Home page logo
/

nanog logo nanog mailing list archives

Points of Failure (was Re: National infrastructure asset)
From: Sean Donelan <sean () donelan com>
Date: Mon, 24 Sep 2001 07:19:23 -0400 (EDT)



On Mon, 24 Sep 2001, Alex Bligh wrote:
I think the effect on the Internet & Telecoms infrastructure
(as opposed more important things such as human life)
would have been far greater had the 2 NY planes hit 60 Hudson and
111 8th Avenue. These buildings are significant PoF in NY, and
NY itself is pretty much an SPoF as far as transatlantic communication
is concerned. A preplanned response would be useful here. Not having
the PoF's would be more useful.

There are, and always will be points of failure.  The mistake people
make is thinking they can build a bunker strong enough.  You can't
build a building, vault, bunker, missle silo which can withstand
everything.

The question is really how do you manage your network diversity.

The loss of something like 60 Hudson shouldn't cause more than
an annoying route flap in your network.  Exchange points like MAE-East
have completely failed in the past.  There have been multiple fiber
cuts in the same day.  Well designed networks continued to work.
Although I'l admit, it is hard work.  You can't rely on a carrier
to do it for you.  Grooming happens.

The biggest risk in most networks aren't the national exchange points,
although they get the press.  All national providers, and most regional
providers are interconnected to multiple geographically diverse points.

The point in the network with limited diversity is the LEC end-offices.
And I use "LEC" deliberately, because even if you use a CLEC, most of the
time you are using the LEC for the last mile.  You may have great path
diversity for 3,000 miles across the continent, but then you go through
140 West Street, or Rochelle Park or some other LEC office.  Even if you
thought you went through Broad Street, a lot of folks found out they
were in fact routed through West Street.

Ok, so I just said you can't build a bunker strong enough.  Are
carrier hotels, like 60 Hudson, history?  I don't think so.  They
have better diversity, better backup systems, and better security
than normal offices.  The concentration of bandwidth and carriers
allowed very fast restoration and re-routing between locations still
standing.  Carriers were using other carrier's circuits to restore
facilities.  We may see some movement away from downtown areas, where
the danger is a near miss instead of being a direct target.

If you can't afford to build your own colo, are you better off hanging
off a spoke from a LEC central office.  Or putting your equipment
in a building with built in diversity.  In general, it is best to
put your equipment as close as possible to the point of diversity.
You can do this by either moving the point of diversity close to you,
or moving your equipment closer to the diversity.  Being at the
end of a 6,000 foot T1 circuit to a CO is the worst of both worlds.
You will go down if an airplane hits either your office, or the CO,
or any point along that 6,000 feet of T1 circuit.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault