On 4/12/2010 7:22 AM, Suresh Ramasubramanian wrote:
The man did say "carrier class" .. not "small webhost for four families and dog".
yes he did Suresh ... meaning that something larger and more secure than the off-the-shelf copy of Linux is needed. Funny the NSA and many others would disagree with you.
You're talking multiple mailservers + filtering gateways / appliances etc, clustered ..
or layered as stages within a new system design based on GPU's which allow for the specific assignment of threads of control to specific processes. Imaging a cloud type environment running in a single GPU with the abililty to properly map threads to GPU threads.
rather tough to do that with one pizzabox 1U running a linux that's not updated in years and configured with webmin.
OK our server is 3U but that was because I wanted bigger fans inside it... The 1U single TESLA based email GW is exactly what you describe - a 512 thread CUDA based GPU with serious capabilities therein. FYI CUDA, and the embedded nVidia GPU's changed that. Do have any idea how fast the email filters run in a CUDA, I do... and its mindblowing. Hell the TESLA family of card's 90 to 128 parallel threads of control per GPU Core can be assigned through CUDA to specific processes and whamo - more OS horse power than you know what to do with. The high end cards generally have 2 or 4 GPU's making the total thread count from 180 to 512 based on the model. The Pentium 4 sports a whopping four (4) threads of control... 1 per core. We use 8800's for end-node systems and the larger TESLA based service modules in scaleable production systems. The cool part is running NTP in the embedded CUDA card with permanently assigned TOC's (*threads of control) so that the process never blocks. That and the 1PPS disciplining makes time available to everything in the system. As to who's appliances do and dont' - ------------------------------------- IronPORT is a FreeBSD type deployment so it does... most of the Linux Appliance systems can but many of them don't like Barracuda for instance. In fact you may want to call Barracuda and ask for Stephen Gee or Steven Pao - both of them will tell you they will not be upgrading to a secure NTP version for some time unless the customer's demand it. Their emails (Stephen and Steven's) are SPao@Barracuda.COM and SGee@Barracuda.COM so now you can ask them for yourself. Or whether that's a bigger constraint than an
underpowered linux box? :)
Yeah - see a linux box with a Quad Pentium and a CUDA is a carrier class device especially if its a dual-processor and has redundant bus and power supplies. In fact these same systems are also used in submicrosecond trading (aka Algorthmic trading) so yes of course - they are weak and unscaleable systems right??? (not really Suresh).
On Mon, Apr 12, 2010 at 7:48 PM, todd glassey <tglassey@earthlink.net> wrote:
Yes William, but realize that was an "easiest method" solution. There are any number of others as well.
The point is that integrating an appliance type functionality is pretty easy if you bother to take the time.
What I really wanted to point out is how many of the devices dont allow authenticated NTP meaning they are worthless from an evidence perspective, something that we as network engineers are constrained by as well.