[109579] in North American Network Operators' Group
RE: an over-the-top data center
daemon@ATHENA.MIT.EDU (Deepak Jain)
Mon Dec 1 18:19:28 2008
From: Deepak Jain <deepak@ai.net>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Mon, 1 Dec 2008 18:19:14 -0500
In-Reply-To: <20081128083433.0e18c7e2@cs.columbia.edu>
Errors-To: nanog-bounces@nanog.org
Apologies to the list.=20
I didn't know whether to fork this into a couple of replies, or just run wi=
th it. I chose the latter.=20
1) This datacenter is only 12,000 sq ft. (submessage: who cares?)
2) The generators are underground. A leak in their exhaust system kills eve=
ryone -- worse, a leak in their fuel tank or filler lines (when being fille=
d from above) could do the same. Yes, you could address this with alarms (p=
rovided they work and are tested, etc).
3) No one cares if the server farm is blast proof (it isn't), if the connec=
tivity in/out of it gets blasted (submessage: silos were meant to deliver o=
ne thing, datacenters aren't in the same operational model once they need c=
onnectivity to the outside world)
4) With all of that fog and plant life, I wonder how they critically manage=
humidity. [Or if they even do].
----
To the question of carrier hotels and their supposed secrecy, etc. If you n=
eed connectivity to multiple providers, those providers know where the buil=
dings are, and presumably so do most of their employees. If 500,000 people =
(say the top 10 companies together) know where the building is, it's not a =
secret. **
Carrier hotels aren't meant to be more secure than the lines coming into th=
em. Those lines are coming in on unsecured poles, manholes and the rest. Th=
eir most dramatic failure modes are pretty obvious if not well-studied. Int=
ernet "security" [as in resilience] is built on the concept of a point-of-v=
iew of connectivity with multiple failures and routing around them -- NOT s=
acred nodes that cannot fail or universal end-to-end reachability. Internet=
"security" [as in integrity] is not something that's been proven on the In=
ternet yet [general case, please no banter about encryption/quantum oscilla=
tion, etc].
Lots of people have already said this is dull -- it is, it is also a nice s=
et of pictures.
** Submitted without proof. This covers all the buildings that make claims =
about not having their name on the door and have loading docks with no secu=
rity on them. (you know who you are).
Deepak
