When using Visio to do a network diagram, there is almost always the ubiquitous cloud icon.   The cloud represents the rest of the Internet typically, with no detail other than “The Internet”.  The Internet is of course a ton of detail.  Routing protocols, IP packets, WAN links, interconnects, hundreds of thousands of network devices making sure IP traffic gets from point A to point B.

But unless you’re a network administrator, you don’t care.  And even if you are a network administrator, you only care about your little piece of the Internet.   The rest of it is there, but it’s someone else’s responsibility to make sure it works.  You don’t need to concern yourself with the details.  The Internet is a cloud, full of Shit You Don’t Care About.

Technology in a way is a continual process of making more and more of the technical world Shit I Don’t Care About.  A few decades ago, programmers needed to know machine language to get anything done.  This gave rise to assembly language, and that begat C and other low level languages, to Java, PHP, and Perl.   Each step up abstracts more and more of the base technology. Perl and PHP, for instance, turn memory pointers into Shit I Don’t Care About anymore.

Arthur C. Clarke, a novelist known for his incredible insight into technology’s affect on the future (he proposed the idea of geosynchronous orbit satellites, have you heard of them?) mention this phenomenon in his book 3001: The Final Odyssey.  In the book, the chief engineer of the inter-planetary vessel Goliath can’t explain to the to protagonist Frank Poole much about the inner workings of the ship (Scottie would be appalled!).  The evolution of space craft had made them so incredibly complex (and automated) that only the basic operation needed to be (or could be) understood by its operators.

The iPad and the newest generation of smartphones are devices that transition a layer of Shit I Care About into the realm of Shit I Don’t Care About: Namly the desktop, drivers, and the concept of a PC desktop.

So that’s what The Cloud is; it’s Shit I Don’t Care About.  There’s some type of interface for interaction, (HTTP for web apps, APIs for data retrieval, etc.) and then there’s a bunch of shit behind the scenes that I don’t care about.  Or at least, that’s my definition of The Cloud (among thousands of conflicting definitions).

For instance, does your website run Linux or Windows?  Do your users care?  Most likely not.  They’re not going to interact with the OS, so why would they care? It’s Shit They Don’t Care About.   Oracle or Microsoft SQL?  Again, I don’t care.  Just as I don’t care if the plane I’m flying on is an Airbus 320 or a Boeing 737.

So Cloud Computing is the act of transitioning infrastructure I used to care about into the realm of Shit I Don’t Care About.  Servers, storage, networking, etc.  If I can transition Shit I Care About into Shit I Don’t Care About, I can concentrate on some New Shit.

Cloud Computing is transitioning Shit I Care About into Shit I Don’t Care About so I can spend time on New Shit.

Recently Cavium purchased MontaVista for $50 million.  More at moblinzone.

Not as prominent in the press release, but I personally think is the neatest feature, is the dynamic transparency.  Transparency is when the source IP address of the client is maintained, which is the default method for most load balancer.  The LoadMaster’s non-transparency is probably known more commonly in the industry as Source NAT, or SNAT.  This is when the client’s IP address is replaced by an IP on the load balancer.

When preserving the true source IP address of your clients, you cannot have clients on the same network as your servers.  This is sometimes referred to as “the same subnet problem”.  The cause of this is that the traffic needs to pass through the load balancer on the way out.  If the client is on the same subnet as the servers, the servers reply directly to the client, rather through the load balancer.

The solution for the same subnet problem is usually to enable SNAT/non-transparency, but you lose the true source IP address of your clients, so the web server logs will show everyone coming from one address.

The higher-end load balancers have the ability to do selective SNAT, and now KEMP has the ability to do selective SNAT automatically. I’ve yet to see it in action, so I can’t attest to how well it works,  but it’s potentially a very nice feature.

But it seems Radware has made good on their promise to keep up the Alteon line, although in slightly different form.  They’ve released the Alteon 5412, a 20-Gigabit Layer 7 device (web acceleration and SSL promised for mid-2010).   It’s the Alteon software running on top of their OnDemand Switch 3 switching platform. Since the acquisition,  they have also released two maintenance releases of the Alteon OS for the previous platforms.  So it seems they’re making good on their promise.

Check out the press releases and promo site (bringing back Alteon marketing materials even).

But Tony, what about this site? Aren’t I reading a page on your site being served from a web server?

It’s not actually a web server.  It’s a web server/application server/database server. This blog is a web application, and web applications require the three tiers:  Web, App, and DB.  This particular system is running the popular LAMP stack, for Linux, Apache, MySQL, and PHP.  The application this server runs (among others) is the popular WordPress blog.

So, no, it’s not a web server. Not just a web server anyway.  You get the point.

When’s the last time you went to a static web page?  Years ago, your average person would need to know some HTML in order to post pictures of their cats.  Now, a web application handles the presentation, all you need to do is supply the cat pictures (and adorable captions).

Everything is a web application.  Nothing is static anymore.  That’s part of the reason load balancers are being called “Application Delivery Controllers”.

Nothing usable on the Interet today is useful unless it’s a web application.  Blogs, news sites (powered by content management system), social media, web stores.  They’re all web applications.  So no more web servers.  Not by themselves, anyway.

The First Few Milliseconds of an SSL Connection

As pointed out by Shawn Nunley on the lb-l mailing list, o3 Magazine did a piece on rolling your own SSL accelerator and load balancer.   Lori MacVittie over at F5 (who shares my affinity for cat pictures with grammatically dubious captions) did a cautionary piece suggesting that rolling your own Layer-7 device has some drawbacks to consider.

My take is that yes, rolling your own can be a great way to same some money, and yes as Lori said, rolling your own can end up not saving you as much money as you’d thought.  Rolling your own requires two things that you may not have: Talent and time.  If you’ve got those, then awesome.  If not, a pre-packaged solution may work for you.  The merits and drawbacks are issues that can depend on your situation, and are also things upon which reasonable people can disagree.

And if there’s anything the Internet is known for, it’s that it is full of reasonable people (as evidenced by the comments section in Lori’s post).

Third Choice

But the decision isn’t between an expensive (yet impressive) BIG-IP LTM 6900 and a roll-your-own box, there’s a third option in if you need the Layer 7/SSL acceleration, and that’s the value-market.  Vendors like KEMP Technologies, Coyote Point Systems, and Barracuda make Layer 7 devices that are much simpler to configure than a roll-your-own box yet cost about the same.  You can spend about $10,000 USD and get around 2,000 SSL connections per second, as well as around 200 Mbps of throughput.

There are certainly situations where I’ve had to/greatly benefited from rolling my own. My home data center/laundry room is a perfect example.  However, there are many times when using a pre-packaged solution is way better, even if it costs more.