At 7:03 PM -0400 6/14/06, Matt Buford wrote:
There is also strong demand among web hosting customers to scatter sites across multiple /24's due to search engine optimization.
I hear this line of thinking often, but to me it sounds like bulls^X^X^X^X^X... um, "folklore". When our customers/salesdroids ask for it, I (politely) refuse. We acquired a hosting operation in 2004 that had blown a full /20 on literally a rack and a half of hardware, and I was aghast at what a nightmare that was. We're still untangling that mess.
Anyway, if somebody could enlighten me to definitive proof, or stated policy by Goo... er "search engines", that confirms this "search engine result optimization by blatant abuse of IP addresses" I'd appreciate it. I for one believe it is bunk dreamt up by somebody trying to sell something. If it is true though, I would have to say that it "is evil" and I would imagine many folks here (and not to mention ARIN, RIPE, et al) would agree.
I think you're 100% right. AFAIK it *is* just folklore. But unfortunately, SEO's have to make their money somehow and all too often it seems they make their money making up crap like this. Then all the sheep that lap up every word that comes out of their favorite SEO's mouth start demanding whatever the latest craze in SEO is. This creates opposing pressures between the need to maintain a secure, reliable infrastructure and your salesdroids begging for whatever the clients are requesting. It's a tough balance to strike...best practices are all well and good, but rigid inflexibility is unlikely to win you many clients. (Especially when you consider that the vast majority of the webhosting clients out there couldn't care less about security until it affects them.) It's a shame, but the reality is I think market forces pressure most of us into making technology decisions against our better judgement from time to time. So does it surprise me in the least that there are datacenters out there running hundreds of customers out of one giant subnet? No, not one bit. Will it eventually come back to bite them, causing countless hours and $$$ to clean up the situation when it does? Inevitably. But I don't believe it's done out of ignorance in most cases. I honestly can't believe there is that much rampant incompetence out there. To me it's more likely to be a bunch of network geeks *who know better* kowtowing to pressures from management to deliver what customers are demanding, security risks be damned. But maybe that just highlights a niche market just waiting to be exploited. I imagine there's money to be made marketing security devices that allow for the convenience of being able to assign IP's on a one-by-one basis while still protecting against the various nonsense that can create, all with an easily manageable interface. Doesn't seem to far-fetched. The tools and technology already exist, just a matter of putting them all together and making it easy. Andrew Cruse