[LINK] The rallies???

Jon Seymour jon.seymour at gmail.com
Wed Dec 17 11:13:17 AEDT 2008 

Glen,

What, if anything, of your analysis changes, given the claims made here:

      http://computerworld.co.nz/news.nsf/netw/B19B97FFCABDB41FCC257520001096CF

jon.

On Wed, Dec 17, 2008 at 10:22 AM, Glen Turner <gdt at gdt.id.au> wrote:
>  From a design point of view it's a useless number.
>
> Let's pretend to be an ISP happy to implement filtering.
>
> Can you select a router based on its ability to filter
> 10,000 URLs?  No, because the government isn't limiting
> itself to that number.  If you select hardware based
> on 10,000 and performance folds at 50,000 then if the
> list grows to 50,000 then you've blown at least $5m.
>
> What would have been a useful design number would be
> a ceiling to the number of URLs the government
> will attempt to block.
>
> Also note that routers aren't set up to deal with these
> sort of numbers.  It's going to have to be speciality
> code in a forwarding-plane CPU, so 300-600Mbps throughput
> per CPU, with a practical limit of about 6 CPU per chassis.
> Even that's being generous, since those 6 CPUS will occupy
> about 3 to 6 slots, leaving precious few slots to be
> occupied by interface cards (and interface cards is the
> whole point of a router).
>
> What the government are testing *isn't* what any sane
> ISP would deploy.
>
> The form factor is all wrong. PC form factors aren't
> good routers. By the time you beef them up with hot
> swap and redundant everything you've paid more than
> for a router.  Yet the government testing is very
> focussed on PC form factors.
>
> The software is all wrong.  These things are going to
> sit in the forwarding plane. That is, they will need
> to run a routing protocol, so outages can be detected
> and routed around.  The government isn't even requiring
> the offered software solutions to run a basic routing
> protocol like OSPF, let alone the IS-IS used by many
> ISPs.
>
> The only solution which makes sense is a router-hosted
> solution.  Which means that the trial should really
> have been limited to Cisco and Juniper's routers.
> Anything else is merely show.
>
> The other thing that hasn't been mentioned is timelines.
> Both of those routers will need code written: there is
> no feature that will do this job with that many URLs.
> The trial isn't funding development of that software,
> and its not plain how they'd make the vendors cooperate
> in any case.
>
> Those forwarding-plane CPUs are slow and have limited
> memory (both a result of heat dissipation issues). Using
> a trial from PCs with unlimited power supply and
> heat exhaust says nothing about the performance of
> a forwarding plane CPU roughly equivalent to a
> Pentium III with 256MB of RAM.
>
> When the initial report was released I was strongly
> critical of its errors. My absolute pick of that
> bunch being that packet size changes depending upon
> congestion. I love that error and I'll be using it
> as a pass/fail exam question.
>
> What the trial documents show is that the government
> hasn't educated itself despite that embarrassment.
>
> --
>  Glen Turner   <http://www.gdt.id.au/~gdt/>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list