Archive

Posts Tagged ‘Hosting’

LISP – A solution for the Internet

December 22nd, 2009 Comments off
Reading Time: 6 minutes

Digging through a bunch of half written posts and I found this one I started on LISP about the time Draft v4 came out. I’ve been watching its slow development over the last year and a bit and thought I’d take a stab at what a possible cloud, and cloud computing, application would be.

Keeping in mind that it is a draft standard, and I am working with a limited understanding based on the draft document (to be honest I fall asleep every second paragraph reading this thing each time a new draft is released), and I thought I’d jot down a couple of possible and extrapolated scenarios.

What is it?

Locator/ID separator protocol. (LISP) is a draft protocol that proposes the separation of the an internet facing host address from that of the internet routable address. Edge routers translate and then encapsulate/de-encapsulate packets from their source end-point IDs (EID) to their location (RLOC).

What does all that mean? It simply means that that internet facing routers encapsulate, or tunnel, traffic between each other dynamically (they are able to look up the EID:RLOC mapping and do not require static tunnels/mappings).

This is an overly simplistic overview, however, detailed information on the function of the protocol is available in the draft proposal.

LISP was was created to address a number of things:

  • Improve multi-homing (for both service providers and end users);
    • through allowing the control of ingress traffic, something that cannot be cleanly done today with BGP,
  • allow for provider independent addressing;
  • reduce core routing table.

LISP does this, and more, by allowing end devices to be addressed, as chosen by the administrator, and only border/edge internet routers (Egress Tunnel Router – ETR or Ingress Tunnel Router ITR) need the ability to map or translate the Route Location (RLOC) to the End point ID (EID).

Read more…

Cloud computing protection – Is this the place for Law?

November 4th, 2009 Comments off
Reading Time: 3 minutes
Your Clown Contract

Your Clown Contract

I recently read an article written by James Urquhart entitled “Does cloud computing require malpractice safeguards?” in which he approaches the idea of imposing a mandated penalty for the failure of a provider to reasonably protect your data.

I had to ask myself a few questions:

  1. What would the potential laws be?
  2. Is it feasible to implement?
  3. What are the implications of implementing such a beast?
  4. What can you do?

What law?

In it James supplies two options:

  1. Pass “cloud consumer protection” laws. This was something that was briefly explored after I wrote my “Cloud Computing Bill of Rights” post in August of 2008. However, the folks who got involved at that time weren’t a) vendors or b) policymakers, so we didn’t get far.The biggest issue with using the law to enforce professional culpability is that it requires government bureaucracy for enforcement. That bureaucracy doesn’t exist today, and would be expensive to create.
  2. Allow for “cloud malpractice” suits. Oh, I know, I know. Most of you in the IT profession are squirming in your chairs right now, ready to jump down my throat about how medical malpractice has created as many problems as it has solved. Again, I don’t love this option, either.However, if Danger had lost arguably hundreds of thousands of dollars worth of data (or more) because it didn’t tangibly fear the reprisals that would come if it lost it, it would be nice to see a big ol’ sledgehammer of justice ready to rain down. I’m sorry, but failure to follow known professional practices is malpractice, and malpractice suits exist to punish those who forget that.

He does follow this up by stating that neither option is great.

Is it feasible?

Having a Cloud Computing code of conduct or a Cloud Computing Bill of Rights, that is administered by a working committee of some description, which is ascribed to by cloud computing providers would be a start, though there is little incentive for providers to do this. As James points out, getting something of this nature passed as a law takes a lot of political backing. Going through the steps to get it from the idea to a bill and eventually law is a long and ardous process (*) regardless of what country you live in.

Unless someone in the parliment is willing to push this agenda, or you have a bucket load of cash, it isn’t going to get anywhere.

Implications

A lot of the large cloud computing providers; Microsoft, Cisco, Google and Amazon, have multiple data centres scattered across the globe. How would the malpractice safeguards be universally applied, let alone enforced?

What can you do?

In this interim you are forced to hold your cloud computing provider to their SLAs. As pointed out in a previous post, ensure you know what you are getting when you sign that contract with regards to the level of protection the cloud computing provider is giving you. And if all else fails remember to vote with your feet. Providers will not get the message if you take it on the chin and continue to use their service.

(*) From what little research I’ve done on the matter.

Inter-cloud interoperability

August 18th, 2009 Comments off
Reading Time: 2 minutes

VMware_ESXiWith all the work going into things like OVF and working out how we’re going to make sure that the applications/servers operate in the way we want across supplier there is a few critical things that have yet to be addressed… These are Network related, specifically, Network portability, QoS and Security zone transference.

Currently OVF supports information around the virtual system i.e. Virtual Hardware Selection which could include a number of different components including Ethernet adapters, system requirements and a range of other options. Currently there isn’t a way to specify more detail.

For example the Ethernet Adapter section only allows for Logical Name grouping (OK and MAC address specification, but I won’t go there just yet), where all VMs with the same Ethernet Logical name are placed in the same segment. That’s well and good but how does that translate from my private, or corporate, network to a hosted one? Currently it doesn’t.

Whilst there is nothing on QoS, it is a very complex piece of negotiating ensuring that something gets the correct network priority (also only really applicable when looking at private links between hosting company and customer) when dealing inter-company (Then again priority of 1 VM over another in your sub domain, is a very real thing).

How about security zoning? Surely there could be a simple untrusted, semi-trusted and trusted/secure model put forward, ensuring that applications bundled in the OVF framework could be virtually segmented and separated by firewalls or just basic ACLs? I’m not saying that the rule base needs to be passed on, seriously, when have application developers been that switched on that they unerstand what port is on what, etc? But it would allow for smarter integration with something like Chris Hoff’s A6 idea. and ease some of the regulatory compliance pain.

I’ll be watching the standard closely as it progresses and more so once VMware’s vCloud platform is officially launched.

Cisco EOS.. Come again?

August 13th, 2009 Comments off
Reading Time: 2 minutes

ciscoCisco just announced their EOS platform today. Stepping up from a just supplying building blocks, Cisco now move into the Software as a Service (SaaS) space.

I’m still trying to get by head around this one but at first glance I think can see where it’s going. Cisco and Warner team up, build up a content management platform and then offer it to other Media and Entertainment providers, building themselves up into an online content provider (this is a SaaS offering afterall).

Cisco with their SOHO brand, Linksys, already play in the Home Media Network space, build the platforms and infrastructure that Telecommunication companies deliver their network on, and are starting to be big players in the Data Centre space. The next step would be to round it all off as a content provider too I suppose.

As @danieljbaird put it:

Cisco wants to move up the “value chain”, makes sense from their perspective. They want to sell business solns, not only technology. They don’t want to be a commodity.

Will be very interesting to see where Cisco goes with this. A lot of different players in the market are ramping up their content delivery capabilities in preparation for bigger badder better internet and whilst Cisco is partnered with some today, tomorrow could be a whole new game.