On Thu, Apr 24, 2014 at 10:29 PM, Geoff Joy geoff@windowmeister.com wrote:
Exactly how do big corporations interconnect their islands of facilities? Isn't their topology exactly like the one we face?
You'd be surprised how quickly a 10/8 can get eaten up. Between cassandra clusters, redis nodes, memcache machines, application servers, infrastructure servers, relational databases, webservers, end users and management systems, at the mega-corps that I've worked for, a 10/8 may cover a couple data center not including different trust zones which may also have different subnets and vlans or the public/private ingress/egress addresses. Most modern shops use virtualization and blade technology extensively to shrink the footprint and build applications that work on scaling for better availability.
The current debate revolves mostly around WAN linking at a technical level, Public/Private ingress/egress and Authentication. I don't think routing is much of a concern as once they can figure out the WAN portion, usually routing isn't an issue.. unless it touches on one of the three I previously mentioned.
In corporations, someone with a high enough position and budget says 'make it happen' and hundreds of minions beneath make 'it' happen.
But this is a "public" network where no one trust one another (being that IP addressing doesn't identify someone) there needs to be some basic framework of communications between islands and the right allowances to interconnect to the larger Internet. Then let those islands figure out all the politics of encrypting authentication or global/private routing between themselves as long as it's opt-in not opt-out.