Thou shalt have no other gods before the ANSI C standard 1421
Thou shalt have no other gods before the ANSI C standard 1424
JMFBAH Not necessarily. It depends on the system. Keeping a system up is about availability. Ensuring that your data is not corrupted or tampered with...
If there is capacity, and a redundant route, and they did their networks according to Best Current Practice, we are at most talking about a few minutes here.
This is actually a relavant security question, so I'll keep the crosspost. The best current practice is pretty stable these days.
Internally in every ISP of any size the routers run an IGP, or internal routing protocol. OSPF and IS-IS are the main choices. These are link-state protocols, and the routers indenendently compute optimized paths through the network. Links that go down propagate as ripples, and recomputes happen fast, typically in 2-5 seconds. It there is no "link doen" signal it can take as much as a 95 seconds, 90 seconds for keepalives to time out, and 5 seconds to reconverge.
This is often run on top of SONET links, where the ring technology has 300ms reconvergence time, based on keepalives.
Thou shalt have no other gods before the ANSI C standard 1425
Agree. For some period of years I was a "working manager", i.e. I ran a smallish product development group (including budget, hire-fire, etc.) but also did a good deal of...
On top of the whole thing the entire Internet run BGP as a policy routing protocol, usually run on virtual links provided by the IGP. BGP is slower to reconverge, 45-90 seconds on a clean break, 4:30 to 6 minutes if keepalives are to carry the day. BGP is not designed for rapid failovers, it is made for mapping out the whole Internet.
So for a hardware fault it is important that the next layer hardware can detect a "link down" ("NO CARRIER"). This makes ripple updates in all available technology; SONET(150 ms), IS-IS and OSPF (a few seconds) or BGP (45+ seconds). If there are no such failure you have to trust keepalives to get lost, and have 300ms, 95 seconds or 6 minutes of recovery time. Sonet just send hardware pings, really insecure; but IS-IS; OSPF and BGP all have ways to make signed transactions. MD5 is popular as a signing algorithm.
The two worse-case scenarios are slowly degrading lines, where packet drop can climb into a few percent before the routing protocol gives up. Internet protocols have a knee in the performance at around 3% packet loss; this is where RTP (video, phones) start to sound really lousy, and TCP starts to back off badly in terms of bandwidth usage. The other is the "flapping" link that comes and goes. OSPF and BGP now have good flap resistance, and ISTR IS-IS is coming along too.
Thou shalt have no other gods before the ANSI C standard 1422
rpl Ok. Security Engineering is one of my favorites for learning the mindset. It isn't going to teach prescriptions for how to build secure stories, and it...
Flap resistance will hurt those who haven't followed BCP, and will allow their network routes to flap. It is really easy to avoid; and will meet zero sympathy at larger, professional ISP's upstream. This may hurt some customers, and the ISP in question will use some lame excuse as "instabile internet": "Flapped out" is the correct term.
So, at the worst case; it will take six minutes; say if they just turned IP forwarding of non-local packets off at some exchange point.
Thou shalt have no other gods before the ANSI C standard 1423
Hank Oredson But look at the supposedly-malicious input suggestions from alt.folklore.computers participants: inputs that are arbitrary files, or all ones, all zeros, or composed of arbitrary line numbers. Those are examples of mere error...
If some person reconfigure the net with explosives it will happen a lot quicker.
The experiences I have observed from actual data at 9-11 bears this out. SONET handled most line breaks, OSPF and IS-IS took care of some. But we had to fine-study network logs to see any breaks at all. Most transatlantic ISPs lost some capacity, on the order of 15-25%, and with the coming network load the networks were above design goals in actual loading. But no customer-visible performance problems.
Thou shalt have no other gods before the ANSI C standard 1426
I've been "stuck" in management-like positions a couple of times, but have avoided (so far, anyway) not also actively working...
Alt Folklore Computers Newsgroups