On Sun, 18 Jul 2004, Eugen Leitl wrote:
For those of you who have worked at major ISPs, can the fact that traffic is routed through a few "customer" boxes be hidden from employees?
Speaking as someone who qualifies: no. However, the fact that you even asked the question begs another question, namely, what do you consider "major"? Savvis was, in my opinion, at the very lower end of "major", operating in ~140 countries, although most of that was vpn and multicast. Lets guess that internet was considerably less, say ~15-20 countries directly. In short, the trouble with trying to stuff all this through a choke point (or even 10 choke points) is it's going to be either seen directly as a router hop (if at layer3), or seen indirectly at layer two. And the kind of detailed troubleshooting that goes on in the first through third level support groups just wouldn't be able to miss this - sooner or later someone whold see something, and then the whole place would know. Now, *mirroring* to a couple of choke points, sure, but then you ave transit and other associated costs (you gotta haul the data to all of the collectors). Just not feasible to do it quietly. Note, I said quietly. -- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - - "There aught to be limits to freedom!" George Bush - - - Which one scares you more?