It’s good to be popular but it definitely comes with it’s own problems.  For instance, today, some clever folks decided to run a Distributed Denial of Service attack on the eBoundHost.com domain name.  They knocked us out of the web for a little bit of time, but luckily our monitoring system sounded an alarm and a tech was dispatched to fix the problem.

What happened?  A standard server simply cannot cope with several hundred servers trying to access a website at the same moment.  At first things work fine, then they slow down and finally, the server runs out of allowed processes.  The Apache web server is now effectively useless, hence the title: Denial of Service attack.

How does the attack happen?  Someone’s grandmother receives an email on her AOL account that promises to have pictures of her favorite relatives.  She opens the picture only to infect her computer with the most nasty Trojan virus known to mankind.  This Trojan proceeds to let his friends know that there is a party happening at grandmas house.  They come to visit and also infect the computer.  All sorts of fun things can be installed this way, for instance, software that turns this computer into a node on a botnet.  This botnet zombie is now fully in control of some 16 year old in Vietnam/Russia/Turkey/etc, and this computer can now participate in things like sending spam or a Denial of Service attack.

There are definitely ways to deal with this kind of situation.  First off, there are devices you can buy that deal with known DDoS patterns.  There are lists of known zombie ip addresses that you can block out on the router.  There are ways to deal with this type of situation.  Luckily this does not have all that often, and it is usually enough to merely let the attack work itself out.

This time the attackers were nice enough to have left us a signature of their work, and for that we are very grateful.  It really made the cleanup effort much easier.  So I wanted to say the following, we know you are out there and we know what you can do, and we are very impressed

Happy holiday weekend everyone!

Tomorrow is the fourth of July. This was the day The Declaration was approved and signed.  The day the Colonial Experiment became the American Dream.  The day everything changed.

This particular July 4th, is especially interesting.  I do not remember the last July 4th during a presidential campaign year because I didn’t happen to pay particular attention.  But today, our two (main) candidates will go on television and make flowery speeches and promise the world to us, just as long as we are willing to vote for them.  And then the political analysts are going to dissect and analyze every word and gesture and try to hide behind a journalistic lack of bias while steering the conversation in a particular direction.  And then the public is going to have private conversations about how a particular candidate is bad for our country and how the other guy/gal is going to be our savior.

Today’s political process seems very dirty.  The candidates appear inadequate, each in their own way.  The political commentators are biased and dishonest.  And the public seems to be the exact uneducated, unwashed masses, that are looked down upon by people who consider themselves the ‘elite’ and call the space between New York and Los Angeles, “flyover country”.

Somehow, I get the feeling that not much was different a hundred years ago.  Some Presidents have been unworthy of the title.  Newspaper publishers have been cheaters and liars, and the public, well the public literally didn’t bathe much.

But this is just an illusion.  The candidates at this level of the game are really the best of what is available to fill the Presidential shoes.  They may be unable to spell ‘potato’ or hold the book upsde down, but nobody can possibly stand up to this kind of scrutiny and constant pressure.  The candidates are good people who have already shown themselves to be good leaders.  The journalists are definitely opinionated but they maintain as much neutrality as possible and are balanced out by their colleagues on the other side of the political spectrum.  And the people are more politically savvy than they are given credit for.  When it comes down to it the system is brilliant.  And with all this imperfection, we somehow overcome the shortcomings and grow past the mistakes of our leaders.  Somehow, our country has been the innovator in almost every scientific field.  Somehow we have one of the highest qualities of life, and own the best ’stuff’.  Even with the bad economy, most people have an excess of food, a flat screen television, relatively new car, a cell phone and computer.  We have it so good that we are STILL selling SUV’s the size of Caribbean inner city buses.  We invented the Internet.  We invented the automobile.  We invented the telephone.

Whoever wins the upcoming election, things are not bad now and they are probably going to remain pretty good.  The reason for this, in my opinion, is the very nature of our society.  We are Open Source.  We have checks and balances, we have the right to criticize our leaders, to replace them if necessary.  The right to become candidates and fix the system from the inside.  The system is not perfect, but we are always working on it.  We are a society that is truly governed by the people, from the people and for the people.

On behalf of the eBoundHost team, we wish a happy 4th of July to the world.

About servers. Everyone reading this post is making a connection to a server. In fact, you are making a connection to at least a couple. There is a server in your office or home that is allowing you to proxy onto the internet, most likely a wireless router, which connects through another server, the DSL or cable modem. There is a caching DNS resolver server on your ISP. An entire army of router servers between your home and our data center. And the last server in the chain is our web server, which actually hosts this content.

Lets narrow down the definition of a Server. We are not going to talk about IBM mainframes or Sun UltraSPARC based blade systems. Today, we care only about the servers which comprise the majority of the infrastructure of the websites you visit. These are normal computers just like you have in your house or office, with the exception of being confined into more efficient packaging. They use familiar Intel or AMD processors, normal DDR2 or faster RAM, and SATA hard drives. What really separates them from home PC’s is the software. But software is not what this blog is about.

Here is what one of our older servers looks like (below):

To compare, here is one of eBoundHost’s newest servers.  This form factor is unofficially called the ‘pizza box’ due to its small dimensions.

The first thing you will notice is that the new server is not as tall. Our older hardware uses 2u (units of space) while the new servers use 1u. This allows for greater density. Some servers use as much as 7u but these are specialty machines that are filled to the brim with hard drives in gigantic RAID arrays.

Side to side comparison:

These servers fit into specialty (read expensive) racks that have 42u of storage in each rack. This means that when filled with 2u servers, we can only install 21 machines instead of 42 1u servers. It’s a dramatic difference when you talk about a server room full of racks such as in our facility:

Of course the entire 42 units are not available for servers, there are switches, power distribution units, firewalls, intrusion detection equipment.  All considered, we are happy to have 30 servers in one rack.

There is also the consideration of electricity and heat. A rack full of servers eats electricity like a hungry SUV, and produces just as much heat pollution. 30 servers stacked on top of each other, blowing air into the same direction, require an amazing amount of cooling, which needs big air conditioners that move a lot of tonnes of air. That’s all I’m going to say about that. Data center challenges is going to be saved for another blog entry.

To jump back into server hardware. Here is the same 1u server without its cover.

Motherboard, CPU, heatsink, RAM, hard drive and a very powerful cooling fan. Seems simple enough. Another picture:

Every server is custom built. When an older machine comes off line, we generally sell it through eBay and build a new server to take its place. The nature of hardware is such that components wear out and fail eventually. Our clients and our reputation are far too important, so we give old hardware the boot and use all new equipment.

Here are some servers in action. The following pictures may not be completely safe for geeks, they may cause weakening of the knees and a desire to run out and fix something. Please refrain, it will pass:

These (above) are dedicated servers. Inventory tags have been obfuscated in order to protect the innocent.

(below) Are some specialty machines which have 15k SAS (fast/expensive) hot swappable hard drives in RAID array. Used for our shared servers, VPS machines, and some powerful dedicated servers.

Each server is built by our staff. We love them so much that we have hundreds of them

More to follow, there is so much to cover: data center, operating systems, server software.

The Thanksgiving holiday is almost upon us. From the eBoundHost crew, I would like to wish all our friends who are observing this wonderful day, to have a good celebration and try not to have too much turkey (or whatever else).

This is the one holiday per year that seems completely innocent and not commercialized. Its spirit has somehow been preserved over the years and has not become a day to give cards or mandatory gifts, just to get together with your family around a dinner table and enjoy each other’s company.

On a related note, some of our staff are traveling around the country in the next few days, so we are running on a skeleton crew. If support runs a bit slower than usual, we hope you understand! (non critical/outage tickets only, of course)

So without any further delay, happy Thanksgiving.

Recently i have been following some very interesting conversations in the Free Open Source Software (FOSS or just OS) community. In case you have been on the moon for the last 10 years and have not had any news updates, I’ll fill you in. There are entire communities of people who are continually building all types of software that they distribute for free on the Internet. These people are computer programmers, graphic artists, copywriters and others. The software they build ranges from an operating system like GNU/Linux or to the online encyclopedia Wikipedia, and my personal favorite, TiVo.These projects are built by mostly unpaid programmers who contribute their free time and knowledge to build a better program/operating system/encyclopedia. They are driven by an altruistic desire to build a better “whatever.” They, then release this “whatever” to the masses for free, who in turn take these programs and hopefully make money from their distribution or by providing support. Ideally, whenever someone makes money from these projects, they will turn around and support the project they are using, thereby supporting the programmers who in turn will be able to make an even better program. So this is an ongoing cycle with contributions helping to fund development.

Sometimes these free programs are backed by large companies such as Sun (creators of Java) or TiVo. They often distribute a core system free of charge and hope to get a user base hooked on their product so they could then sell them the advanced software with more robust features. And sometimes companies find it easier to find a open source project and build their own system on top of it. For example, there are wonderfully powerful SQL systems available for free, MySQL and PostgreSQL. They have been in development for 7+ years and are such powerful systems that the vast majority of today’s Internet applications are based on one or the other. It would be foolish for a small (or large) company to start building a product from the very ground up.

The potential of such integration is HUGE. Company A only needs to make sure that their product integrates with the FOSS project B. Company A does not need to worry about any potential security threats or unexpected crashes due to project B. Instead, the programmers for project B take care of all such issues. This way company A is able to focus on improving the usability of their own product, which, coincidentally, does not even have be FOSS.

So this gets us to the really interesting part, sometimes Open Source projects are not compatible with each other. You would think that these programmers would be smart enough to allow these programs to integrate, but the problem is not what you think. Sometimes their licenses are incompatible!

The two licenses that I’m most concerned about are the GPL and BSD licenses. The BSD license says “do whatever you want with this code” which means that you are free to take code and even distribute it as closed source, proprietary programs. Coincidentally, the Apple X operating system is based on FreeBSD with some (very major) changes. So according to this license, Apple is able to take the current FreeBSD code, change whatever they want to change and distribute it as an independent project. Thankfully, Apple was kind enough to contribute significant improvements back to the project, but they did not have to. The BSD license allows them complete independence. The company does not have to release its trade secrets, only what they chose to. However, it is in their own best interest to contribute back and make sure that FreeBSD continues to be a vibrant operating system. This way, for the next release of the Apple software, they simply grab the FreeBSD code base, apply their own changes to it, and they have an up to date system with full security patches.

So the point of this blog is the other, and probably more important license, the GPL. This one says, that you are free to distribute this program as long as you make all the changes available to the public. So any company that modifies the source code of any project, thereby improving it, will have to open up its changes (including trade secrets) to the greater community, and if these changes are quality, they are then going to be integrated into the main project. Linux is distributed under this license. The added complexity of GPL is that there are 2 separate GPL’s on the table today GPLv2 and GPLv3. The v3 is newer, more complicated and puts restrictions on how the code can be used. We are slowly making the transition from v2 to v3 but a lot of companies are unable to make this transition because they would have to open up their closed source addons to GPL’d software, which were allowed under v2. So companies have to make a choice, use old and buggy GPLv2 software or upgrade to GPLv3 and lose business. This is a big issue that is beyond the scope of this blog, and we’ll see how things work out in the coming years.

So as far as we’re concerned, the major difference between the two licenses are

BSD: you should do the Right Thing but we won’t force you
GPL: you have to do the Right Thing and contribute back to the project

As a active reader of the FreeBSD mailing list and Slasdot and various Linux lists, I have recently started to see a lot of chatter about how the GPLv3 license is superior to everything else. People froth at mouth (or keyboard) and spew such hatred towards the other camp. After reading through 10 pages of this drivel, I realized that these people are wrong. They are trying to make a better FREE license by putting more restrictions on how it can be used. This is ridiculous.

Seems to me that they forgot what all of this is about and are trying to bite the hand that feeds them. If you take out corporate money out of open source software, a lot of important projects will collapse. The real support ($$$) comes from corporations that support projects which help to make money. No corporate profit means no support. Live and let live, if someone makes good money using FOSS, more power to them!

Last time I checked, making money is good for the person/company making money and for the entire community which benefits from the added support, either through sponsorship or awareness which leads to more pubic support. Companies like Google, have entire teams of programmers working on Open Source software and contribute millions to improving other ongoing projects.

Not to mention that you simply cannot outlaw capitalism which is what they seem to be trying to do. If people are forced into the corner, they will find another exit. And guess what, the BSD license is not a bad alternative to GPL’d software. If the GPL people keep pushing, they will just drive away developers to the other camp.

FOSS is great for all of us. Everyone should step back, take a deep breath and refocus on building better software rather than bickering about nonsense.

Oh, and for the record, this entire document is entirely not open for redistribution without my permission. How is that for a license