Commentary Archives

I believe the Germans have a word for it: “Cloudkludge”


There’s an article from Jon Brodkin at Network World on the lack of interoperability standards in cloud computing. That is, one of the main benefits of virtualization and cloud computing is the ideal of developing an application once and being able to host it from any data center connected to the Internet. But as vendors try to compete, they may be tempted towards vendor lock-in. Applications developed on Amazon’s cloud computing platform won’t be easy to move to a competitive service, for example.

Since the whole point of cloud computing is essentially to turn IT infrastructure into a commodity, it can be very tempting to want to differentiate offerings by any means necessary. But because it is a commodity, standards of interoperability make cloud computing as a whole more useful overall.

Brodkin points out what the ideal of cloud interoperability can bring. From the Network World article:


  • Moving virtual machines and workloads from one cloud compute service to another.

  • Single sign-on for users who access multiple cloud services.

  • Ability to deploy and provision resources from multiple cloud services with a single management tool.

  • Letting one application span multiple cloud services (such as a storage service from one cloud provider and compute capacity from another).

  • Allowing data exchange between clouds.

  • Letting a private cloud application seamlessly obtain resources from a public cloud when excess capacity is needed.


“In more general terms, enterprises want to avoid using a plethora of cloud services with different interfaces, and don't want to be locked in to a particular cloud by technologies that prevent the movement of workloads from one to another.”


There are some efforts among cloud computing services to adhere to voluntary standards, for example, the “Open Cloud Manifesto” attempts to create an industry standard; though it’s hard to do so when the de-facto cloud computing 800 lb. gorilla, Amazon, isn’t part of the “Manifesto” group.

But one of the interesting things from a network performance standpoint about cloud interoperability is that if applications can interoperate from cloud host to cloud host, they can also, theoretically, be developed on the LAN/WAN and then moved, without much effort, to the cloud. This means that developers can code an application, baseline performance, and see what types of changes in performance occur when moved out to the cloud – or vice versa.

Indeed, interoperability makes it possible for applications which reside at the local data center to expand capabilities by going to the cloud whenever capacity outstrips demand – a way to prevent all your eggs from sitting in one basket.

For more background on this, you can check out this video Jim Metzler of Ashton-Metzler did with Cisco on cloud computing, and check out his entry in our Performance-First Insight Series, “The Management Challenges of Cloud Computing.”


Commentary Archives

Yankee Group: Fiber to Home carriers should focus on adoption


According to Brad Reed at Network World, the Yankee Group has been telling fiber-based Internet carriers in the U.S. that fiber penetration is much more important than grabbing average revenue per user. For this reason, the Yankee Group suggests that carriers start wholesaling the fiber out to smaller companies.

What’s interesting about this is that for years we in the U.S.have watched the rest of the industrialized world (with the notable exceptions of Australia and New Zealand) leapfrog us in the quality and penetration of broadband. According to the New York Times:

In Japan, broadband service running at 150 megabits per second (Mbps) costs $60 a month. The fastest service available now in the United States is 50 Mbps at a price of $90 to $150 a month.

In London, $9 a month buys 8 Mbps service. In New York, broadband starts at $20 per month, for 1 Mbps.

In Iceland, 83 percent of the households are connected to broadband. In the United States, the adoption rate is 59 percent.

One of the big differences between U.S. and them is the fact that many of the other companies have more competition among carriers, in many cases because larger telcos are required to offer fiber wholesale to resellers; the resulting competition drives prices down, leading to greater adoption, leading to faster speeds, etc. Why hasn’t the U.S. done this?

Mostly because in 2005, the U.S. Supreme Court ruled in the Brand X decision that cable operators are not required to open their broadband networks to other Internet service providers – specifically, they classified broadband as an “information service” rather than as a “common carrier” for communications. There are fewer regulations on information services than common carriers, and the political mood in Washington in 2005 was to trend towards deregulation, rather than regulation – which the FCC did.

This is why certain apartment complexes in Austin, for example, have only one choice for broadband.

On the other hand, other countries have ruled differently – that broadband Internet is a common carrier service.

The Yankee Group, however, has suggested that not selling broadband wholesale has been shortsighted for telecommunications companies, as it slows the rate of fiber adoption – even in areas of high population density.

"The copper networks that all broadband services rely on its more than 50 years old and it's dying," said Felten. "Soon or later it will need to be replaced with fiber. Fiber is the endgame and the telcos know it."

Reselling fiber may be slightly less profitable per user, but it is less risky, and it may increase the overall number of users – by creating lower prices through competition, by having multiple retailers increase product awareness through separate, overlapping marketing and advertising efforts, etc. Additionally, resellers can subsidize fiber rollout to a particular small market and focus all efforts there; a larger company might not do so, preferring to focus on only a few markets at one time, only rolling out fiber when they can be assured that enough people will buy the service to make it profitable. With wholesaling, they make a (smaller) profit immediately, and multiple retailers can market in multiple markets simultaneously.

Poor (or insufficient) broadband to the home is one of the things holding back adoption of remote computing and telecommuting. And while having people in the office may be easier from an IT perspective, it can hamper the business, as the added cost of floorspace for each employee may be a considerable factor as IT gets cheaper and real estate gets more expensive. So upgrading the public Internet infrastructure can be an overall good investment for private enterprises. The problem is, of course, that there are only a handful of companies that make decisions about U.S. broadband infrastructure – and quite frankly, your enterprise is not their problem.

Maybe that’s the best argument for allowing wholesale of broadband.


Commentary Archives

You’ve been struck by, you’ve been hit by, a news criminal


I thought about this blog post on Michael Jackson’s death for a while before writing it – on the fence as to whether it was relevant to readers, but I’ve been told over the past few days that it would make a good topic for the blog by more than a few people in the company.  But, quite frankly, I believe it to have absolutely no consequential effect on network performance, and his death, as well as the effects of his death on the Internet, really give us no new insight nor information about either networking or the Internet as a whole.  

An argument that Jackson’s death created a spike in traffic that took down Google News for 25 minutes could be made, and it’s more or less true that people searching for Michael Jackson weren’t able to access the site.  However, other news got through alright, as Google’s network performance preservations simply misinterpreted searches for Michael Jackson as a kind of a denial of service attack and redirected searchers to a static Web page.  A network performance problem in the sense that the end-users weren’t being properly served, but from Google’s perspective, what’s more likely: that you’re under DDOS, or that Michael Jackson actually died? 

Second, there’s the idea that the new media – TMZ.com, specifically - was able to get the news out an hour before CNN.  (Twitter beat CNN for access in the highly restrictive Iran, as well.) But just because Twitter reported Jacko’s death before the major television stations did, does not mean that they were accurate saying that Jeff Goldblum had died the same day from falling off a cliff in New Zealand. 

Goldblum himself went on the Colbert Report and debunked the myth by twittering himself, prompting Colbert to exclaim: “The Dead Can Twitter!” Eventually, Goldblum acquiesced, giving his own eulogy.  

The problem is that it’s not that New Media has met and surpassed the standards of traditional journalism, but that television journalism standards have dropped.  We’re not talking about sacrificing accuracy – though “The Today Show” on Nine Australia (not to be confused with the version with Al Roker) notably reported that “New Zealand Police confirmed that Goldblum died.”

You could make a case that CNN wasn’t willing to report on Michael Jackson until they could get a more reputable source than the one that TMZ used.  Even so, their actions regarding Iran show something else.  Right now, they are relying on Twitter posts – even re-appropriating the text as “sources” instead of having on-the-ground reporting in the Middle East.  CNN’s relevance in the 1990s, of course, was established by on-the-ground coverage of the Middle East and Tiananmen Square.

What this implies to me that, while Twitter has surpassed television as a news source, it is a hollow victory for new media, as television news organizations are simply not spending the money that they need to in order to have a worldwide presence and timely information; instead, it seems, the 24-hour news stations have been replaced by 24-hour talk shows where instead of breaking news, the current news of the day is instead discussed.  Done with care, there’s nothing wrong with this, but it does imply that the “news” organizations have conceded that breaking news belongs to the Internet, relegating their role to that of context provider. 

In short, Twitter beat CNN, but Twitter didn’t beat CNN at its prime.

Not that TV news and Internet news have to affect an adversarial role; indeed, CNN’s embrace (some would say over-embrace) of Twitter creates an additive relationship which can bring more context to the news; though I do not think that CNN, specifically, is using Twitter effectively – yet. 

As for Network Performance, maybe there were a few more searches for Jackson for a few hours, maybe there were a few more IMs and tweets on enterprise networks – though I doubt they affected things enough to affect network performance tremendously.


Commentary Archives

The Pirate Bay Sold for $7.8 million


The Pirate Bay, bane to Hollywood, is in the process of being acquired by a Swedish gaming company called “Global Gaming Factory X AB” (GGF) for 60M Swedish Kroner ($7.8M dollars) – 30M in cash, and 30M in stock.  To put that in perspective, the fine levied against the four defendants in the Pirate Bay trial was equal to 30M Kroner.  (Hmm…)

Not that the money from the sale will be used to pay the fine – the 60M is, according to the Pirate Bay Blog, the money will be going to fight The Pirate Bay’s political battles in Sweden and the EU: 


The old crew is still around in different ways. We will also not stop being active in the politics of the internets - quite the opposite. Now we're fueling up for going into the next gear. TPB will have economical muscles to let people evolve it. It will team up with great technicians to evolve the protocols. And we, the people interested in more than just technology, will have the time to focus on that. It's win-win-win.



The profits from the sale will go into a foundation that is going to help with projects about freedom of speech, freedom of information and the openess [sic] of the nets.


Global Gaming Factory, on the other hand, is going to try to take the PirateBay towards the “Napster” route – promising that they will go legal, and compensate copyright owners, disappointing Pirate Cat.


“We would like to introduce models which entail that content providers and copyright owners get paid for content that is downloaded via the site,” said Hans Pandeya, CEO GGF.

“The Pirate Bay is a site that is among the top 100 most visited Internet sites in the world. However, in order to live on, The Pirate Bay requires a new business model, which satisfies the requirements and needs of all parties, content providers, broadband operators, end users, and the judiciary,” said Pandeya.


Good luck with that.  The value for any company is in the Pirate Bay’s userbase, but the value for the users is illegal torrents.  Going legit – well, just look at Napster.  When was the last time you bought something from Napster?  Hell, when was the first time you bought something from Napster? 

Shutting down the Pirate Bay, of course, will harm copyright infringement just as much as shutting down Napster harmed music piracy; already, Peter Sunde is talking about decentralizing the servers

No one is completely sure what’s going to happen to The Pirate Bay after this; and, proving that you can’t spell “conspiracy” without “piracy,” there’s a theory on the Internet that Big Hollywood set up GGF as a front company in order to buy out the Pirate Bay.  ($7.8M is small change to an industry claiming billions or trillions of dollars in losses due to piracy.)  Plausible? Yes. Probable? No. 

But in any case, either The Pirate Bay will become decentralized or the users will move to other decentralized network to get their fix – which means that enterprises currently tracking non-business critical traffic from BitTorrent downloads by focusing only on The Pirate Bay’s one tracker server will have to readjust their configurations on the fly – and respond quickly to changing traffic patterns


How do you like Cisco Live so far?


Just a quick open-thread post for all of you in San Francisco attending Cisco Live! (a.k.a. Cisco Networkers.) If you’re attending, let us know what you think in our comments section.

And if you'd like to talk to us in person, NetQoS can be found at booth #807.


Commentary Archives

Take my routing table – please!


Here’s one of the big problems with experimenting to find a faster, more robust Internet architecture: Since there isn’t another computer network out there as big as the Internet, when you want to make grand changes to the way the Internet works, what do you test it out on before deploying?

This is a real problem, because a single accident taking out a trunk line can cause significant disruption – like, for example, those undersea cables cut by ship anchors.

Bennett Daviss at New Scientist wrote about these problems in an article entitled “Building a crash-proof Internet.” The main problem: While the Internet was designed to route around damaged lines and offline servers, the routers we have today are relatively slow at finding new paths. Improving all of the Internet’s routers individually with newer software to find paths quicker would cost billions, if not trillions. While the million dollar losses incurred by Internet outages are not small change, compared to the costs of upgrading, living with the temporary losses seems a viable option.

Additionally, even if the money could be put up front, any “improvements” may actually break stuff, creating the problem that the solution is supposed to prevent. You’d test before deployment if we were talking about a smaller scale enterprise network, but this is the Internet we’re talking about. There just isn’t any other network out there big enough to properly test for scale.

At least, not yet. The National Science Foundation is building an “at-scale” computer network for testing Internet technologies. Part of that network is an open-source program called OpenFlow, hosted at Stanford University, which can be added to standard routers, creating a remote interface to the router's flow table - the rules for handling traffic.

Having the ability to handle flow tables remotely may be a bit of a security risk, but it means that you can let human beings – or supercomputers designed to do nothing but crunch the numbers on routing tables – make routing decisions and send them back to the router. (I wonder if, theoretically, you could use data that one router gathers to help other routers make routing decisions faster.)

Additionally, OpenFlow can be used to spread communication between two specific computers over multiple paths, which may increase reliability and spread congestion more evenly. It can also be used to sort different types of traffic to use different paths – giving VoIP traffic to the lowest-latency path, and, say, non-streaming movie downloads to the largest-throughput path… or giving e-mails more priority than MP3 files.

This just seems like an interesting piece of technology which may impact the way that we observe Internet traffic in the mid-to-long term – so it might be worthwhile to keep an eye on it.


Commentary Archives

Google wants to make the Web faster


As reported in Network World and on the official Google Blog, Google’s been talking about ways to make the Web, as a whole, faster. Quoth the Google:


Many protocols that power the Internet and the web were developed when broadband and rich interactive web apps were in their infancy. Networks have become much faster in the past 20 years, and by collaborating to update protocols such as HTML and TCP/IP we can create a better web experience for everyone.


Typically, as far as computing is concerned, we’ve seen a trend that protocols and languages that were invented in the past were lightweight, compact fast models which ran on the past’s older hardware, replaced by more robust, but slower programs. WordPerfect 5.1 blazed on 286s, while the minimum requirements for Microsoft Office 2007 are 500MHz at the minimum. Yet, I think most people would choose Microsoft Office 2007 over WordPerfect 5.1.

But on the Internet, which requires more so than any other computer endeavor, standards, we have not seen a whole lot of this. TCP has developed a few variations, but mostly remains the same protocol invented in 1974, 1995’s HTML 2.0 code still works 15 years later on today’s javascript-enabled browsers.

By speeding up the Web, Google is pushing for faster adoption of new standards, such as HTML 5, designed to bring multimedia applications away from plug-ins such as Flash, Silverlight, and Java, and towards putting it into the interpreted HTML code itself. In fact, and this is pure speculation, creating a viable alternative to the Flash near-monopoly on Web multimedia would foster Google’s standing compared to their competitors – and maybe that’s why the announcment, which come down to: “Gee, wouldn’t it be nice if we had a faster way of doing things,” was worth Google making a big deal.

(An interesting sidenote: with the proprietary Flash, we wait on Adobe to make improvements to the code; with HTML 5 an open standard, code improvements would occur according to the standards association. I have no idea which would actually produce faster code improvements, but I do know that I’d rather code multimedia for free than pay Adobe for the Flash application.)

Protocols such as TCP/IP were invented at a time when bandwidth was much scarcer than it is now. Newer protocols which can better take advantage of more bandwidth are a natural evolution. “Less bandwidth used,” after all, doesn’t mean “better performance” just as no one will consider Word Perfect 5.1 for DOS running on 256k RAM more productive than Office 2007 running on 2GB.

Client computers – even the itty bitty ones we keep in our pockets, like Blackberries and iPhones – have become much more powerful since the days of yore, when dragons roamed the earth and wore Unix beards. One of the reasons that multimedia has grown so well on the Web over the past decade is because we now have computers that can handle more complex and more powerful tasks on the client-side. That is, there could be no YouTube HD if our computers couldn’t handle high definition video playback. There would be no Ajax, if JavaScript interpretation taxed our machines.

I do think it’s time for change in Internet standards. Then again, when is it not time for change in Internet standards? If you can measure the change in performance, and it’s a clear improvement over the old system, do it.


Commentary Archives

Another Book on the Barbie


While the world looks at Iranians getting past official government censorship via Twitter, in another part of the world, Internet filters imposed by the government are also causing problems.  We’re talking, once again, about Australia.

Australian Senator Conroy, who tried to bully a network engineer who pointed out that a mandatory Internet filtering scheme would be ineffective and create massive network performance problems, is now going after, of all things, World of Warcraft. 

A bit of background on this: In most industrialized nations, video games have ratings systems.  The United States uses the ESRB rating system, the U.K. uses the British Board of Film Classification, Europe uses PEGI, and Australia…

Well, Australia is a strange duck.  While in the United States we have the “M” rating for mature games, and PEGI and BBFC have 18/18+ ratings for games,  Austraila’s Office of Film and Literature Classification (OFLC) has no problem with the “R18+” rating for films – similar to our “R” rating, but it offers no “R” rating for video games – classification stops at MA15+ - or content suitable for 15 year olds. 

The effect of this has been that in Australia, retail sales of video games have been limited only to those that the ratings board feels are suitable for 15 year olds.  Never mind that the age of the average gamer in Australia is 28.  So in order to get a retail release in Australia, often violent games, such as Prototype, have to be censored and re-edited – or they cannot be sold in Australia’s retail stores.

Games requiring editing before they could be released in Australia include: “50 Cent: Bulletproof,” “Fallout 3,” and “Grand Theft Auto IV.”  In the case of Fallout 3, the only change was to rename an in-game drug from “morphine” to “Med-X.”

Anyway, Australian gamers could order these games internationally, or download them through the Internet, but the filtering scheme proposed by the government is set to be expanded to block any video games that do not receive a rating from the OFLC – and since the OFLC does not give an 18+ rating, the effect is to ban all game content not suitable for 15 year olds.

But this will affect one game in particular: “World of Warcraft.”  As Escapist Magazine writes:


MMOGs like World of Warcraft have so far been exempt from classification in Australia but could also be impacted by the scheme. "That exemption is the only reason why multi-player games with user-generated environments are possible in this country," said Mark Newton, an engineer and critic of the filtering plan. "Without it, it'd only take one game user anywhere in the world to produce objectionable content in the game environment to make the Australian Government ban the game for everyone."


It won’t work, of course.  But the reason why it won’t work is particularly important for network performance reasons – that is, the solution around most Internet censorships is through the use of proxies.  It’s how tweets are coming out of Iran, it’s how people access facebook at work.  With mandatory Internet filtering, however, Australian gamers are going to start using proxies in nearby countries – Japan, New Zealand, Singapore, etc., to bypass Australian censorship filters. 

And as much as this may seem like the punchline to a baudy geek joke, people spend way more time playing World of Warcraft than downloading Internet porn.   The information on how to set up a proxy overseas will spread very quickly.  This will cause a major change in traffic patterns in the entire Oceania/SE Asian region. 

So if your company has business interests in either region, it might be a good idea to make sure that you’re monitoring your network for changes in traffic densities in overseas lines – and make sure that no one’s desktop-computer WoW proxy impacts performance for the enterprise.


Commentary Archives

Citius, Altius, Fortius, Throughputious


When Cisco Live! (a.k.a. Cisco Networkers) starts up next week, every vendor is going to try to get you to their booth, learning about their products, and telling their stories. We’re no different.

I would like to take this time to point out that all the cool kids are going to booth 807 this year, and the more time you spend at booth 807, the cooler you are.

Now, anybody can make that claim about their booth. For example, we just did.

In all seriousness, I am really looking forward to the presentation on Tuesday, June 30th at 2:30 that NBC Universal is going to be giving along with Steve Harriman, our Senior VP of Marketing, at Cisco Live, because while there are “swagger stories” abounding in this industry, sometimes some stories are just too cool.

In this case: How do you send live coverage of the Beijing Summer Olympics through to television viewers, cable viewers, mobile device viewers, and Web viewers – data totaling 3.4 petabytes?

3.4 Petabytes is over three and a half million gigabytes. Put into context, if you put that on 1.44MB floppies, the height of the stack would be roughly 2500 miles - equal to the distance between New York and Los Angeles by air. In order to pull it off, NBC had to use three 155Mbps OC-3 pipes to get the footage from Beijing, of course, monitoring and maintaining the network the whole time.

There are plenty of stories about optimizing your network, but that’s a story I really want to hear – it’s a big task, no room for error, and only one shot to get it right. Plus, you know, it’s Television. Say what you will about mocking the “old” media in the age of the Internet, television has always been glamorous, exiting, and even today remains the best way to reach the most people. So, I’m pretty psyched about it.


Commentary Archives

Quality of Security


It’s not a particularly controversial statement that most of what we go through at the airport in the name of “security” is in actuality, “security theater,” as security expert Bruce Schneier wrote in “Beyond Fear.” Security theater measures are measures that don’t actually have any real effect or purpose towards keeping us safe, but they seem like they might, so we go through them anyway, and pay for them.

Whether or not the theatre creates a discouraging effect on attack attempts is debatable, and how much restriction on people’s behavior without any actual tangible benefit is acceptable to maintain the psychological discouragement, if any, is also very controversial.

What isn’t debatable is that airport travel is annoying as hell. The No Fly List has expanded tremendously, even for those of us lucky enough not to be on the list, we have to take our laptops out of our backpacks or briefcases and scan them separately, even taking off our shoes. Some airports are using a backscatter X-ray which means you’re essentially posing nude for the camera every time you walk through.

To quote Janice from The Muppets, “Listen, I don't take my clothes off for anyone, even if it is ‘artistic.’”

Anytime I quote the Muppets, it’s a sure sign I’m starting to get off-track. Anyway, where there’s annoyance, someone will try to make money by selling convenience, and airport security is no exception. In this case, it was the “Clear” lanes at airports, where you would pay $99 per year for a card that signified that you were a minimum security risk, and therefore you could be processed through airport security more quickly.

(Apparently, the main qualification for being a “minimum security risk” is being rich enough to blow $99 on a membership that gets you through lines faster. It also helps if your name isn’t Al Kyder or Terry Wrist.)

Despite some snags, such as “Clear” passengers unable to keep on their shoes or jackets, as they had hoped when Clear launched, Clear continued and it is the business success that it is today because of a savvy—

--Hold on, someone just handed me a note.

Ah. They failed, and are shutting down today.

Which brings me to the idea of doing QoS incorrectly. Yes, QoS priorities can help with making sure mission critical data gets there first, but stuff that isn’t mission critical, merely “mission nice-to-have” can get bogged down as well. If there is some external reason why every packet on the link seems to be performing slowly, maybe it’s a good idea to figure out what that reason is.

One of the reasons for long lines at security in airports (which themselves are a security risk – a suicide bomber could take out a planeload of people without even purchasing a ticket if he blew himself up in the security queue) is because of this security theatre. If that can’t be shown to be effective, maybe it’s time to do something different.

On the network, it doesn’t make a whole lot of sense to prioritize packets until you look at the entire network, from end-to-end, and figure out why the network is slow. Sometimes QoS prioritization is the answer. Other times, it may just be an expensive mask to a more deeply rooted problem.



1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59