Case of the Great Hot-Site Swap

BobB writes "Two universities — Bowdoin in Maine and Loyola Marymount in Los Angeles — have entered a unique arrangement under which they are backing up each other's web sites, email and servers on different ends of the continent. They say this could be a disaster recovery model all sorts of organizations could follow. From the article: 'When Bowdoin switched over to Exchange e-mail, so the schools would have similar e-mail infrastructure, LMU staffers were their guides and advisers. "We implemented that pretty quickly," says Davis, the Bowdoin CIO. "When we launched Exchange, we had just eight calls to our help desk." And the shared experience of the infrastructure components then forms a kind of informal help desk, where managers and staff can reach out for advice, brainstorm and troubleshoot problems with their colleagues a continent away.'"

The Great Exchange

[IAmGarethAdams (990037)]

When we launched Exchange, we had just eight calls to our help desk.

So they had Exchange running their helpdesk phone system too?

Re:

[Kamokazi (1080091)]

As much as it's fun to knock Microsoft products, there's really not anything that compares to Exchange.

Not nearly as exciting as I first read it...

[Franklin Brauner (1034220)]

Case of the Great Hot-Wife Swap

Pity. It being a Saturday, I kind of wanted to read that article.

Higher Ed.

[saintlupus (227599)]

From what I understand, this is pretty common in higher ed -- in fact, the college that I work for is currently setting up something similar with another college in the area. Not cross-continent redundancy, true, but enough to keep things going should there be a smaller disaster in the area. If all of Western New York is wiped out, I don't really care if people can get their email.

This really came to the forefront with the beating the New Orleans area colleges took during Katrina; from what I recall, Loyola and Tulane were really unprepared and suffered for it.

--saint

Re:

[ushering05401 (1086795)]

I am not familiar with specifics of these agreements, so perhaps you can tell me... is security jointly administered (blanket policies/configs etc), does the host institution have oversight, or does the institute that originates the data have oversight of the remote servers.

Not that it makes a huge difference... my sister had all of her data stolen (and consequently her credit was hijacked) through infiltration of a Bay Area college by ID thieves. No off-siting involved.

Regards.

Re:

[r_jensen11 (598210)]

It doesn't surprise me either. It would surprise me if my university system (Wisconsin) wasn't doing this by copying to other campuses within the state. From what I've gathered from our IT department, we have IPv6 backbones running throughout the UW system (but oddly, not "used" for anywhere outside of the system). Unfortunately, they have not taken them further than the server rooms. The only way I could get IPv6 to work when I lived on campus was through tunnelling....

Re:Higher Ed.

[Linker3000 (626634)]

Good point.

My company has 30 sites and so it was easy for us to install (Linux) servers at multiple locations and arrange overnight rsync backups of data, server-located 'My Documents' folders, email & Intranet redundancy etc. for business continuity. I am a school governor for my son's local primary school and their backup procedure comprised a disk-to-disk copy from their main student server to another Windows-based server on the network, with an occasional dump to a removable hard disk.

When the school decided to improve their backup (after a disk failure and realisation that their backup process had not been working for a while, naturally!), they approached their incumbent IT supplier for a recommendation - which turned out to be a new main server with Windows 2003 Server, enough CALs for the children, a dual Xeon processors, SCSI-based RAID 5 and removable tape - very functional, very corporate and very expensive (approx £6,500) for a school that teaches 5-11 year olds!

Having approached me for my comments, we are now looking at a two-way peering arrangement with the local secondary school comprising two Linux-based servers with SATA RAID 1 (the school is only using the server for low-volume file and print services so Samba and CUPS are just what's needed), and an overnight backup strategy through the education WAN. Total cost is approx £750 for the two servers.

The only thing that may not make this fly will be County Hall red tape.

VPN connection over a 30Mbps link.

[More_Cowbell (957742)]

I run backups for a large web hosting company; this is to say I do this 40 hours a week for thousands of servers around the globe.

We have many clients that mirror backups between East and West coast. They may be connected at each end at that speed, but they are almost assuredly not achieving throughput at that rate.

YMMV, but there are 3000 miles to deal with here. I've never been able to achieve speeds like that, and we have some seriously fat pipes in our data centers.

Re:VPN connection over a 30Mbps link.

[quanticle (843097)]

Remember, these are universities, so they get access to the Internet2 pipes.

Re:

[scottv67 (731709)]

Remember, these are universities, so they get access to the Internet2 pipes.

It doesn't matter how fat the pipes are, the speed-of-light will still bite you in the ass when you are replicating data from one coast to the other.

rsync it, with compression.

[khasim (1285)]

That way you only take a real hit during the first copy.

After that, you should be able to copy just the changes and the new files. It is amazing.

Re:

[moosesocks (264553)]

The speed of light is more of a limiting factor for latency, and not throughput.

That said, it's not even a big deal for latency -- light travels at 186,282 miles/second. New York to LA is approximately 2,800 miles.

Most of the latency/bandwidth lag comes from routing or congestion along the tubes.

Re:

[scottv67 (731709)]

The speed of light is more of a limiting factor for latency, and not throughput.

And throughput is affected by latency. Which was the original poster's point. A huge round-trip time will affect the number of Megabits/sec that you can get through a pipe regardless of how big the pipe is.

That said, it's not even a big deal for latency -- light travels at 186,282 miles/second. New York to LA is approximately 2,800 miles.

Light travels through fiber at a slower speed. You'll never see data moving thr

Re:

[quanticle (843097)]

And throughput is affected by latency. Which was the original poster's point. A huge round-trip time will affect the number of Megabits/sec that you can get through a pipe regardless of how big the pipe is.


Not necessarily. Given that these are pretty reliable links, you can set the transmission window relatively high without incurring very many penalties. That way, even if there is significant latency in the connection, you can maximize bandwidth.

Re:

[scottv67 (731709)]

you can set the transmission window relatively high without incurring very many penalties.

I agree, some TCP tuning will help offset the challenges introduced by the large round-trip time.

Re:

[localman (111171)]

I never used to think the speed of light was much of a limiting factor in my day to day life, but once I was living somewhere without access to wired broadband and so I looked into satellite internet. Then I found that geostationary satellites are about 22,200 miles above the surface of the earth, and that the best-case round trip ping would be about 500 ms. Which is awful for gaming or working via remote terminal.

And suddenly the speed of light seemed strangely slow :)

Re:

[More_Cowbell (957742)]

OK, must admit this was new to me. But from what I can tell through some quick research-

http://en.wikipedia.org/wiki/Internet2 [wikipedia.org]

There have been times when the media have reported on a network called "Internet2." This is misleading since Internet2 is in fact a consortium and not a computer network. "Internet2" is sometimes used, albeit a misnomer, for the Abilene Network.

So I take a look at Abilenes website and find this map: http://abilene.internet2.edu/peernetworks/domestic .html [internet2.edu]

From what I can see here

Re:

[amRadioHed (463061)]

A map of Internet2 without MIT? Somethings not right here...

This list [internet2.edu] [PDF] is better, and while it confirms that this particular college isn't on Internet2, University of Maine is a member. Your sleepy home state isn't entirely left out of the fun it seems.

Re:

[More_Cowbell (957742)]

Membership does not equal backbone connectivity.

http://www.internet2.edu/network/library/deploymen t_phases.pdf [internet2.edu]

http://www.internet2.edu/network/deployment.html [internet2.edu]

Re:

[rmm4pi8 (680224)]

I actually do see speeds like this. We pay $450/mo for a 3mb guaranteed/100mb burst pipe at our Vericenter cage in Boston, and something like that much for a backup facility in Dallas. We have about 300mb of new data an hour to transfer, which we send in hourly batches, and it usually completes at something like 37mb/s. Now this certainly isn't a guaranteed rate, and I wouldn't want to run an application that depended on that kind of throughput, but it shows you what's possible across Sprint's backbone f

One of the main problem is...

[KokorHekkus (986906)]

...that you might have to accept the legal responsibilies of the site that is being backed up. It's not just a simple exchange of providing corresponding services... Take it down to a personal level... who would you trust to use your personal computer as a backup server (in a reciprocal manner)? No one that hasn't your full and complete trust is my guess. Encryption would provide some protection but this isn't about data backup but service fallback.

So unless you have some kind of legal agreement covering your actual risks it's not for everyone. But for large scale organisations, with real legal clout, like universities it might makes sense. But not for individuals.

Re:

[nine-times (778537)]

I don't know... companies that offer "online backup" still don't actually take responsibility for the integrity of your data. Also, you'd find out pretty quickly whether the person on the other end of your backup is doing a good job. Try accessing your data, running checksums, etc.

After all, you don't really need to make sure that the person you have the deal with never once loses a piece of data, but only that the chances are remote of him losing a piece of data at the same time you lose that same piece

Re:

[ScrewMaster (602015)]

Everything you send offsite should be encrypted, and anyone accessing your computer should be jailed somehow.

The problem is, a lot of the people trying to access your computer nowadays want to put you in jail somehow.

Re:

[nine-times (778537)]

Correct me if I'm wrong here, but giving someone you know a jailed FTP/SFTP account shouldn't present a significant security risk for the server the account is on.

Maine

[nuclearpenguins (907128)]

It's always nice to see something from Maine featured in technology news. We're a tiny state population-wise, but there are many high-tech companies here. Hell, even in my own town there is a company that developed and makes the MK47 Advanced Lightweight Grenade Launcher as well as a bunch of other armaments for the military. Sure, this post is off topic and my karma blows already, but I always have to say "Go Maine!" whenever I read about my little state on any technology forum/site.

on a less formal/intense level: higher ed dns

[Ex Machina (10710)]

The alternate nameservers for many Universities are often at other schools. Not the same thing, but interesting to note:


mtnBook:~ $ whois rochester.edu
Name Servers:
      NS1.UTD.ROCHESTER.EDU 128.151.2.1
      NS2.UTD.ROCHESTER.EDU 128.151.7.6
      SIMON.CS.CORNELL.EDU
      DNS.CS.WISC.EDU

mtnBook:~ $ whois cornell.edu
Name Servers:
      BIGRED.CIT.CORNELL.EDU 128.253.180.2
      DNS.CIT.CORNELL.EDU 192.35.82.50
      CAYUGA.CS.ROCHESTER.EDU

mtnBook:~ $ whois ucsb.edu
Name Servers:
      NS1.UCSB.EDU 128.111.1.1
      NS2.UCSB.EDU 128.111.1.2
      KNOT.BROWN.EDU



There's a bunch more NYU/UCBerkeley, WUSTL/ULA, etc.

Re:

[pyite (140350)]

Further evidence:

aman:~ $ whois rutgers.edu

...

Name Servers:
DNS3.RUTGERS.EDU 198.151.130.254
DNS4.RUTGERS.EDU 66.187.157.84
RU-UFL.RUTGERS.EDU 128.227.128.162
DNS1.RUTGERS.EDU 165.230.144.131
DNS2.RUTGERS.EDU 128.6.21.9

aman:~ $ whois ufl.edu

...

Name Servers:
LOWER-NAME.SERVER.UFL.EDU 128.227.128.254
NAME.UFL.EDU 128.227.128.24
RUTGERS-NAME.SERVER.UFL.EDU 128.6.224.82

Several universities in Ohio already doing this

[kaminari42 (1112015)]

The University of Cincinnati, The Ohio State University, and the University of Miami (Ohio) are already doing this.

Not for everyone...

[fuffer (600365)]

"They say this could be a disaster recovery model all sorts of organizations could follow."
For private businesses maybe, but I'm sure hosting backups on other organizations hardware is not acceptable under SOX.

My mail is backed up in at least 5 centres

[flyingfsck (986395)]

CIA, FBI, CSIS, KGB, MI5...

It is the most secure backup system in the world.

Re:My mail is backed up in at least 5 centres

[Kjella (173770)]

...says yet another that's never tried a restore.

Survival/Preparedness community

[zogger (617870)]

This is common for survivalist and preparedness minded folks. You and a trusted relative or friend exchange backup critical gear/necessities/copies of records, etc. In case of catastrophic loss of either abode, the other person has a decent "backup" for you to fall back on. Arrangements like this have been quite common for some decades now, usually they include mutually assured lodging, should full long term evacuation be required. IMO, it is quite a sound idea. Remember on the news, you see the same scene all the time, those scenes from..take your pick, fires, floods, hurricanes or whatever.. the newsies always zero in on those folks who are all freaked out and sad, and EVERY time they say "We lost EVERYTHING!"..well, there's no need for that if you take the time in advance to preposition enough of your gear so it doesn't fall into the "everything" category. The situation will still suck, but having a nice set of backup everything will sure help mitigate things and make the situation suck *less*. As to what to exchange/store, use your imagination, what would you like to have as a backup if for some reason your home just got wiped out? Spare sets of clothes for everyone, favorite toys for the kids, some electronic gear, tools, sporting goods, books, other media of importance to you, family photos, household records, personal mementos, etc. Salt to taste there. Even just a stuffed closet is good enough, that and the place to evacuate *to*.

That, and what we call BOBs, or "bug out bags" are good ideas. A "bob" is a backpack or other container (backbacks are good in case you get stuck on foot), that has enough critical essentials to keep you alive for a week or so, enough even on foot to get you out of the disaster area most likely. It's called a bug-out bag from the old army term, and it is designed so if you have zero notice-hear on the radio local railroad has a tanker car full of chlorine leaking, nasty forest fire heading your way, and it's close, etc, that you can grab it and go, out the door within less than one minute. Very high speed emergency evacuation. The deal is, you hope you never need it, but if you do, it literally could save your life.

Interesting subject, and although it is not directly related to the main parent IT topic, the concept is very similar.

So when the RIAA/MPAA come a knockin...

[gpinzone (531794)]

So when the RIAA/MPAA come a knockin', they can subpoena the data from both universities in one shot.

"a continent away"...?

[posterlogo (943853)]

last I heard, Maine and Los Angeles were on the same continent.

A few thoughts

[Evets (629327)]

Exchange isn't so problematic because it is written poorly. The problem is that it is so frequently administered poorly.

It's also problematic because exchange experts are few and far between. But then again how many sendmail or qmail experts are there?

I wonder though - are they using exchange just for e-mail? Or are they using it for scheduling, shared folders, etc.? I can't see implementing shared schedules university wide and only receiving 8 help desk calls. You'd think more than 8 people would be c

Re:

[El Lobo (994537)]

Excluding religious points.. why not? Exchange is nowdays a VERY MATURE colaboration system and the de-facto standard for business in many places. What's the diference? Use Exchange, GMail, POP3 or whatever you want. It's all about freedome, isn't it?

Re:

[The_Wilschon (782534)]

It is usually not about each individual's freedom, but every individual's freedom... One person deciding that an entire university will use exchange and nothing but (thus exercising their freedom) severely limits the freedom of the students and faculty at that university to choose email clients. Luckily my undergrad university also offered IMAP access (although they very strongly discouraged it); otherwise I'd have been stuck either using Windows and outlook or using the webmail interface (evolution conne

Re:

[Garion Maki (791172)]

unless you use firefox.
I use all three (outlook, IE and firefox) to read my mail and manage my calendar.
exchange in outlook and IE is verry similar but in firefox it's missing most of the basic functionality like flagging a message and decent search.

on the other hand, when not using firefox for it, it's actualy has several good features that I haven't found elswhere tho, the fact that it's easy to sync. the calendar between the exchange server and a pocket pc being one of them.

Re:

[El Lobo (994537)]

/late night rant on/Actually there is a large number of individuals who are supportes of the free/os movement for ideological reasons: "it's all about freedom" they cry, "let's us all decide what to use", "information wants to be free", "yadda yadda"... And then, when somebody chose to use Exchange or Vista or whatever they are the first to jump and cry foul....Wasn't it about freedom after all? Well, they made their choise, so what's the freaking problem then? It's actualy very amusing. Bytes ate bytes. S

Re:

[PopeRatzo (965947)]

The University I work for has used Exchange for the last 4 years. From my point of view as a user, it's been excellent. There hasn't been more than a handful of hours of downtime in my entire term there (that I've noticed).

I'd like to see Microsoft broken up the way AT&T was a few decades ago, but for real. Not, however, because their Exchange Server sucks. Vista is a different story, of course, and is a real dog. But, by automatically being critical of every product, the "I hate everything Microso

Lol...

[msimm (580077)]

Who modded this? Aside from the post being more or less irrelevant (it's not about a multi-peered architecture) his comparison to his LAN using his parents system should have been a good reason to rule out ANY enterprise architecture expertise whatsoever.

That said, as a system admin who's business does not have any kind of secondary solution (no hot/hot, no hot/cold, etc) I'd still be leery of trusting my data or my lively hood to a peer and an admin team I didn't know. Maybe this works better in academia

Re:

[perlchild (582235)]

As a system admin who has a backup place... I can tell you I might not do it with a competitor, but a major client or reseller, I'd certainly think about it, if they had the expertise...

Of course, if they had the expertise, they'd do it in house... And I'd be out a client...

Given a "peer" for backups whose not a competitor, but in a different vertical market might work, provided the trust aspects would be met

Re:Lol...

[Vulva R. Thompson, P (1060828)]

Maybe his parents are Ma Bell and Uncle Sam.

Rumor has it they've been in bed together for years.

Re:

[zCyl (14362)]

Maybe his parents are Ma Bell and Uncle Sam.

If your parents are Ma Bell and Uncle Sam, then your family tree has a forking bug...

Re:

[bberens (965711)]

I think dumping an encrypted file over on someone else's network over a secure connection isn't such a big deal. I mean, you're not an idiot so you'll be using a pretty decent encryption tool on the data before handing it over to the semi-trusted peer. One box and a VPN is a lot cheaper than a colo. I think it's kind of an interesting experiment. You do make a valid point though about how it probably will not catch on in corporate america.

Oblig grammer nazi

[Bearhouse (1034238)]

"lively hood" - is that as opposed to a boring neighborhood?

It's not as bad as it was

[dbIII (701233)]

Exchange used to be a great steaming pile of rubbish you could not back up properly without shutting down everything for the duration of the tape run (yes there were hacks, but not really good enough for bare metal recovery). It has improved a lot since then - personally I prefer just about anything else instead of something with big, weird, slow databases you can't read with anything else that change format with versions. So long as things are kept carefully in step (ie. same versions and patches so no b

Re:

[Bacon Bits (926911)]

Yes, Exchange has not been difficult to backup in some time. The only version I ever used that would corrupt itself was 5.5, and that's well over 9 years old now.

The only issue now is with poorly trained admins who still try to run brick-level backups or use ExMerge as their backup tool. MS has repeated told admins not to do this since Exchange 2000, and there are still backup programs that tell you to do it this way. You *will* break something using that method. It's akin to backing up a 500 table data

Simple answer

[schon (31600)]

How'd this make the front page?!

Simple - and you answer it with the first sentence of your post:

The summary mentions a university using Exchange successfully.

You're trying to say that this *isn't* front-page news? :)

Curses!

[mattgreen (701203)]

Well done, you win.

But, know this: you haven't seen the last of me! You shall rue the day you caught me in my own logic trap!