[LINK] The rallies???
jon.seymour at gmail.com
Wed Dec 17 11:13:17 EST 2008
What, if anything, of your analysis changes, given the claims made here:
On Wed, Dec 17, 2008 at 10:22 AM, Glen Turner <gdt at gdt.id.au> wrote:
> From a design point of view it's a useless number.
> Let's pretend to be an ISP happy to implement filtering.
> Can you select a router based on its ability to filter
> 10,000 URLs? No, because the government isn't limiting
> itself to that number. If you select hardware based
> on 10,000 and performance folds at 50,000 then if the
> list grows to 50,000 then you've blown at least $5m.
> What would have been a useful design number would be
> a ceiling to the number of URLs the government
> will attempt to block.
> Also note that routers aren't set up to deal with these
> sort of numbers. It's going to have to be speciality
> code in a forwarding-plane CPU, so 300-600Mbps throughput
> per CPU, with a practical limit of about 6 CPU per chassis.
> Even that's being generous, since those 6 CPUS will occupy
> about 3 to 6 slots, leaving precious few slots to be
> occupied by interface cards (and interface cards is the
> whole point of a router).
> What the government are testing *isn't* what any sane
> ISP would deploy.
> The form factor is all wrong. PC form factors aren't
> good routers. By the time you beef them up with hot
> swap and redundant everything you've paid more than
> for a router. Yet the government testing is very
> focussed on PC form factors.
> The software is all wrong. These things are going to
> sit in the forwarding plane. That is, they will need
> to run a routing protocol, so outages can be detected
> and routed around. The government isn't even requiring
> the offered software solutions to run a basic routing
> protocol like OSPF, let alone the IS-IS used by many
> The only solution which makes sense is a router-hosted
> solution. Which means that the trial should really
> have been limited to Cisco and Juniper's routers.
> Anything else is merely show.
> The other thing that hasn't been mentioned is timelines.
> Both of those routers will need code written: there is
> no feature that will do this job with that many URLs.
> The trial isn't funding development of that software,
> and its not plain how they'd make the vendors cooperate
> in any case.
> Those forwarding-plane CPUs are slow and have limited
> memory (both a result of heat dissipation issues). Using
> a trial from PCs with unlimited power supply and
> heat exhaust says nothing about the performance of
> a forwarding plane CPU roughly equivalent to a
> Pentium III with 256MB of RAM.
> When the initial report was released I was strongly
> critical of its errors. My absolute pick of that
> bunch being that packet size changes depending upon
> congestion. I love that error and I'll be using it
> as a pass/fail exam question.
> What the trial documents show is that the government
> hasn't educated itself despite that embarrassment.
> Glen Turner <http://www.gdt.id.au/~gdt/>
> Link mailing list
> Link at mailman.anu.edu.au
More information about the Link