to exchange traffic more easily than  
>>> direct
>>> interconnection - and that is all it should be.  It should not be  
>>> mission
>>> critical.  Treating it as such raises the cost, and therefore  
>>> barrier to
>>> entry, which lowers its value.

Yes. I do not disagree. The alternates that popped up and made Netnod
switch to Ethernet from SRP were most welcome. SRR mode on that ring was
not funny, btw. 

> Of course knowing where the fiber is does not stop the backhoes.  It was
> obvious you were being silly, so I ignored it. 

Ok. Indeed. 

> By that logic, providers
> should not check any fiber path they purchase because it will not stop
> the backhoes.  I suspect most providers will continue to buy from
> multiple providers, check the paths themselves, ensure grooming onto a
> single path is not a problem, and several other perfectly valid
> operational best practices which are impossible at NetNod.

Netnod with the help of Stokab can guarantee that the two paths to switches
A and B are diverse. It is a normal requirement one can make (at a cost,
but that is to be expected) when sourcing Stokab fibre. They know where
their stuff is and understand the importance of getting it properly
separated. Other providers in Sweden are similar. I have no reason not to
trust them, having seen the inside of several large calls for tender on
dispersed path plants, with fibre paths well documented. That the path of
the last mile to the cave is hidden and secret is a very small problem. 
 
> OTOH: My paragraph above yours is a serious consideration, which you have
> blithely ignored.

Not so anymore, if I've understood correctly. 

Drop this dead horse? 
-- 
Måns NilssonM A C H I N A

Hello, GORRY-O!!  I'm a GENIUS from HARVARD!!


pgpyNJvCNkD4y.pgp
Description: PGP signature

Re: an over-the-top data center

[Danny McPherson]

On Nov 28, 2008, at 6:34 AM, Steven M. Bellovin wrote:


http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-center-fit-for-a-james-bond-villain/
(No, I don't know if it's real or not.)


I recall visiting something of this sort a couple
years back..

On a related noted, some have professed that adapting old
ships into data centers would provide eco-friendly secure
data center solutions.  I wonder if "pirates" were listed
anywhere in their business plan...

-danny

Re: an over-the-top data center

[Jeremy Jackson]

On Sun, 2008-11-30 at 23:05 -0500, Patrick W. Gilmore wrote:

> Now compare that to forcing every single participant to use unknown  
> fiber paths into an unknown facility.  When are these fibers groomed,  
> and onto which unknown paths?  Which fiber maintenance schedules might  
> impact me without my knowledge?  Which construction projects elsewhere  
> in the city might take me down and there's no way for me to even  
> predict that?  Etc., etc.
> 
> I would prefer to take my chances with the known quantity,  
> thankyouverymuch.  Feel free to do with your network as you please.
> 

I wonder if there is a solution, in general to diverse physical
routing... if you buy from multiple carriers, they might very well share
the same fibre condo, or the same dark fibre vendor.  if you buy
diversity from one vendor, with only handwaving as the guarantee, you
end up with Bell Canada's CO fire a couple years ago, that took down
things which were *supposed* to be redundant.

What are people's experience with knowing the physical routing?  NetNod
may be over-the-top secrecy wise, but are *any* carriers/facility
providers any more "free" with information about the details of where
their infrastructure is that supports the services you are buying?

It seems the general practice is to claim everything is on a
need-to-know basis, with the unspoken/unwritten caveat that nobody's
needs will ever be considered valid?

-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

Re: an over-the-top data center

[Patrick W. Gilmore]

On Dec 1, 2008, at 11:06 AM, Måns Nilsson wrote:

End of day, an IXP is not some magical thing.  It is an ethernet  
switch
allowing multiple networks to exchange traffic more easily than  
direct
interconnection - and that is all it should be.  It should not be  
mission
critical.  Treating it as such raises the cost, and therefore  
barrier to

entry, which lowers its value.


You did not answer my question on usability of fiber based on amount  
of

knowledge about where it is.


Of course knowing where the fiber is does not stop the backhoes.  It  
was obvious you were being silly, so I ignored it.  By that logic,  
providers should not check any fiber path they purchase because it  
will not stop the backhoes.  I suspect most providers will continue to  
buy from multiple providers, check the paths themselves, ensure  
grooming onto a single path is not a problem, and several other  
perfectly valid operational best practices which are impossible at  
NetNod.


OTOH: My paragraph above yours is a serious consideration, which you  
have blithely ignored.



As I said before, feel free to use what you please, where you please.   
Your network, your decision.  I frequently do things which would not  
be considered best practices in certain instances, but that does not  
make them valid for everyone everywhere, and I would not argue such.


--
TTFN,
patrick

Re: an over-the-top data center

[Måns Nilsson]

--On måndag, måndag 1 dec 2008 09.08.09 -0500 "Patrick W. Gilmore"
<[EMAIL PROTECTED]> wrote:

> I don't think any IXP can become a significant player on the Internet
> today by only attracting participants from the country in question.  The
> Internet is not bound by political borders.  (Usually. :)

There is a significant amount of traffic being exchanged between swedish
operators on Netnod. It might be the case that the broadband penetration in
Sweden justifies the establishment of local IXPen. 

This is however irrelevant to the discussion at hand -- or did you think
about some kind of issue with connectivity from Stockholm and abroad? At
least 3-4 providers sell connectivity into Stockholm on own fiber paths. Is
Netnod useless to you because you are not one of them? 
 
> As for the blasting of tunnels and national security angle, this is an
> IXP, not nuclear missile launch control.  It should not be your only
> vector to get bits from point A to B.  And if it is, then you have a
> larger problem than worrying about the facility withstanding physical
> attack.

It is an optimisation, a very well engineered one. 
 
> And no, attaching to multiple NetNod nodes is not a solution, since only
> Stockholm has a large number of participants.

Probably true for international clients. Less so for Swedish ISPen. 

> End of day, an IXP is not some magical thing.  It is an ethernet switch
> allowing multiple networks to exchange traffic more easily than direct
> interconnection - and that is all it should be.  It should not be mission
> critical.  Treating it as such raises the cost, and therefore barrier to
> entry, which lowers its value.

You did not answer my question on usability of fiber based on amount of
knowledge about where it is. 

-- 
Måns NilssonM A C H I N A

There's a little picture of ED MCMAHON doing BAD THINGS to JOAN RIVERS
in a $200,000 MALIBU BEACH HOUSE!!


pgpnhYBTVrhyn.pgp
Description: PGP signature

Re: an over-the-top data center

[Randy Bush]

hint: your continued ad homina do not help your argument

> By your logic, every IXP which has any participants is a good model and
> cannot be improved.

the criterion you set was success, not perfection.  netnod is quite
successful.

is this discussion successful?  i think not.  good bye and good night.

randy

Re: an over-the-top data center

[Patrick W. Gilmore]

On Dec 1, 2008, at 9:30 AM, Randy Bush wrote:


some go to sweden for the weather.  some go for netnode.  netnode does
not go to them.  and yes, netnod is bunkered up the ying yang.  qed.


By your logic, every IXP which has any participants is a good model  
and cannot be improved.  An obvious logical fallacy.  One could assume  
this means you have no clue what you are talking about, but I will  
give you the benefit of the doubt.


IOW: You are only interested in your word count.  QED.

--
TTFN,
patrick

Re: an over-the-top data center

[Randy Bush]

some go to sweden for the weather.  some go for netnode.  netnode does
not go to them.  and yes, netnod is bunkered up the ying yang.  qed.

randy

Re: an over-the-top data center

[Patrick W. Gilmore]

On Dec 1, 2008, at 9:12 AM, Randy Bush wrote:


I don't think any IXP can become a significant player on the Internet
today by only attracting participants from the country in question.


netnod is very successful.  i guess they must operate from more than
sweden, then, eh?


NetNod is successful.  Very is a matter of opinion.  As for "operate  
from more than sweden", that is trivial to confirm by looking at their  
member list.


So now that we have agreed, did you have a point, or just want to run  
up your word count?




engineers judge by results, not word count.


Wow, Randy, we are in agreement again.


To be clear, are you suggesting IXPs consider hiding their switches,  
forcing you to use a single fiber providers, not allowing anyone to  
know the path, etc.?  I want to be sure I understand what you mean,  
since "engineers" like to make serious points, not flippant sound bites.


--
TTFN,
patrick

Re: an over-the-top data center

[Randy Bush]

> I don't think any IXP can become a significant player on the Internet
> today by only attracting participants from the country in question.

netnod is very successful.  i guess they must operate from more than
sweden, then, eh?

engineers judge by results, not word count.

randy

Re: an over-the-top data center

[Patrick W. Gilmore]

On Dec 1, 2008, at 4:58 AM, Måns Nilsson wrote:

--On söndag, söndag 30 nov 2008 23.05.01 -0500 "Patrick W. Gilmore"
<[EMAIL PROTECTED]> wrote:



In Sweden, the reason to not choose NetNod (and to go with the smaller
exchangepoints) is price and only price. No swedish ISP I know of has
stated that the fact that the Stokab fibre is bought by the IXP and  
not the

ISP is a problem per se. Some might have a better wholesale deal than
NetNod has but that is still just about price.


I don't think any IXP can become a significant player on the Internet  
today by only attracting participants from the country in question.   
The Internet is not bound by political borders.  (Usually. :)



Now compare that to forcing every single participant to use unknown  
fiber
paths into an unknown facility.  When are these fibers groomed, and  
onto
which unknown paths?  Which fiber maintenance schedules might  
impact me
without my knowledge?  Which construction projects elsewhere in the  
city
might take me down and there's no way for me to even predict that?   
Etc.,

etc.


The fiber paths into these facilities are national security issues.  
Expect
them to be guarded accordingly (as in running them in specially  
blasted
tunnels 30-60 meters down in the ground for the last aggregated path  
to the
facility). I have not experienced more unpredictability nor more  
outages

because Netnod buys the cable than when the ISP does. Same cable. And
Stokab does indeed know where the cables are.


I'm glad to hear the fibers seem to be stable.  Past performance is no  
guarantee of future profits and all that, but it is good to know care  
has been taken in the past.


As for the blasting of tunnels and national security angle, this is an  
IXP, not nuclear missile launch control.  It should not be your only  
vector to get bits from point A to B.  And if it is, then you have a  
larger problem than worrying about the facility withstanding physical  
attack.


And no, attaching to multiple NetNod nodes is not a solution, since  
only Stockholm has a large number of participants.



End of day, an IXP is not some magical thing.  It is an ethernet  
switch allowing multiple networks to exchange traffic more easily than  
direct interconnection - and that is all it should be.  It should not  
be mission critical.  Treating it as such raises the cost, and  
therefore barrier to entry, which lowers its value.


--
TTFN,
patrick

Re: an over-the-top data center

[Måns Nilsson]

--On söndag, söndag 30 nov 2008 23.05.01 -0500 "Patrick W. Gilmore"
<[EMAIL PROTECTED]> wrote:

> On Nov 30, 2008, at 10:50 PM, Niels Bakker wrote:

>>> I was going to say 'this probably hinders customers adoption at  
>>> NetNod', but I know for a fact the "probably" is superfluous.

> I didn't say it would stop everyone.  Of course some people will not be
> deterred, but some absolutely have.

In Sweden, the reason to not choose NetNod (and to go with the smaller
exchangepoints) is price and only price. No swedish ISP I know of has
stated that the fact that the Stokab fibre is bought by the IXP and not the
ISP is a problem per se. Some might have a better wholesale deal than
NetNod has but that is still just about price.  

The alternative IPXen were started for two reasons, 

1. Price. At the time the first one got going NetNod was running OC48 SRP
as its fabric. (Anyone remember that technology?). The price of SRP
technology was simply too high for many small players, and required Cisco
gear, etc. 

2. Convenience and reduced marginal cost, ie. #1 again. Since the first
alternative (SOL-IX) was and is distributed, really small ASes could join
for the price of a patch cable and an interface.

> Now compare that to forcing every single participant to use unknown fiber
> paths into an unknown facility.  When are these fibers groomed, and onto
> which unknown paths?  Which fiber maintenance schedules might impact me
> without my knowledge?  Which construction projects elsewhere in the city
> might take me down and there's no way for me to even predict that?  Etc.,
> etc.

The fiber paths into these facilities are national security issues. Expect
them to be guarded accordingly (as in running them in specially blasted
tunnels 30-60 meters down in the ground for the last aggregated path to the
facility). I have not experienced more unpredictability nor more outages
because Netnod buys the cable than when the ISP does. Same cable. And
Stokab does indeed know where the cables are. 

> I would prefer to take my chances with the known quantity,
> thankyouverymuch.  Feel free to do with your network as you please.

Just because you know where the cable is the backhoes won´t find it? 
-- 
Måns NilssonM A C H I N A

I'll eat ANYTHING that's BRIGHT BLUE!!


pgpWf7B0SJBNi.pgp
Description: PGP signature

Re: an over-the-top data center

[Patrick W. Gilmore]

On Nov 30, 2008, at 10:50 PM, Niels Bakker wrote:

* [EMAIL PROTECTED] (Patrick W. Gilmore) [Mon 01 Dec 2008, 02:34 CET]:

On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:
The advantage of this swedish data centre is that even if its  
location is well known, it is pretty hard to harm the building.  
You can't run a truck full of explosives into it for instance.


Unfortunately, you also cannot run your own fiber there, colo  
equipment there, visit it for any reason, etc.


I was going to say 'this probably hinders customers adoption at  
NetNod', but I know for a fact the "probably" is superfluous.


I don't really get your reasoning here, Patrick.  What were you  
going to do?  Put your servers in the same racks as Netnod's  
switches?  Rate their patch fiber management skills?


I can buy the argument that there is one bit of infrastructure (a  
string of dark fiber) more between your router and the IX  
infrastructure than you will get in other locations but in this age  
of people connecting remotely to IXPs all the time this seems pretty  
minor, especially given the box full of advantages it gives the IXP  
operator regarding facility security and having a very clear  
demarcation point.


I didn't say it would stop everyone.  Of course some people will not  
be deterred, but some absolutely have.


And most people are uninterested in the "box full of advantages it  
gives the IXP operator".  Further, I would submit the "box full of  
advantages" are ephemeral at best, and arguably imaginary.  Name  
another major IXP anywhere on the planet that has ever had a single  
issue NetNod's model would have avoided.


Now compare that to forcing every single participant to use unknown  
fiber paths into an unknown facility.  When are these fibers groomed,  
and onto which unknown paths?  Which fiber maintenance schedules might  
impact me without my knowledge?  Which construction projects elsewhere  
in the city might take me down and there's no way for me to even  
predict that?  Etc., etc.


I would prefer to take my chances with the known quantity,  
thankyouverymuch.  Feel free to do with your network as you please.


--
TTFN,
patrick

P.S. The demarcation point thing is pure BS and you know it.

Re: an over-the-top data center

[Niels Bakker]

* [EMAIL PROTECTED] (Patrick W. Gilmore) [Mon 01 Dec 2008, 02:34 CET]:

On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:
The advantage of this swedish data centre is that even if its location 
is well known, it is pretty hard to harm the building. You can't run a 
truck full of explosives into it for instance.


Unfortunately, you also cannot run your own fiber there, colo 
equipment there, visit it for any reason, etc.


I was going to say 'this probably hinders customers adoption at 
NetNod', but I know for a fact the "probably" is superfluous.


I don't really get your reasoning here, Patrick.  What were you going 
to do?  Put your servers in the same racks as Netnod's switches?  Rate 
their patch fiber management skills?


I can buy the argument that there is one bit of infrastructure (a string 
of dark fiber) more between your router and the IX infrastructure than 
you will get in other locations but in this age of people connecting 
remotely to IXPs all the time this seems pretty minor, especially given 
the box full of advantages it gives the IXP operator regarding facility 
security and having a very clear demarcation point.



-- Niels.

--
"We humans get marks for consistency. We always opt for
 civilization after exhausting the alternatives."
-- Carl Guderian

RE: an over-the-top data center

[Tomas L. Byrnes]

>
>Fault free datacenters include neither people, nor computers, nor
>connectivity, nor HVAC,  nor electricity.  If you can eliminate those
>things you will have a 100% uptime datacenter.
>
>Andrew

Is this the network equivalent of Yin and Yang, or Darkness and Light
being the same?

Perhaps it is like an old joke:

"How many Microsoft programmers does it take to change a lightbulb?"
"None, they just make darkness the new standard."

I guess, if uptime is a measure of your promised availability, then if
you promise total unavailability, your uptime is 100% if no-one can
reach you during the measured period.

Not terribly useful, however, and likely to get breached, when those
with means want to find out what you're hiding.

Re: an over-the-top data center

[Andrew D Kirch]

Patrick W. Gilmore wrote:
> On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:
>
>> The thing about a carrier hotel is that it cannot be a secret location
>> since you need to allow various carriers and ISPs to have physical
>> access to the building so they can install/manage their
>> servers/routers/switches.
>>
>> The advantage of this swedish data centre is that even if its location
>> is well known, it is pretty hard to harm the building. You can't run a
>> truck full of explosives into it for instance.
>
> Unfortunately, you also cannot run your own fiber there, colo
> equipment there, visit it for any reason, etc.
>
> I was going to say 'this probably hinders customers adoption at
> NetNod', but I know for a fact the "probably" is superfluous.
>

Fault free datacenters include neither people, nor computers, nor
connectivity, nor HVAC,  nor electricity.  If you can eliminate those
things you will have a 100% uptime datacenter.

Andrew

Re: an over-the-top data center

[Patrick W. Gilmore]

On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:


The thing about a carrier hotel is that it cannot be a secret location
since you need to allow various carriers and ISPs to have physical
access to the building so they can install/manage their
servers/routers/switches.

The advantage of this swedish data centre is that even if its location
is well known, it is pretty hard to harm the building. You can't run a
truck full of explosives into it for instance.


Unfortunately, you also cannot run your own fiber there, colo  
equipment there, visit it for any reason, etc.


I was going to say 'this probably hinders customers adoption at  
NetNod', but I know for a fact the "probably" is superfluous.


--
TTFN,
patrick

Re: an over-the-top data center

[Wayne Feick]

On Fri, 2008-11-28 at 16:19 -0500, William Allen Simpson wrote:

> At one point some time ago, on NANOG we discussed putting exchanges in old
> minuteman silos.  (so long ago a quick Google didn't find it -- where are all
> the old NANOG archives?)
> 


http://markmail.org/search/?q=list%3Aedu.merit.nanog+silo+exchange

RE: an over-the-top data center

[Gadi Evron]

On Fri, 28 Nov 2008, Howard C. Berkowitz wrote:



It seems that all these cases are more under the bottom than over the top.



Every couple of years there is a story about some anti virus company, data 
center, or whatever running out of an old nuclear bunker/military 
base/middle of no where. It is exciting the first few times.


Gadi.

RE: an over-the-top data center

[Howard C. Berkowitz]

Buhrmaster, Gary wrote:
>
>
>> -Original Message-
>> From: Steven M. Bellovin [mailto:[EMAIL PROTECTED]
>> Sent: Friday, November 28, 2008 5:35 AM
>> To: nanog@nanog.org
>> Subject: an over-the-top data center
>>
>> http://royal.pingdom.com/2008/11/14/the-worlds-most-super-desi
>> gned-data-center-fit-for-a-james-bond-villain/
>> (No, I don't know if it's real or not.)
>
> One could consider purchasing the underground tunnels
> in downtown London that BT is selling to build a
> competing "over-the-top" data center.
>
> http://www.nytimes.com/2008/11/28/business/worldbusiness/28tunnel.html
>
>
It seems that all these cases are more under the bottom than over the top.

Re: an over-the-top data center

[Suresh Ramasubramanian]

On Sat, Nov 29, 2008 at 7:03 AM, Buhrmaster, Gary <[EMAIL PROTECTED]> wrote:
> One could consider purchasing the underground tunnels
> in downtown London that BT is selling to build a
> competing "over-the-top" data center.

That's a "below the surface" datacenter, innit?

srs (ok, I'll get my coat)

RE: an over-the-top data center

[Buhrmaster, Gary]

 

> -Original Message-
> From: Steven M. Bellovin [mailto:[EMAIL PROTECTED] 
> Sent: Friday, November 28, 2008 5:35 AM
> To: nanog@nanog.org
> Subject: an over-the-top data center
> 
> http://royal.pingdom.com/2008/11/14/the-worlds-most-super-desi
> gned-data-center-fit-for-a-james-bond-villain/
> (No, I don't know if it's real or not.)

One could consider purchasing the underground tunnels
in downtown London that BT is selling to build a
competing "over-the-top" data center.

http://www.nytimes.com/2008/11/28/business/worldbusiness/28tunnel.html

Re: an over-the-top data center

[Warren Kumari]

On Nov 28, 2008, at 4:33 PM, Joe Abley wrote:



On 2008-11-28, at 16:04, Jean-François Mezei wrote:


If you look at Toronto, the main carrier hotel is quite famous at 151
Front Street, very near to the main train station, convention  
centre etc
(aka: right at the core of the downtown). People who do not know  
about
the internet infrastructure may not realise what this building is  
about,

but anyone who knows how ISPs operate would know the strategic
importance of that building.


People who do not know that there's a Front Street East as well as a  
Front Street West also like to fight their way through the mantrap  
to front desk security and demand to see the dentist.


So if anybody ever finds an operational advantage to having  
equipment in a building regularly visited by people with bad teeth,  
bear that in mind.


Hey, some of the best network engineers I have met are British

W





Joe

Re: an over-the-top data center

[Joe Abley]

On 2008-11-28, at 16:04, Jean-François Mezei wrote:


If you look at Toronto, the main carrier hotel is quite famous at 151
Front Street, very near to the main train station, convention centre  
etc

(aka: right at the core of the downtown). People who do not know about
the internet infrastructure may not realise what this building is  
about,

but anyone who knows how ISPs operate would know the strategic
importance of that building.


People who do not know that there's a Front Street East as well as a  
Front Street West also like to fight their way through the mantrap to  
front desk security and demand to see the dentist.


So if anybody ever finds an operational advantage to having equipment  
in a building regularly visited by people with bad teeth, bear that in  
mind.



Joe

Re: an over-the-top data center

[J. Oquendo]

On Fri, 28 Nov 2008, William Allen Simpson wrote:

> At one point some time ago, on NANOG we discussed putting exchanges in old
> minuteman silos.  (so long ago a quick Google didn't find it -- where are 
> all
> the old NANOG archives?)
> 

http://www.irbs.net/internet/nanog/9708/0159.html
http://www.irbs.net/internet/nanog/9711/0154.html
http://www.irbs.net/internet/nanog/9610/0947.html
http://www.irbs.net/internet/nanog/0109/1619.html


=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP

"Each player must accept the cards life deals him
or her: but once they are in hand, he or she alone
must decide how to play the cards in order to win
the game." Voltaire

227C 5D35 7DCB 0893 95AA  4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E

Re: an over-the-top data center

[William Allen Simpson]

Måns Nilsson wrote:

These data centres are designed to Swedish military command center
specifications (not like Cheyenne Mountain but significantly better than,
say, a Minuteman site)


At one point some time ago, on NANOG we discussed putting exchanges in old
minuteman silos.  (so long ago a quick Google didn't find it -- where are all
the old NANOG archives?)

Re: an over-the-top data center

[Jean-François Mezei]

Måns Nilsson wrote:

> Exactly where is of course known in the business, but not so well that it
> is OK to post their locations on Nanog. 

The problem with this mentality is that it does not deter those wishing
to do harm to the data centre or corporation.

For banks, I think the biggest advantage of having a no-name building is
that the general public will not try to enter the building thinking that
there is a bank branch or ATMs available and then rudely be thrown out
by the guards.

If you look at Toronto, the main carrier hotel is quite famous at 151
Front Street, very near to the main train station, convention centre etc
(aka: right at the core of the downtown). People who do not know about
the internet infrastructure may not realise what this building is about,
but anyone who knows how ISPs operate would know the strategic
importance of that building.

The thing about a carrier hotel is that it cannot be a secret location
since you need to allow various carriers and ISPs to have physical
access to the building so they can install/manage their
servers/routers/switches.

The advantage of this swedish data centre is that even if its location
is well known, it is pretty hard to harm the building. You can't run a
truck full of explosives into it for instance.

Re: an over-the-top data center

[Måns Nilsson]

--On fredag, fredag 28 nov 2008 17.10.14 + Simon Waters
<[EMAIL PROTECTED]> wrote:

> I'm thinking physical security is over done in some data centers. Sure it
> is a  great idea to make sure no one steals the hardware, but much beyond
> that and  allowing in expected personnel only, it soon gets to being
> counter  productive.
> 
> I was once back-up for a facility so "secure" I never got to visit it?!
> I'm  not saying I might not have been that useful if I was ever called on
> to  provide support - guess we'll never know. Although for that one I did
> at  least happen to know where it was despite it not being sign posted.

There are places whose location we do not talk about, where important stuff
gets done, like peering. 

In Sweden, the Post and Telecommunications Authority has oversight over a
number of first-rate data centres that are designed for those bits and
pieces of infrastructure that need to work under all circumstances.
Typically they rent space to telcos and ISP's for things like important
central systems, backbone routers / transmission etc. The largest Internet
exchange in Sweden, Netnod, has its five largest sites in these facilities. 

These data centres are designed to Swedish military command center
specifications (not like Cheyenne Mountain but significantly better than,
say, a Minuteman site) to withstand a number of adverse conditions, like
near-misses from nuclear weapons, prolonged power outages, poison gas
clouds, etc. Typically, they are buried in bedrock close to major cities.
Exactly where is of course known in the business, but not so well that it
is OK to post their locations on Nanog. 

Yes, we've got excellent bedrock in Sweden, and we use it ;-) 
-- 
Måns NilssonM A C H I N A

I left my WALLET in the BATHROOM!!


pgpq9lJmA37Bp.pgp
Description: PGP signature

Re: an over-the-top data center

[Simon Waters]

On Friday 28 November 2008 16:41:45 Craig Holland wrote:
> Just me, or is showing the floorplan not the typical behavior of a
> super-secure anything?

I'm not sure anyone but the press are claiming anything is super secure there.

I can't imagine being in a bunker makes physical security worse (although it 
could make cooling, and working diesel backup generators more interesting).

Having had to visit data centres so secure they don't list their name on the 
front of the building, which is great for security till you need an engineer 
in a hurry and he is driving around looking for the building.

I'm thinking physical security is over done in some data centers. Sure it is a 
great idea to make sure no one steals the hardware, but much beyond that and 
allowing in expected personnel only, it soon gets to being counter 
productive.

I was once back-up for a facility so "secure" I never got to visit it?! I'm 
not saying I might not have been that useful if I was ever called on to 
provide support - guess we'll never know. Although for that one I did at 
least happen to know where it was despite it not being sign posted.

RE: an over-the-top data center

[Scott Morris]

It's the "double-dog-dare".  :)

Scott 

-Original Message-
From: Craig Holland [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 28, 2008 11:42 AM
To: Måns Nilsson; Steven M. Bellovin; NANOG
Subject: Re: an over-the-top data center

Just me, or is showing the floorplan not the typical behavior of a
super-secure anything?


--Original Message--
From: Måns Nilsson
To: Steven M. Bellovin
To: NANOG
Sent: Nov 28, 2008 6:52 AM
Subject: Re: an over-the-top data center

--On fredag, fredag 28 nov 2008 08.34.33 -0500 "Steven M. Bellovin"
<[EMAIL PROTECTED]> wrote:

> http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-dat
> a-c enter-fit-for-a-james-bond-villain/ (No, I don't know if it's real 
> or
> not.)

It is.

The server space is outside the blastproof area. Go figure.

-- 
Måns NilssonM A C H I N A

I'm into SOFTWARE!

Re: an over-the-top data center

[Patrick Giagnocavo]

Craig Holland wrote:
> Just me, or is showing the floorplan not the typical behavior of a 
> super-secure anything?
> 

You mean, security through obscurity?

--Patrick

Re: an over-the-top data center

[Craig Holland]

Just me, or is showing the floorplan not the typical behavior of a super-secure 
anything?


--Original Message--
From: Måns Nilsson
To: Steven M. Bellovin
To: NANOG
Sent: Nov 28, 2008 6:52 AM
Subject: Re: an over-the-top data center

--On fredag, fredag 28 nov 2008 08.34.33 -0500 "Steven M. Bellovin"
<[EMAIL PROTECTED]> wrote:

> http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-c
> enter-fit-for-a-james-bond-villain/ (No, I don't know if it's real or
> not.)

It is.

The server space is outside the blastproof area. Go figure.

-- 
Måns NilssonM A C H I N A

I'm into SOFTWARE!

Re: an over-the-top data center

[Raoul Bhatia [IPAX]]

Steven M. Bellovin wrote:
> http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-center-fit-for-a-james-bond-villain/
> (No, I don't know if it's real or not.)

more images:
http://www.archdaily.com/9257/pionen-%E2%80%93-white-mountain-albert-france-lanord-architects/

cheers,
raoul
-- 

DI (FH) Raoul Bhatia M.Sc.  email.  [EMAIL PROTECTED]
Technischer Leiter

IPAX - Aloy Bhatia Hava OEG web.  http://www.ipax.at
Barawitzkagasse 10/2/2/11   email.[EMAIL PROTECTED]
1190 Wien   tel.   +43 1 3670030
FN 277995t HG Wien  fax.+43 1 3670030 15

Re: an over-the-top data center

[Måns Nilsson]

--On fredag, fredag 28 nov 2008 08.34.33 -0500 "Steven M. Bellovin"
<[EMAIL PROTECTED]> wrote:

> http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-c
> enter-fit-for-a-james-bond-villain/ (No, I don't know if it's real or
> not.)

It is.

The server space is outside the blastproof area. Go figure.

-- 
Måns NilssonM A C H I N A

I'm into SOFTWARE!


pgpCUzpcYK6Q5.pgp
Description: PGP signature