| Chat transcript from SRM 393 |
| Handle |
Comment |
| jmpld40 |
Welcome to the VeriSign Chat! |
| evilkyro1965 |
are the room winer won prize in this srm? |
| evilkyro1965 |
are the room winer won prize in this srm? |
| hatred |
i dont think so |
| irancoldfusion |
evilkyro1965: no |
| evilkyro1965 |
so who will won prize? number 1 winner? |
| evilkyro1965 |
so who will won prize? number 1 winner? |
| irancoldfusion |
evilkyro1965: no one |
| c4pt0r |
nobody~ |
| evilkyro1965 |
so sad :) |
| yoga1290 |
no prizes @ all? |
| VeriSign_Pat |
Hello everyone. I'm Pat Quaid, the Technical Director of VeriSign's Platform Products group |
| Sunny_05 |
shit man |
| _.Cha0s._ |
heelo pat |
| c4pt0r |
versign is the supporter of tco |
| Sunny_05 |
y r thr no prizes? |
| VeriSign_George |
And I'm George Hillenbrand, Principal engineer on a high available database project |
| rohitgupta14 |
VeriSign_Pat: Hello |
| VeriSign_Pat |
Our group is responsible for infrastructure at VeriSign, notably including the systems that do the DNS resolution for .com and .net |
| _.Cha0s._ |
hello george |
| Sunny_05 |
VeriSign_George: hiii |
| VeriSign_George |
Hi all |
| yoga1290 |
VeriSign_George: Is there any prize? |
| abhicool |
VeriSign_George: hi |
| tokstow |
VeriSign_Pat: nice. |
| jmpld40 |
no prizes today |
| _.Cha0s._ |
pat & george i am all ears |
| c4pt0r |
VeriSign_George: how can we make a project available |
| rohitgupta14 |
VeriSign_Pat: so what are High Availability, High Volume Systems. |
| _.Cha0s._ |
please pat & george begin |
| piyush.cusat |
ve |
| donalexey |
Hi, I am interested to know how much do you guys earn anually! |
| c4pt0r |
donalexey: ha ~~good question~! |
| VeriSign_Pat |
In the world of .com and .net DNS, highly available means essentially 100% availability, in addition to world-wide availability |
| VeriSign_Pat |
... and high volume means a half a million transactions per second, in total |
| _.Cha0s._ |
u guys using IBM HACMP |
| VeriSign_George |
The database I'm developing has a budget of about 2 minutes a year and needs to do roughly 50,000 transactions per second. |
| Grebie |
i visited verisign's booth at ces. why did you guys not have any models? |
| tokstow |
VeriSign_Pat: what technology do u use? |
| piyush.cusat |
what is the career opportunitites for freshers at verisign |
| VeriSign_Pat |
I believe we do use IBM HACMP on the database backend... which has been responsible for at least one outage. |
| _.Cha0s._ |
seems u are not happy with IBM |
| rohitgupta14 |
VeriSign_George: what do you mean by budget of 2 minutes a year? |
| _.Cha0s._ |
downtime |
| Sunny_05 |
VeriSign_George: mention some of the products of verisign? |
| VeriSign_Pat |
Not a bit. But one of the important lessons about highly available systems is that everything has a failure rate |
| _.Cha0s._ |
yes true |
| VeriSign_George |
Sorry, downtime budget including all causes including upgrade, maintenance, human error |
| c4pt0r |
VeriSign_Pat: do u guys use Visual Studio? |
| VeriSign_Pat |
... which is one reason we try to minimize the code path for the key infrastructure components |
| VeriSign_George |
Sort of like keeping an airplane up forever without landing. |
| VeriSign_Pat |
Virtually all of our work is on Unix, and most of it is in C++ |
| _.Cha0s._ |
but do u guys want custom solutions to high availablity or what |
| Sunny_05 |
VeriSign_George: hey, wat r the different products of verisign? |
| piyush.cusat |
ya we would like to know bout the products |
| _.Cha0s._ |
i am also in Infrastructure Management Practice and kind of responsible for a big pharma company |
| VeriSign_George |
There are other parts of the company that are Java and or windows. |
| VeriSign_Pat |
For the most important applications we run, we ultimately end up developing custom components. Off-the-shelf is great, but only gets you so far. |
| slex |
piyush.cusat: Check your certificate for tis applet :) |
| rohitgupta14 |
VeriSign_George: The hardware for these systems must be special |
| Grebie |
V |
| VeriSign_George |
Normal hardware, |
| _.Cha0s._ |
but now a days High Availablity is being offered everywhere |
| VeriSign_Pat |
VeriSign's most important businesses revolve around certificates for SSL (etc) and the .com DNS registry |
| Sunny_05 |
VeriSign_George: r thr internship oppurtunities available in summer? |
| rohitgupta14 |
VeriSign_George: so what makes them suitable for handeling such a high load |
| VeriSign_George |
Making the hardware less fault tolerant doesn't address problems like earthquakes, Once you address earthquakes using distribution then the hardware failures are handled. |
| _.Cha0s._ |
let me get this u want HA for certificates or for your DNS |
| Karalabe |
_.Cha0s._: I'd say both :) |
| VeriSign_George |
Lots of folks talk about HA, but they generally mean High availability when the system is ""supposed"" to be up, not all the time. |
| VeriSign_Pat |
Our part in that -- George and my part -- is to build infrastructure that supports those businesses. For the most part, that means resolution systems (DNS resolution and, for example, OCSP), but also database work like George's |
| drako |
hi all , is verisign hiring in india ?? |
| manaya |
:> |
| maniek |
what is (the order od magnitude) number of machines that do the 50k transactions per second? |
| Brahmand |
u connect to database through C++? |
| _.Cha0s._ |
can u give me an idea about your infrastructure |
| yoga1290 |
verisign is hiring where? |
| VeriSign_George |
A single machine needs to handle the 50K/second, but the system has mirrors that can take over within seconds and pickup right where original machine left off |
| VeriSign_Pat |
Most of our provisioning (ie getting stuff into the DB) is done through traditional Java/J2EE apps. |
| Brahmand |
but u said u did use C++ then why not for database? |
| yoga1290 |
VeriSign_George: verisign is hiring where? |
| VeriSign_George |
BTW, Pat and I aren't in position to talk about hiring or salaries, just high availabily/performance |
| Karalabe |
VeriSign_Pat: So you use Java for database and C++ for everything else? |
| _.Cha0s._ |
VeriSign guys an idea about your infrastructure would be great |
| _.Cha0s._ |
what's u r datacenter like |
| VeriSign_Pat |
Right, most provisioning is Java, because it's well-suited for that. DNS resolution is extremely high volume, so we use C++ to get every last cycle out of the hardware |
| VeriSign_George |
Didn't mention this earlier, but the heavy lifting systems use in memory databases. |
| VeriSign_George |
We're essentially working against in fairly specialized area that values availability over everything and performance over everything except availability |
| jbnpaul |
What type of servers do you use at verisign for DNS translation |
| VeriSign_Pat |
VeriSign has 3 datacenters for its key apps: primary, alternate primary, and disaster recover |
| Karalabe |
VeriSign_Pat: But wouldn't C++ database access speed up things instead of java? |
| VeriSign_Pat |
... and in addition to that, we have many points of presence around the world for serving DNS |
| VeriSign_George |
The in memory database is C++, but the access code with the customer logic is running Java on multiple application servers. |
| samshu |
hello ppl |
| VeriSign_Pat |
In the 3 main datacenters are the databases themselves; resolution happens in the many points-of-presence |
| Karalabe |
These datacenters you mention, are these operational all the time, of does the disaster center only process requests if the other two is out? |
| _.Cha0s._ |
obviously Karalbe what else do u except |
| VeriSign_George |
The multiplicity of application servers makes raw performance less of an issue (still important) while the need to maximize throughput on the single database image make C++ important |
| samshu |
ca i logout and come back at the start time?? |
| maniek |
I guess an important part of Your infrastructure must be the network part.. |
| jbnpaul |
How are these database machines and request service machines architectured? |
| drako |
VeriSign_George: why not use opensource frames works like hibernate ?? |
| VeriSign_Pat |
Good question. Only one of the core datacenters is active at a time. We might switch between the two primary datacenters on a month-to-month basis, but the DR... well let's hope that doesn't get used |
| samshu |
ANYONE plz tell me can i logout and cum bak at the start time???? |
| shuaib.akram |
samshu: yes u can |
| Ashesh |
samshu: yes, you can |
| shuaib.akram |
samshu: but be sure to come at 8 25 |
| VeriSign_George |
There's a project here to use hibernate from the client, but hibernate tends to move more data to the client which increases network use |
| shuaib.akram |
8:25 PM |
| jbnpaul |
samshu: yes you can log out and come back any time. Make sure to be here before the SRM starts else u will lose ur minutes |
| VeriSign_Pat |
About the architecture: at the resolution sites, we have a large number of machines that interface with the network, handing DNS itself |
| VeriSign_Pat |
... plus a smaller set of larger-memory machines, running an in-memory database, that actually provide the data |
| VeriSign_George | Our performance load is at the point that box performance is limited by the total number of packets into and out of the serve. |
| _.Cha0s._ | VeriSign_Pat what is the middleware u use |
| VeriSign_Pat | It looks a little like a traditional app-server/db arrangement, but build for ultimate speed |
| Kewl_guy | George : If you were given a choice between Hibernate and EJB 3, which one would u prefer? |
| shuaib.akram | hi everyone |
| VeriSign_Pat | On the resolution side, in the spirit of minimizing layers, we use no middleware. Just socket communication. |
| _.Cha0s._ | kind of raw then |
| _.Cha0s._ | just app talking to the database |
| VeriSign_George | There's another group building clients, that using EJB, not sure what version. They currently use Oracle Server. I'm working on next generation to use custom database. |
| VeriSign_Pat | Entirely raw. To give you an idea of the operational environment, if we accidently had a single malloc() in the resolution path, our performance would drop by 60% |
| jbnpaul | Yes memory access is too fast compared to network packet access. So are you using custom server solutions ( sun for example) which can handle multiple network adapters |
| shuaib.akram | hello i am an ece engineering student can any one tell me whats the future of me?? |
| VeriSign_George | The Hibernate/EJB question is discussion in the client side group. |
| Kewl_guy | Okey dokey! Is Verisign into any other software development apart from security software? |
| VeriSign_Pat | We have a number of different types of servers out there -- in fact we always have at least two types of everything, to ensure diversity |
| VeriSign_George | The future of every me is great if you accept fact that you make your future, not someone else. |
| VeriSign_George | Even multiple network adapters aren't enough. Performance cost per packet is high relative to other processing. |
| _.Cha0s._ | Pat how much uptime do u actually deliver |
| VeriSign_Pat | ... but we mostly focus on commodity gear, since relatively exotic gear tends not to be as reliable |
| maniek | Do You guys do any active development there? Well, the DNS works, why change anything? |
| maniek | :) |
| _.Cha0s._ | see i know a bit bout google datacenter they use cheap PC with Linux and kind of distributed computing |
| _.Cha0s._ | in the event 1 pc goes down the other comes up |
| VeriSign_Pat | On the DNS resolution side, we have 100% availability for about 10 years now (knock on wood...) |
| _.Cha0s._ | so how have u guys planned u r infrastructure |
| Karalabe | _.Cha0s._: Yes, but google processes a lot for a single packet |
| VeriSign_George | Verisign is focusing on it's core of DNS, security, but there are lots of sub branches to these. |
| VeriSign_Pat | ... but note that's system-wide availability. We have individual sites go down relatively often, frequently due to provider issues |
| VeriSign_George | Our business differs from goole, they do more per packet, we do more packets. |
| jbnpaul | How long does it take Verisign to distribute a new DNS info added, to all the servers |
| _.Cha0s._ | so what do u guys are looking for now |
| _.Cha0s._ | i mean a solution |
| VeriSign_Pat | That Google point is about right -- at some level, you need lots of hardware, and we too use lots of small Linux boxes with automatic, immediate failover |
| _.Cha0s._ | for exactly what |
| VeriSign_Pat | If you make a change to a .com or .net domain, we'll typically distribute the change world-wide in less than 3 minutes |
| Kewl_guy | George: You folks out there work on IDS and other wireless security stuff too? |
| _.Cha0s._ | are u facing some challenge in existing setup |
| _.Cha0s._ | how much time it is currently taking to update the change world wide |
| VeriSign_George | A key focus now is bringing the kind of availabilty the resolution servers have to other systems whose availability requirement is becoming more stringent. |
| VeriSign_Pat | One interesting challenge that's perhaps not obvious is keeping track of the system itself and its immediate environment, and determining whether we have a problem or if it's a provider's problem |
| VeriSign_Pat | Or in other words: monitoring and reporting is an ongoing challenge |
| VeriSign_George | Part of our core value proposition is world wide scale with better than commerical availability. |
| jbnpaul | Can you elaborate the core technology/concept used for HA at Verisign |
| VeriSign_Pat | About the "how long to distribute" point: another aspect of our work is that a single mistake can break DNS for a whole company. So data integrity is incredibly important to us. |
| VeriSign_George | Challenge in existing setup is that attack volumes keep going up, but availability can't be compromised. |
| _.Cha0s._ | attack volumes meaning |
| VeriSign_George | _.Cha0s._: attack volume is traffic trying to compromise availability |
| _.Cha0s._ | u mean DOS |
| VeriSign_George | _.Cha0s._: that's part of it |
| _.Cha0s._ | what else George |
| VeriSign_Pat | At VeriSign we have several approaches to HA, depending on the product. For example, our current database infrastructure uses a fairly traditional architecture (HA servers, EMC, synchronous replication to a separate data center, etc) |
| _.Cha0s._ | what other kind of traffic |
| _.Cha0s._ | can compromise availability |
| CoreDumped | . |
| 5steve | hi |
| VeriSign_George | _.Cha0s._: All important systems are probed for weakness, we win if none are found. |
| VeriSign_Pat | George is working on a system that provides HA for the core database transactions in a somewhat different way |
| nitdgp | konqueror: congrats for making it to the onsite round |
| nitdgp | konqueror: u r the only indian this year |
| AnilKishore | konqueror: this year TOO :) |
| nitdgp | konqueror: i pray u dont have any VISA problems |
| idrackz | hi to all |
| AnilKishore | konqueror: He said... he have .. :( |
| 5steve | hihi |
| Fozz | hello verisign! |
| VeriSign_Pat | For resolution systems, we have an entirely custom architecture that starts with multiple data centers, and flows down through active/active redundancy on the site |
| AnilKishore | konqueror: also he has some Intern.. scheduled :( |
| Fozz | What locations do you have? |
| AnilKishore | nitdgp: also he has some Intern.. scheduled :( |
| Tomato | hello verisign |
| javadev1 | VeriSign_George: Is there Viri certifcates for Java Midlets |
| 5steve | ver |
| AnilKishore | go to their chat room |
| nitdgp | AnilKishore: which year he is in? |
| VeriSign_George | javadev1: outside my area, I don't know |
| nitdgp | AnilKishore: where is he from? |
| _.Cha0s._ | Pat for DNS u use BIND customised to u r needs or some other product |
| javadev1 | VeriSign_George: hum, thanks |
| nitdgp | AnilKishore: ok |
| VeriSign_George | javadev1: sorry I can't help |
| VeriSign_Pat | We have a customized DNS resolution system built on ATLAS, our resolution framework |
| javadev1 | VeriSign_George: What are the main programming languages u use? |
| VeriSign_Pat | ... although we use BIND for some other domains |
| 5steve | VeriSign_George: is there any intership opportunity provided by u guys? |
| _.Cha0s._ | u handle only .com & .net domains |
| Fozz | VeriSign_Pat: Where are you based/hiring for? |
| VeriSign_George | javadev1: My particular groups is 90% C++, a little java. Other groups are 100% Java. There's a smattering of Perl and similar scripting language work. |
| VeriSign_Pat | We also handle .tv and .cc and other lesser-known domains, and we operate two of the 13 root servers |
| javadev1 | VeriSign_George: What programming tools you are using for java? |
| VeriSign_Pat | George and I are in Dulles, VA (just outside of DC), and the company HQ is in Mountain View, CA |
| Fozz | VeriSign_Pat: thanks! |
| nitdgp | chini_1010: hi |
| nitdgp | chini_1010: ready? |
| nitdgp | chini_1010: for the 1st SRM? |
| VeriSign_George | javadev1: Hi to recent arrivals, Pat and I are new to forum and hope we're doing reasonable job of keeping up. |
| chini_1010 | nitdgp: kya karna hai |
| 5steve | VasheginRoman: what kinda qualities do the company look for when hiring? |
| nitdgp | chini_1010: kuch nahi karna |
| nitdgp | chini_1010: abhi active contest me jana hoga |
| nitdgp | chini_1010: jab enter button |
| nitdgp | chini_1010: enabled ho jayega |
| nitdgp | chini_1010: enter karna |
| VeriSign_Pat | When hiring, I like Joel-on-software's advice: look for a) smart people who can b) get things done |
| Ferlon | Howl! |
| izulin | admins: will there be a possibility to be a 'kosovo' country coder? |
| nitdgp | chini_1010: still 10 min to go to enter the rooms |
| VeriSign_Pat | Two distinct qualities, and you need them both. But particular skills? Less important. |
| izulin | admins: as US gov recognized it as a country |
| Abednego | izulin: nice! |
| izulin | Abednego: huh? :p |
| leadhyena_inran | izulin: I have to refer to our legal department about it |
| Abednego | izulin: +1 insightful :) |
| leadhyena_inran | izulin: they handle all of the country configurations for us |
| izulin | leadhyena_inran: tought case IMHO |
| izulin | Abednego: :D |
| leadhyena_inran | izulin: we can always check it |
| REPERTOIRE | hi? |
| zulo | izulin: you don't like to be polak ? |
| VeriSign_George | javadev1: Hi |
| izulin | zulo: well, I will always represent poland |
| REPERTOIRE | what is the tip for getting a good job? |
| izulin | zulo: and I'm not asking because I like/dislike idea of Kosovo |
| _.Cha0s._ | admins: hey how can i view chat history |
| izulin | Abednego: It's tought question, whether allow Kosovo |
| izulin | Abednego: or Turkish republic of Cyprus |
| izulin | Abednego: or Abchazja |
| REPERTOIRE | ofcourse allow kosovo.......... |
| REPERTOIRE | its for the mankind |
| Fixman | REPERTOIRE: But that would be a message for Chechenya |
| VeriSign_George | REPERTOIRE: Best tip out of my experience is willingness to try something you're not sure you can do because you can do more than you think. |
| izulin | REPERTOIRE: and what about Taiwan? |
| Fixman | REPERTOIRE: And for many countries, making lots of rich countries poor and de-estabilizing worlds economy |
| izulin | AFAIR more countries already recognizes kosovo than taiwan |
| agrbin | there are no more spots? |
| 5steve | VasheginRoman: so would you consider TopCoder experience a good thing to be add to my resume |
| izulin | there are some countires recognized only by one other country |
| vgiacome | agrbin: mozda si ti prevelik |
| zilupe | Those all are NP-complete problems |
| redeemer | yeah, how would you rate topcoder exp? |
| izulin | like turkish republic of kosovo |
| javadev1 | VeriSign_George: hi George |
| VeriSign_George | VasheginRoman: TopCoder can be good, like anything you do well. |
| CoreDumped | admins: hmm 1.5k users |
| Abednego | jmpld40: me too. thanks! |
| redeemer | how do youll guys rate someone with a reasonable topcoder score? |
| javadev1 | VeriSign_George: Where is VS located? |
| nlvraghavendra | hi da lakshmanan |
| gmohan | lakshmanann: lakshmanann |
| thocev5 | CoreDumped: SRMs tend to fill up latelly |
| redeemer | i mean, if he has a red score obviously he is good etc etc |
| yoyomm | hi |
| gmohan | lakshmanann: dai mokka wat da |
| nlvraghavendra | lakshmanann: hi |
| redeemer | but what about someone who just has a topcoder score |
| redeemer | whatever may it be |
| shenligg | hi everyone |
| koushikkrk | Hi! |
| redeemer | do you assign any weightage to the fact that he has bothered to attempt programming? |
| gmohan | lakshmanann: what daee ea |
| nlvraghavendra | lakshmanann: attending after a long time da.. |
| redeemer | *programmin competitively |
| VeriSign_George | javadev1: Pat and I are in Dulles Va. Head office is Mountainview CA. We also have some distributed people. |
| litonshu | how many people does verisign employ? |
| infal | Halo Japa |
| Hornax | Nikelandjelo: ?????? |
| REPERTOIRE | REPERTOIRE: what is the requirement of getting job in your company? |
| VeriSign_Pat | When you're hiring someone, you tend to take lots of factors into consideration. So yes, participating would help, as would a good score. But the main factor is still about you, not what you've done. |
| Shedal | ???? ?????? |
| 5steve | VasheginRoman: so when interviweing, what kinda questions are mostly being asked? |
| redeemer | k |
| jmpld40 | Thanks so much to the VeriSign folks for chatting today. |
| Fory | khayyam: ya no hubo lugar :( |
| VeriSign_George | redeemer: When we look for people we look for folks who are both skilled and passionate. Top coder experience is a sign of passion, but not only sign. |
| tstan436 | thanks verisign guys |
| Ashesh | thanks! |
| tibix | you should read RandsInRepose, google it |
| ud4u | hiiiiiiiiiii |
| VeriSign_Pat | Thanks to you for the questions. It's been fun! |
| imrankane2005 | VeriSign_Pat: How much is the importance of communication skill then coding talent for job oppertunity ?? |
| redeemer | VeriSign_George: true, just wanted your opinion ont hat, thanks |
| ljwan12 | gmohan: dajiahao |
| prashant_elec | redeemer: HI |
| VasheginRoman | G_uniti - Preved!!! |
| prashant_elec | redeemer: helloo |
| VeriSign_Pat | When it's all said and done, communication is one of the most important things we do. Even coding is essentially a form of communication, from you to a future programmer. So, yeah, it's important. |
| prashant_elec | redeemer: wassup |
| redeemer | prashant_elec: hi |
| raviupreti85 | VeriSign_George: Hello, what particularly i need to be strong in for good chances of getting into your company |
| redeemer | prashant_elec: whats up? |
| redeemer | prashant_elec: do i know you btw? |
| raviupreti85 | VeriSign_George: VeriSign_George: Hello, what particularly i need to be strong in for good chances of getting into your company |
| Arks | 2 min |
| redeemer | prashant_elec: ? |
| redeemer | prashant_elec: hello? |
| prashant_elec | redeemer: 3mins to doom |
| redeemer | prashant_elec: heh |
| redeemer | prashant_elec: who is this though? |
| redeemer | prashant_elec: or are you jsut talking to random people :) |
| prashant_elec | redeemer: i said 3 mins to doom |
| Kewl_guy | Pat: Well said Pat, about the communication thingy! Well, C ya later! :-) Chow |
| redeemer | prashant_elec: k |
| prashant_elec | redeemer: i thought u were someone else |
| prashant_elec | redeemer: :) |
| 5steve | VasheginRoman: thank you guys |
| VeriSign_George | raviupreti85: Positions vary in skill requirements. My particular groupt requires C++, but company is looking for people who make things happen. |
| redeemer | prashant_elec: ok |
| jbnpaul | Bye bye folks into arena now ... |
| VeriSign_George | raviupreti85: rav... ok |
| redeemer | prashant_elec: from mumbai? |
| prashant_elec | redeemer: nopes hyderabad |
| VeriSign_George | raviupreti85: to to go. Thanks. |
