[188370] in North American Network Operators' Group
Re: Why the US Government has so many data centers
daemon@ATHENA.MIT.EDU (Todd Crane)
Sat Mar 19 00:28:11 2016
X-Original-To: nanog@nanog.org
From: Todd Crane <todd.crane@n5tech.com>
In-Reply-To: <CANjVB-hX3sGfDO+hq0YamjmJVCPHFf6zbkDk5acBJgO_oNvBJg@mail.gmail.com>
Date: Fri, 18 Mar 2016 22:28:04 -0600
To: George Metz <george.metz@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I was trying to resist the urge to chime in on this one, but this discussion=
has continued for much longer than I had anticipated... So here it goes
I spent 5 years in the Marines (out now) in which one of my MANY duties was t=
o manage these "data centers" (a part of me just died as I used that word to=
describe these server rooms). I can't get into what exactly I did or with w=
hat systems on such a public forum, but I'm pretty sure that most of the ser=
vers I managed would be exempted from this paper/policy.
Anyways, I came across a lot of servers in my time, but I never came across o=
ne that I felt should've been located elsewhere. People have brought up the c=
ase of personal share drive, but what about the combat camera (think public r=
elations) that has to store large quantities (100s of 1000s) of high resolut=
ion photos and retain them for years. Should I remove that COTS (commercial o=
ff the shelf) NAS underneath the Boss' desk and put in a data center 4 miles=
down the road, and force all that traffic down a network that was designed f=
or light to moderate web browsing and email traffic just so I can check a bo=
x for some politician's reelection campaign ads on how they made the governm=
ent "more efficient"
Better yet, what about the backhoe operator who didn't call before he dug, a=
nd cut my line to the datacenter? Now we cannot respond effectively to a nat=
ural disaster in the Asian Pacific or a bombing in the Middle East or a plat=
oon that has come under fire and will die if they can't get air support, all=
because my watch officer can't even login to his machine since I can no lon=
ger have a backup domain controller on-site
These seem very far fetched to most civilian network operators, but to anybo=
dy who has maintained military systems, this is a very real scenario. As men=
tioned, I'm pretty sure my systems would be exempted, but most would not. Wh=
en these systems are vital to national security and life & death situations,=
it can become a very real problem. I realize that this policy was intended f=
or more run of the mill scenarios, but the military is almost always grouped=
in with everyone else anyways.=20
Furthermore, I don't think most people realize the scale of these networks. N=
MCI, the network that the Navy and Marine Corps used (when I was in), had ov=
er 500,000 active users in the AD forest. When you have a network that size,=
you have to be intentional about every decision, and you should not leave i=
t up to a political appointee who has trouble even checking their email.=20
When you read how about much money the US military hemorrhages, just remembe=
r....=20
- The multi million dollar storage array combined with a complete network ov=
erhaul, and multiple redundant 100G+ DWDM links was "more efficient" than a c=
ouple of NAS that we picked up off of Amazon for maybe $300 sitting under a d=
esk connected to the local switch.=20
- Using an old machine that would otherwise be collecting dust to ensure tha=
t users can login to their computers despite conditions outside of our contr=
ol is apparently akin to treason and should be dealt with accordingly.
</rant>
--Todd
Sent from my iPad
> On Mar 14, 2016, at 11:01 AM, George Metz <george.metz@gmail.com> wrote:
>=20
>> On Mon, Mar 14, 2016 at 12:44 PM, Lee <ler762@gmail.com> wrote:
>>=20
>>=20
>> Yes, *sigh*, another what kind of people _do_ we have running the govt
>> story. Altho, looking on the bright side, it could have been much
>> worse than a final summing up of "With the current closing having been
>> reported to have saved over $2.5 billion it is clear that inroads are
>> being made, but ... one has to wonder exactly how effective the
>> initiative will be at achieving a more effective and efficient use of
>> government monies in providing technology services."
>>=20
>> Best Regards,
>> Lee
>=20
> That's an inaccurate cost savings though most likely; it probably doesn't
> take into account the impacts of the consolidation on other items. As a
> personal example, we're in the middle of upgrading my site from an OC-3 to=
> an OC-12, because we're running routinely at 95+% utilization on the OC-3
> with 4,000+ seats at the site. The reason we're running that high is
> because several years ago, they "consolidated" our file storage, so instea=
d
> of file storage (and, actually, dot1x authentication though that's
> relatively minor) being local, everyone has to hit a datacenter some 500+
> miles away over that OC-3 every time they have to access a file share. And=
> since they're supposed to save everything to their personal share drive
> instead of the actual machine they're sitting at, the results are
> predictable.
>=20
> So how much is it going to cost for the OC-12 over the OC-3 annually? Is
> that difference higher or lower than the cost to run a couple of storage
> servers on-site? I don't know the math personally, but I do know that if w=
e
> had storage (and RADIUS auth and hell, even a shell server) on site, we
> wouldn't be needing to upgrade to an OC-12.
