Re: amazonaws.com?

[Robert Bonomi <bonomi () mail r-bonomi com>]

> From nanog-bounces () nanog org  Mon May 26 21:16:58 2008
> Date: Tue, 27 May 2008 07:46:26 +0530
> From: "Suresh Ramasubramanian" <ops.lists () gmail com>
> To: "Colin Alston" <karnaugh () karnaugh za net>
> Subject: Re: amazonaws.com?
> Cc: nanog () merit edu
>
> On Tue, May 27, 2008 at 1:10 AM, Colin Alston <karnaugh () karnaugh za net> wrote:
> > On 26/05/2008 18:13 Suresh Ramasubramanian wrote:
> > >
>
> I didnt actually, Bonomi did .. but going on ..

Mis-credit where mis-credit isn't due ...  Twasn't me, either.  <grin>

I just commented that I couldn't think of a reason for a _compute_ cluster to
need access to unlimited remote machines/ports.  And that it could 'trivially'
be made an _automatic_ part of the 'compute session' config -- to allow access
to a laundry-list of ports/machines, and those ports/machines -only-.  

If Amazon were a 'good neighbor', they _would_ implement something like this.
That they see no need to do _anything_ -- when _actual_ problems, which are 
directly attributable to their failure to do so, have been brought to their 
attention -- does argue in favor of wholesale firewalling of the EC2 address-
space.  

If the address-space owner won't police it's own property, there is no reason
for the rest of the world to spend the time/effort to _selectively_ police it
for them.

Amazon _might_ 'get a clue' if enough providers walled off the EC2 space, and
they found difficulty selling cycles to people who couldn't access the machines
to set up their compute applications.