[geeks] Rant: Network "Industry Leaders" That Don't.

Wed May 1 13:11:24 CDT 2002

~ -----Original Message-----
~ From: Jonathan C. Patschke [mailto:jp at celestrion.net]
~ 
~ How long has the use of VLSM/CIDR in network design been 
~ considered Good
~ Thing?  Seven or so years?  I know the CIDR RFC was ratified 
~ almost nine
~ years ago, but people were using classful allocation in a widespread
~ manner long after that.  Anyway, I like it, I use it, and 
~ living without
~ it on the modern Internet sucks.
~ 
~ Oh, and this "NAT" thing I keep hearing about.  That's a good 
~ thing, too.
~ 
~ I'm sure the answer here is obvious, but I fail to see why Lucent is
~ unable to implement either of these technologies in a 
~ sensible manner--in
~ kit that isn't even three years old.

I can't speak much to Lucent network gear, but overall I find Lucent to be
the netbox-of-last-resort. As for phone stuff, Lucent has relied heavily on
their Merlin and System XX designs that are now 25 years old. That bright
shiny new G3 box, it's a System XX. Their key systems are pure Merlin at
heart. I have some respect for their telco switchgear, but I'd say I like
Nortel DMS100's a whole lot better.

~ 
~ <background>
~ 
~ A client of mine has a really, really, really horrible 
~ network design that
~ they've asked me to "fix".  Just imagine the worst IP 
~ allocation you've
~ ever seen, spread it across five locations, toss in two NAT boxes, and
~ toss in the fact that nowhere do cables terminate to jacks in 
~ three of the
~ locations.
~ 
~ That's right.  One cable per computer: runs from the hub, 
~ through the wall
~ (about 100 feet) to the computer's NIC.  Oh, and nothing's 
~ labeled.  -And-
~ everything plugs into stackable 8- or 16-port hubs.
~ 
~ It gets better.  Said customer is connecting to the Internet via two
~ wireless connections.  Said connections aren't at the same 
~ location, and
~ they're not using the same addressing scheme.  Never mind that the
~ connections are with the same utterly fscking clueless ISP[1].
~ 
~ Yes, it's a government network.  No, they actually -paid- 
~ someone outside
~ of the organization to fsck this up this badly.
~ 
~ </background>

I've seen this sort of shit in commercial environs too. I bet if you dig a
little you will find the 543 rule broken in a million little pieces. I have
often considered starting a consulting company that won't sell hardware,
won't draw up designs and won't configure anything. Instead all the company
would do is review other peoples work and let technically clueless managers
know who is screwing them.

<snipage>

~ There's one way to fix this, and I really hate-hate-hate 
~ doing this, but I
~ need to do a selective NAT.

You would probably do better by telling the *people-with-checkbooks* to bite
the bullet and start over. If you beat the network into performing one more
task for now, it will still be broken and even harder to fix later. That
makes you just as much an ass (in the eyes of the *people-with-checkbooks*)
as the people to fscked it up in the first place. If they don't agree, at
least they can't say you didn't warn them and the idiots who originated this
bastard-net will remain in the blame. At least this is what I have learned
from hard experience. You need the *people-with-checkbooks* to see you
wearing your red cape and tights (hero mode).