So tell me... At this ISP where you work... Do you have to empty all of the wastebaskets every day, or do you just do certain "high-traffic" recepticles daily, and visit the individual cubes two or three times a week? Also, how long does it take?
Let me explain some bandwidth math to you, since you haven't managed to pick any up at your day job.
Obtaining a T-1 Internet connection to a Tier-1 ISP (Not some low rent ISP 6 AS hops away from MAE-East) costs in the neighborhood $1200 - $1500 per month.
Now, obtaining a Point-to-point T-1, intra-lata, costs around $295 per month; maybe a little more or less depending on the carrier.
If I purchase 100Mbps service at a co-lo, with no traffic metering, and a rack space, I pay a lot, but I can support 70 T-1 connections without any over subscription(!).
So do some math...
In my other posts, I specifically addressed using multiple T-1s, which again, is a lot more expensive when the other end of the circuit terminates at a Tier-1 ISP than when it terminates at your own equipment. So the equation is not "$100/month for 1/160th of 1.5Mbps." It's "$850/month for Rent" vs. "$950/month for Rent, and Free High-speed Internet."
You, as the renter, have no idea what I'm charging you for the Internet access. It's a hidden cost...
"Yes, you get address space from your ISP. For a fee. As long as you can justify the allocation. (160 condos is far too small for a direct assignment from ARIN.)"
Who said anything about getting address space from ARIN? I'm talking about getting it from an upstream provider... And it's dirt fucking cheap, when you're turning around and collecting $1200/year for each address.
Lastly...
""Buy in bulk"? This ain't mayonnaise, boy. This isn't 1995 either. The cost of 1U of colo space for your router will run more than the T1 you want brought back to the condos. Gee, how does two routers + T1 between them + colo rack space + colo connectivity and bandwidth cost less than one router and a T1 to some ISP? (Answer: it doesn't, and never, ever will.)"
I'll try to remember that as I wander up and down the butt-empty co-location facilities here in the Northern Virginia/Dulles Corridor area...
My co-lo rack can service a lot more than 1 T-1 connection... It's called economies of scale. You should read a book some time.
You almost have a point... Yes, 1 rack at a co-lo, plus 1 T-1, to 1 remote locations would be far more expensive than a single T-1 connection to an ISP... And it may indeed always be that way...
But 1 rack at a co-lo, plus 15 T-1s, split across 5 remote locations is a far cry cheaper than 15 T-1s to ISPs.
And with the markup at the customer end, you can see why this would make money.
Of course, with all of your "I work at an ISP" experience, you might not be aware that making money is the point of the business in the first place.
I'm totally with you on the two minutes thing, by the way...
Now, to address the parent of your comment, the savvy landlord doesn't get into the IT business... He resells.
A third party handles the IT stuff, and the landlord gets a slice. Third party company offers to do it for $70 per unit. Landlord says, "Great!" He then adds $100 to the monthly rent on each unit.
Landlords aren't dumb... How do you think they got to owning all of those apartment buildings?;)
You think a Cat 3550 is overboard, but you want to pony up for a Layer-3 capable Cat 4000? Priced one of those lately?
Cat 3550-24-SMI runs about $3500 ($1800 if you go with a refurbished unit, and I know this because I have one downstairs right now).
Plus, having a single switch dramatically complicates your wiring issues. You have to home run everything to s single location. With access layer switches, you need only run access layer connection in the horizontal. Then you simply tie the closets together in the riser.
This statement, however, takes the cake:
"A simple Layer 2 solution with some traffic shaping. In a switched environment you will not see other people traffic, except for broadcasts within your VLAN."
What about their unicast traffic? What about the kid running Nmap? Not to mention all of the broadcasting that your Windows boxes, and their default Shared directories will be doing. Who wants the headache?
You could certainly alter the access-lists to allow traffic between VLANs, but most people probably have no desire for that. Better that friendly neighbors specifically request that kind of access.
For most, this kind of separation is a value add.
As for IP Address space, you can get additional IP space from *any* ISP. They may charge you an annual fee for a full/24, but it's pretty nominal, and certainly an expense that can be re-couped.
The move is really to provide this kind of solution in a new building. Wire it during construction. Don't make the service an optional add-on... Build it into the rent, and everyone who moves in is a customer. Then it becomes a feature, rather than a service.
You can add $50-$100 to the monthly rent, and now you're talking about 160 subscribers, with a monthly recurring revenue of $8000 to $16000 per month, depending on the building occupancy.
You pay for the equipment outright in a couple of months (obviously, once the building is filled).
Bandwidth isn't that expensive, especially if you're buying it in bulk. If you're smart, you buy it at a local colocation facility, and you install your own router there. Then you add individual T-1s as your bandwidth needs increase.
This is a solution that scales, and pays. Ideally, you put a really fat external pipe into a building complex (Multiple apartment towers), and then rake it in. The monthly "cost" is hidden from the subscribes anyway.
I hope it's not too late to whore some karma... This is the first chance I've had to log in today.
The answer to this problem is Layer-3 switching, and VLANs.
Put every apartment unit on it's own VLAN, and at the Core, use access-lists to prevent each VLAN from accessing it's neighbors.
The hardware costs are nominal, as you only need one Layer-3 enabled device at the core, and the access layer switches can be fairly modest. In Cisco-speak, each VLAN interface would look like this, and the attached access-list would prevent Inter-neighbor traffic:
int vlan 51
ip address 192.168.51.1 255.255.255.0
ip helper-address 192.168.0.10 (Centralized DHCP Server)
ip access-group 100 in
!
!
access-list 100 remark ------------
access-list 100 remark Inter-neighbor Filtering
access-list 100 remark ------------
access-list 100 remark Allow access to the Infrastructure Network DHCP-DNS-Mail-WWW
access-list 100 permit ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.0.255 (Infrastructure Network)
access-list 100 remark ------------
access-list 100 remark Deny access between Neighbor VLANs
access-list 100 deny ip any 192.168.0.0 0.0.255.255 (Denies all other Internal Routing)
access-list 100 remark ------------
access-list 100 remark Allow everything else...
access-list 100 permit ip any any
access-list 100 remark ------------
Since I'm a Cisco bigot by trade, I'd recommend a Cataylst 3550 (w/the SMI image) as the core device, and Cat 2900XLs at the access layer. Use fiber between the closets as others have suggested.
I'd also recommend giving each unit it's own static NAT/PAT translation outbound to the Internet, so that if something illegal should occur, you can determine that unit that originated the trouble. No sense getting everyone in trouble (Certainly not you!) for a single troublemaker.
Which is why the firms I've worked with NEVER bid fixed-price, always time-and-materials. If you did an ethical job, fixed-price was always a loser because you'd lose the bid unless you underestimated the work.
If fixed-price is always a loser, then your problem is that you aren't very good at defining the scope and requirments.
My current company is terrified of fixed-price, because my company is run by idiots. Every foray they have made into the fixed-price pool has resulted in project I like to call "Viet Nam," a sucking quagmire of scope creep, finger pointing, and the absence of repeat engagements.
This is not the fault of the customer... The fault lies with the consulting company.
As for not winning the business because an accurate assessment leads to an uncompetitive price, that's nonsense too.
Your Statement of Work, and your Project Plan, simply need to show the client where the value lies. If your price is higher, but your SOW and/or PP show all of the gritty detail that your competition has glossed over, or missed entirely, you should walk away with the work. You can justify a high price so long as you have successfully articulated everything that will be involved.
"All things being equal, let price be the guide..." You have to show the customer that all things are not equal. That's the way to be successful in the consulting business.
You have defined, in your first sentence, the role of a "contractor," which may or may not be the same as that of a "consultant."
That is to say, if you've signed a contract stating that you'll implement X, Y, and Z, then sure, you implement X, Y, and Z, and walk away.
If your role is truly that of a consultant, then you have a responsibility to speak up. If your client is looking to satisfy a requirement, and they're considering doing it in a completely half-baked way, that will only marginally address their concern, and create a number of additional problems along the way, you have to say something. That's a fundamental difference between the roles of contractor, and consultant.
It's true that you need to exercise a certain degree of diplomancy, and you need to be able to deal with people, many of whom will see you as a threat... You can be absolutely certain that at least one guy (The one that came up with the half-baked scheme) is going to be bitter.
That's the job...
As far as covering yourself, you need only document your recommendations. Email is sufficient for this... Put your recommendations and your objections in email, and get a delivery confirmations. You cannot be held liable for poor results if your client chooses to disregard your input...
Quite the contrary, if you are in a consulting role, and you don't speak up, that's probably the bigger risk. If everything goes to hell, they can turn around and say "Why didn't you tell us? You're the expert..."
It's entirely possible that you'll end up in an environment that's impossible. You're told not to raise objections, or make waves... Essentially, you learn that you've been brought in simply to give a piss-poor project the air of legitimacy... If you do this long enough, it's inevitable. If you find yourself in that position, walk.
I'm not just saying that... I've done it twice in the past 12 years.
There have been reports of protesters that have failed to clear a path for emergency vehicles.
These are the people I'm referring to.
Personally, I don't think they should block any streets at any time. Urban traffic is bad enough, and as other people have mentioned, if you're trying to generate sympathy for your cause du jour, maybe a good start would be not pissing off the people that are on the fence.
Clogging up traffic only serves to make things worse, and it costs ordinary people time and money.
You, Sir, are 100% correct... No finer beer in the world than a good Trappist Monk Ale. I'm partial to Chimay...
German beers always leave me with than bitter aftertaste, like the brewers had lost not one, but two World Wars, and want the rest of us to feel their pain.
I didn't read the story, but I'd heard about it elsewhere...
People can protest all they want, but when they disrupt traffic, and potentially disrupt emergency services, such as Police, Fire Department, or Ambulance traffic, they've definately crossed the line.
25 to life? Harsh perhaps, but if their actions cost someone their life, because a house burned down, or Paramedics couldn't get to the scene to help someone, maybe 25 years is reasonable.
You still have the right of assembly... Just don't try to assemble in the middle of a busy intersection. Most people wouldn't need to be told that.
Out of curiousity, where else does XFConfig-4 live?
I'm no stranger to Linux, having used it since '96, and I've been through Slackware, Redhat, Mandrake, and Debian, and a few others...
I don't recall ever having seen it anywhere other than/etc/X11/.
In the "Plug-and-Play" dists, I don't remember looking for it, so it's possible that it wasn't where I'd have expected it, but every time I've had to find it, it's always been right where it's supposed to be.
I probably should have stated that I wasn't venting at you alone... It was more of a cululative correction, as I had seen a whole lot of posts that made the same error by the time I got to yours.
Slashdot Mirror
Let me explain some bandwidth math to you, since you haven't managed to pick any up at your day job.
Obtaining a T-1 Internet connection to a Tier-1 ISP (Not some low rent ISP 6 AS hops away from MAE-East) costs in the neighborhood $1200 - $1500 per month.
Now, obtaining a Point-to-point T-1, intra-lata, costs around $295 per month; maybe a little more or less depending on the carrier.
If I purchase 100Mbps service at a co-lo, with no traffic metering, and a rack space, I pay a lot, but I can support 70 T-1 connections without any over subscription(!).
So do some math...
In my other posts, I specifically addressed using multiple T-1s, which again, is a lot more expensive when the other end of the circuit terminates at a Tier-1 ISP than when it terminates at your own equipment. So the equation is not "$100/month for 1/160th of 1.5Mbps." It's "$850/month for Rent" vs. "$950/month for Rent, and Free High-speed Internet."
You, as the renter, have no idea what I'm charging you for the Internet access. It's a hidden cost...
Who said anything about getting address space from ARIN? I'm talking about getting it from an upstream provider... And it's dirt fucking cheap, when you're turning around and collecting $1200/year for each address.
Lastly...
I'll try to remember that as I wander up and down the butt-empty co-location facilities here in the Northern Virginia/Dulles Corridor area...
My co-lo rack can service a lot more than 1 T-1 connection... It's called economies of scale. You should read a book some time.
You almost have a point... Yes, 1 rack at a co-lo, plus 1 T-1, to 1 remote locations would be far more expensive than a single T-1 connection to an ISP... And it may indeed always be that way...
But 1 rack at a co-lo, plus 15 T-1s, split across 5 remote locations is a far cry cheaper than 15 T-1s to ISPs.
And with the markup at the customer end, you can see why this would make money.
Of course, with all of your "I work at an ISP" experience, you might not be aware that making money is the point of the business in the first place.
Now, to address the parent of your comment, the savvy landlord doesn't get into the IT business... He resells.
A third party handles the IT stuff, and the landlord gets a slice. Third party company offers to do it for $70 per unit. Landlord says, "Great!" He then adds $100 to the monthly rent on each unit.
Landlords aren't dumb... How do you think they got to owning all of those apartment buildings? ;)
And to clarify, I mean the unicast traffic directed at your machine...
Stay out of the deep end, kid.
You think a Cat 3550 is overboard, but you want to pony up for a Layer-3 capable Cat 4000? Priced one of those lately?
Cat 3550-24-SMI runs about $3500 ($1800 if you go with a refurbished unit, and I know this because I have one downstairs right now).
Plus, having a single switch dramatically complicates your wiring issues. You have to home run everything to s single location. With access layer switches, you need only run access layer connection in the horizontal. Then you simply tie the closets together in the riser.
This statement, however, takes the cake:
What about their unicast traffic? What about the kid running Nmap? Not to mention all of the broadcasting that your Windows boxes, and their default Shared directories will be doing. Who wants the headache?For most, this kind of separation is a value add.
As for IP Address space, you can get additional IP space from *any* ISP. They may charge you an annual fee for a full /24, but it's pretty nominal, and certainly an expense that can be re-couped.
The move is really to provide this kind of solution in a new building. Wire it during construction. Don't make the service an optional add-on... Build it into the rent, and everyone who moves in is a customer. Then it becomes a feature, rather than a service.
You can add $50-$100 to the monthly rent, and now you're talking about 160 subscribers, with a monthly recurring revenue of $8000 to $16000 per month, depending on the building occupancy.
You pay for the equipment outright in a couple of months (obviously, once the building is filled).
Bandwidth isn't that expensive, especially if you're buying it in bulk. If you're smart, you buy it at a local colocation facility, and you install your own router there. Then you add individual T-1s as your bandwidth needs increase.
This is a solution that scales, and pays. Ideally, you put a really fat external pipe into a building complex (Multiple apartment towers), and then rake it in. The monthly "cost" is hidden from the subscribes anyway.
It's a license to print money.
In my solution, the Layer-3 switching is in the core.
The answer to this problem is Layer-3 switching, and VLANs.
Put every apartment unit on it's own VLAN, and at the Core, use access-lists to prevent each VLAN from accessing it's neighbors.
The hardware costs are nominal, as you only need one Layer-3 enabled device at the core, and the access layer switches can be fairly modest. In Cisco-speak, each VLAN interface would look like this, and the attached access-list would prevent Inter-neighbor traffic:
Since I'm a Cisco bigot by trade, I'd recommend a Cataylst 3550 (w/the SMI image) as the core device, and Cat 2900XLs at the access layer. Use fiber between the closets as others have suggested.
I'd also recommend giving each unit it's own static NAT/PAT translation outbound to the Internet, so that if something illegal should occur, you can determine that unit that originated the trouble. No sense getting everyone in trouble (Certainly not you!) for a single troublemaker.
A judge is specifically empowered to decide whether or not a law runs afoul of the Constitution. That's precisely his job.
"And here I've been, using my teeth all these years, like a sucker."
"WE... MAKE... HOLES IN TEETH!"
They'll never know what it meant to be a "child of the Eighties."
I too enjoyed the pain and humiliation of seeing something from my childhood plastered all over the Internet.
Crest by chance? Does the term "Cavity Creeps" mean anything to you?
"Heid!... Pants!... Now!"
But my favorite, and the most frequently used line in my house has got to be:
"We have a Piper down... I repeat, a Piper is dooooown."
For starters, the plane is not just in use by the Brits. US Marines use the plane as well, which brings me to my second point...
The role of this aircraft is Close Air Support, ie: Ground Support. It's not a fighter by any stretch of the imagination.
You are on crack.
If fixed-price is always a loser, then your problem is that you aren't very good at defining the scope and requirments.
My current company is terrified of fixed-price, because my company is run by idiots. Every foray they have made into the fixed-price pool has resulted in project I like to call "Viet Nam," a sucking quagmire of scope creep, finger pointing, and the absence of repeat engagements.
This is not the fault of the customer... The fault lies with the consulting company.
As for not winning the business because an accurate assessment leads to an uncompetitive price, that's nonsense too.
Your Statement of Work, and your Project Plan, simply need to show the client where the value lies. If your price is higher, but your SOW and/or PP show all of the gritty detail that your competition has glossed over, or missed entirely, you should walk away with the work. You can justify a high price so long as you have successfully articulated everything that will be involved.
"All things being equal, let price be the guide..." You have to show the customer that all things are not equal. That's the way to be successful in the consulting business.
That is to say, if you've signed a contract stating that you'll implement X, Y, and Z, then sure, you implement X, Y, and Z, and walk away.
If your role is truly that of a consultant, then you have a responsibility to speak up. If your client is looking to satisfy a requirement, and they're considering doing it in a completely half-baked way, that will only marginally address their concern, and create a number of additional problems along the way, you have to say something. That's a fundamental difference between the roles of contractor, and consultant.
It's true that you need to exercise a certain degree of diplomancy, and you need to be able to deal with people, many of whom will see you as a threat... You can be absolutely certain that at least one guy (The one that came up with the half-baked scheme) is going to be bitter.
That's the job...
As far as covering yourself, you need only document your recommendations. Email is sufficient for this... Put your recommendations and your objections in email, and get a delivery confirmations. You cannot be held liable for poor results if your client chooses to disregard your input...
Quite the contrary, if you are in a consulting role, and you don't speak up, that's probably the bigger risk. If everything goes to hell, they can turn around and say "Why didn't you tell us? You're the expert..."
It's entirely possible that you'll end up in an environment that's impossible. You're told not to raise objections, or make waves... Essentially, you learn that you've been brought in simply to give a piss-poor project the air of legitimacy... If you do this long enough, it's inevitable. If you find yourself in that position, walk.
I'm not just saying that... I've done it twice in the past 12 years.
But the original point stands. 10Gbps is faster than the connection they describe in the story.
It's barely faster than this, and that was a trans-atlantic connection.
That is one buff toilet... Mad props, dog.
These are the people I'm referring to.
Personally, I don't think they should block any streets at any time. Urban traffic is bad enough, and as other people have mentioned, if you're trying to generate sympathy for your cause du jour, maybe a good start would be not pissing off the people that are on the fence.
Clogging up traffic only serves to make things worse, and it costs ordinary people time and money.
German beers always leave me with than bitter aftertaste, like the brewers had lost not one, but two World Wars, and want the rest of us to feel their pain.
People can protest all they want, but when they disrupt traffic, and potentially disrupt emergency services, such as Police, Fire Department, or Ambulance traffic, they've definately crossed the line.
25 to life? Harsh perhaps, but if their actions cost someone their life, because a house burned down, or Paramedics couldn't get to the scene to help someone, maybe 25 years is reasonable.
You still have the right of assembly... Just don't try to assemble in the middle of a busy intersection. Most people wouldn't need to be told that.
I'm no stranger to Linux, having used it since '96, and I've been through Slackware, Redhat, Mandrake, and Debian, and a few others...
I don't recall ever having seen it anywhere other than /etc/X11/.
In the "Plug-and-Play" dists, I don't remember looking for it, so it's possible that it wasn't where I'd have expected it, but every time I've had to find it, it's always been right where it's supposed to be.
It's amusing to watch a fight where in one corner, you have Megaconglomerate Sony, and in the other corner, you have Megaconglomerate Sony.
I think it's fair to say that only a company with the mighty resources of Sony could muster a fight against Sony.
But, to paraphrase Costanza, "A Sony divided against iteself cannot stand..."
I probably should have stated that I wasn't venting at you alone... It was more of a cululative correction, as I had seen a whole lot of posts that made the same error by the time I got to yours.