NS&AT&T

[coderman]

On 5/17/06, Tyler Durden <camera_lumina at hotmail.com> wrote:
> ...
> Theoretically, they could actually just backhaul all of this traffic using
> pretty ordinary 16 wavelength WDM from any number of vendors. Getting that
> cross-country is difficult, but with ULH (Ultra Long Haul) this could be
> done with a relative minimum of repeater/amplifier sites. If they pre-sort
> the traffic before backhauling it they could then actually just buy a
> wavelength on AT&T's backbone, which has some nice features to it (I'd bet
> they also have their own encryption used for the entire wavelength pipe,
> though I could be wrong).

this would be my assumption.  filter and backhaul the interesting
content on leased fiber. (and pay for rack room + leased fiber, $$$)

i'd love to have Sean Gorman's fiber map about now...


> The pinchpoint here just might actually be the deep packet inspection. Does
> anyone know what kind of bandwidth the narus boxes can support?

4 x OC3 = 622,080 kbp/s
8 x OC12 = 4,976,640 kbp/s
4 x OC48 = 9,953,280 kbp/s
== 15.552 Gbp/s  (is half of this mostly idle protect?)

given FPGA matching which can support at least a few hundred snort
style rules per chip at 10GigE line speed i don't think the Narus is
the bottleneck / limiting factor.  this type of deep inspection scales
linearly and is well within budget (though still expensive).

the Narus Insight can troll 10GigE/OC-192 links at L4 and OC-48 at L7.
 this might explain why the circuits top out at OC-48 into the tap
panel.

if you had a culling ratio of 25:1 you could backhaul all the
interesting traffic for this 15Gbps feed on an OC12.  assuming half
these links are idle protect that would drop the necessary culling in
half.