Geoff Huston

Geoff Huston

Author & Chief Scientist at APNIC
Joined on September 6, 2003
Total Post Views: 1,165,542


Geoff Huston holds a B.Sc. and a M.Sc. from the Australian National University. He has been closely involved with the development of the Internet for the past decade, particularly within Australia, where he was responsible for the initial build of the Internet within the Australian academic and research sector. Huston is currently the Chief Scientist in the Internet area for Telstra. He is also the Executive Director of the Internet Architecture Board, and is a member of the APNIC Executive Committee.

Geoff is also author of The ISP Survival Guide, ISBN 0-471-31499-4, Internet Performance Survival Guide: QoS Strategies for Multiservice Networks, ISBN 0471-378089, and coauthor of Quality of Service: Delivering QoS on the Internet and in Corporate Networks, ISBN 0-471- 24358-2, a collaboration with Paul Ferguson. All three books are published by John Wiley & Sons.

Featured Blogs

Leaving it to the Last Second - The Leap Seconds Conundrum

Thanks to the moon, the earth's rate of rotation is slowing down. It's a subtle interaction and the modeling of planetary dynamics predicts that the earth's rotation should be slowing down by an average of 2.3 milliseconds per century. But this is not quite so uniform... So what? Maybe we can start by looking at how we've defined time over history... It's only been in recent decades that we've turned our attention to timekeeping with an obsessive level of detail that rivals, and maybe even surpasses, train spotting. more»

Taking a Closer Look at the Recent DDoS Attacks and What it Means for the DNS

The recent attacks on the DNS infrastructure operated by Dyn in October 2016 have generated a lot of comment in recent days. Indeed, it's not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways, this DNS DDOS prominence is for all the wrong reasons! I'd like to speculate a bit on what this attack means for the DNS and what we could do to mitigate the recurrence of such attacks. more»

How Did We Get Here? A Look Back at the History of IANA

October 2016 marks a milestone in the story of the Internet. At the start of the month, the United States Government let its residual oversight arrangements with ICANN over the operation of the IANA lapse. No single government now has a unique relationship with the governance of the protocol elements of the Internet, and it is now in the hands of a community of interested parties in a so-called Multi-Stakeholder framework. This is a unique step for the Internet and not without its attendant risks. How did we get here? more»

DDOS Attackers - Who and Why?

Bruce Schneier's recent blog post, "Someone is Learning How to Take Down the Internet", reported that the incidence of DDOS attacks is on the rise. And by this he means that these attacks are on the rise both in the number of attacks and the intensity of each attack. A similar observation was made in the Versign DDOS Trends report for the second quarter of 2015, reporting that DDOS attacks are becoming more sophisticated and persistent in the second quarter of 2016. more»

Examining IPv6 Performance - Revisited

Every so often I hear the claim that some service or other has deliberately chosen not to support IPv6, and the reason cited is not because of some technical issue, or some cost or business issue, but simply because the service operator is of the view that IPv6 offers an inferior level service as compared to IPv4, and by offering the service over IPv6 they would be exposing their clients to an inferior level of performance of the service. more»

What is Google Up To?

The astonishing rise and rise of the fortunes of Google has been one of the major features of both social and business life of the early 21st century. In the same way that Microsoft transformed the computer market into a mainstream consumer product through its Windows and Office software products some 20 years ago, Google has had a similar transformative effect upon its environment. more»

Open Season

In June 2016 the Organization for Economic Cooperation and Development (OECD) hosted a meeting of ministers to consider the state of the Digital Economy. The central message from this meeting was the message that: "Governments must act faster to help people and firms to make greater use of the Internet and remove regulatory barriers to digital innovation or else risk missing out on the potentially huge economic and social benefits of the digital economy." All well and good, and as a piece of rhetoric it seems to strike an appropriately positive note without straying far from what appears to be bland truisms of our time. more»

The Path to DNS Privacy

The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. But all this is poised to change. more»

Declaring IPv6 an Internet Standard

I've already shared my thoughts following a session of the IPv4 Sunset Working Group at IETF 95 that considered whether to declare IPv4 an "Historic" specification. Of course, as one would expect for a meeting of a Standards Development Organization (SDO), that wasn't the only standards process discussion through the week. Another session, this time in the IPv6 Maintenance Working Group, considered the related topic of whether to make the IPv6 specification a full Internet Standard. Let's look at that proposal. more»

Is IPv6 an Essential Precondition for Internet of Things? Or Are Things Just Fine with IPv4?

It has often been claimed that IPv6 and the Internet of Things are strongly aligned, to the extent that claims are made they are mutually reliant. An Internet of Things needs the massively expanded protocol address space that only IPv6 can provide, while IPv6 needs to identify a compelling use case to provide a substantive foundation to justify the additional expenditures associated with a widespread deployment of this new protocol that only the Internet of Things can provide. more»

Declaring IPv4 "Historic"

At the IETF 95 meeting at the start of April, I was in a meeting of the IPv4 Sunset Working Group, and heard Lee Howard, Director of Network Technology at Time Warner Cable, present on a proposal that recommended that IP version 4, or to be specific, that the technical protocol specification documented in RFC 791, be declared "Historic"... The rationale for this proposed re-designation of IPv4 was that this protocol has indeed been superseded by a more recent specification, namely IP version 6. more»

Reflections on NANOG 66

The North American Network Operators Group (NANOG) continues to be one of the major gatherings on network operators and admins, together with the folk who work to meet the various needs of this community. Their program committee produces a program that never fails to provide thought provoking interest. Here are my reactions to some of the presentations I heard at NANOG 66, held in San Diego in February. more»

On the Internet Everyone is Connected to Everyone Else - Right?

We tend to make a number of assumptions about the Internet, and sometimes these assumptions don't always stand up to critical analysis. We were perhaps 'trained' by the claims of the telephone service to believe that these communications networks supported a model of universal connectivity. Any telephone handset could establish a call with any other telephone handset was the underlying model of a ubiquitous telephone service, and we've carried that assumption into our perception of the Internet. On the Internet anyone can communicate with anyone else - right? more»

Addressing 2015 - Last One Standing!

Time for another annual roundup from the world of IP addresses. What happened in 2015 and what is likely to happen in 2016? This is an update to the reports prepared at the same time in previous years, so let's see what has changed in the past 12 months in addressing the Internet, and look at how IP address allocation information can inform us of the changing nature of the network itself. more»

What's in a Name?

What's the difference between .local and .here? Or between .onion and .apple? All four of these labels are capable of being represented in the Internet's Domain Name System as a generic Top Level Domains (gTLDs), but only two of these are in fact delegated names. The other two, .local and .onion not only don't exist in the delegated name space, but by virtue of a registration in the IANA's Special Use Domain Name registry, these names cannot exist in the conventional delegated domain name space. more»

RIPE 71 Meeting Report

The RIPE 71 meeting took place in Bucharest, Romania in November. Here are my impressions from a number of the sessions I attended that I thought were of interest. It was a relatively packed meeting held over 5 days. So this is by no means all that was presented through the week... As is usual for RIPE meetings, it was a well organised, informative and fun meeting to attend in every respect! If you are near Copenhagen in late May next year I'd certainly say that it would be a week well spent. more»

NANOG 65 Report

NANOG 65 was once again your typical NANOG meeting: a set of operators, vendors, researchers and others for 3 days, this time in Montreal in October. Here's my impressions of the meeting... The opening keynote was from Jack Waters from Level 3, which looked back over the past 25 years of the Internet, was interesting to me in its reference to the "Kingsbury Letter". more»

Thoughts on the Open Internet - Part 6: Final Thoughts

Today we just don't have an "Open" Internet. The massive proliferation of network-based middleware has resulted in an internet that has few remaining open apertures. Most of the time the packet you send is not precisely the packet I receive, and all too often if you deviate from a very narrowly set of technical constraints within this packet, then the packet you send is the packet I will never receive. more»

Thoughts on the Open Internet - Part 5: Security

Any form of public communications network necessarily exposes some information about the identity and activity of the user's of its services. The extent to which such exposure of information can be subverted and used in ways that are in stark opposition to the users' individual interests forms part of the motivation on the part of many users to reduce such open exposure to an absolute minimum. The tensions between a desire to protect the user through increasing the level of opacity of network transactions to third party surveillance, and the need to expose some level of basic information to support the functions of a network lies at the heart of many of the security issues in today's Internet. more»

Thoughts on the Open Internet - Part 4: Locality and Interdependence

The Internet was not originally designed as a single network that serviced much of the world's digital communications requirements. Its design was sufficiently flexible that it could be used in many contexts, including that of small network domains that were not connected to any other domain, through to large diverse systems with many tens of thousands of individual network elements. If that is indeed the case, then why is it that when networks wish to isolate themselves from the Internet, or when a natural calamity effectively isolates a network, the result is that the isolated network is often non-functional. more»

Thoughts on the Open Internet - Part 3: Local Filtering and Blocking

The public policy objectives in the area of content filtering and blocking space are intended to fulfil certain public policy objectives by preventing users within a country from accessing certain online content. The motives for such public policies vary from a desire to uphold societal values through to concessions made to copyright holders to deter the circulation of unauthorised redistribution of content. more»

Thoughts on the Open Internet - Part 2: The Where and How of "Internet Fragmentation"

In defining what is meant by "Internet Fragmentation" it is useful to briefly describe what is meant by its opposite, an "Open and Coherent Internet". As we've explored in the previous section, "coherence" implies that each of the elements of the Internet are orchestrated to work together to produce a seamless Internet which does not expose the boundaries between discrete elements. more»

Thoughts on the Open Internet - Part 1: What Is "Open Internet"

I'm sure we've all heard about "the Open Internet." The expression builds upon a rich pedigree of term "open" in various contexts. For example, "open government" is the governing doctrine which holds that citizens have the right to access the documents and proceedings of the government to allow for effective public oversight, a concept that appears to be able to trace its antecedents back to the age of enlightenment in 17th century Europe. more»

The Changing Mobile World

Today's Internet is undoubtedly the mobile Internet. Sales of all other forms of personal computers are in decline and the market focus is now squarely on tablets, "smart" phones and wearable peripherals. In 2014 these providers sold 1.5 billion such devices into the global consumer market, and doubtless 2015's numbers will be greater. Half of all Internet-visible devices are now mobile devices and they generate 75% of all access provider revenues. more»

'The Global Village' Idiot

I recall from some years back, when we were debating in Australia some national Internet censorship proposal de jour, that if the Internet represented a new Global Village then Australia was trying very hard to position itself as the Global Village Idiot. And the current situation with Australia's new Data Retention laws may well support a case for reviving that sentiment. more»

Revisiting Apple and IPv6

A few weeks ago I wrote about Apple's IPv6 announcements at the Apple Developers Conference. While I thought that in IPv6 terms Apple gets it, the story was not complete and there were a number of aspects of Apple's systems that were not quite there with IPv6. So I gave them a 7/10 for their IPv6 efforts. Time to reassess that score in the light of a few recent posts from Apple. more»

An Update on IPv6

In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more»

Apple and IPv6 - Not Quite There Yet

It's Apple's Developers Conference time again, and in amongst the various announcements was week, in the "Platforms Status of the Union" presentation was the mention of Apples support of IPv6. Sebastien Marineau, Apple's VP of Core OS told the conference that as far as IPv4 addresses are concerned, exhaustion "is finally here", noting that this already started in 2011 in the Asia Pacific while in North America IPv4 address exhaustion is imminent. Sebastien noted that it's really important to support IPv6 in devices and applications these days... more»

Notes from NANOG 64

The North American Network Operator's Group held its 64th Meeting in San Francisco in early June. Here's my impressions of some of the more interesting sessions that grabbed my attention at this meeting... At the start of the year, the US FCC voted to reclassify Broadband Internet access services under Title II of the US Telecommunications ACT -- effectively viewing Internet access providers as common carriers, with many of the rights and responsibilities that goes with this classification. more»

Diving Into the DNS

If you are at all interested in how the Internet's Domain Name System (DNS) works, then one of the most rewarding meetings that is dedicated to this topic is the DNS OARC workshops. I attended the spring workshop in Amsterdam in early May, and the following are my impressions from the presentations and discussion. What makes these meetings unique in the context of DNS is the way it combines operations and research, bringing together researchers, builders and maintainers of DNS software systems, and operators of DNS infrastructure services into a single room and a broad and insightful conversation. more»

The Internet of Stupid Things

In those circles where Internet prognostications abound and policy makers flock to hear grand visions of the future, we often hear about the boundless future represented by "The Internet of Things". This phrase encompasses some decades of the computing industry's transition from computers as esoteric piece of engineering affordable only by nations, to mainframes, desktops, laptops, handhelds, and now wrist computers. Where next? more»

The Mobile Internet

It has been observed that the most profound technologies are those that disappear (Mark Weiser, 1991). They weave themselves into the fabric of everyday life until they are indistinguishable from it, and are notable only by their absence. The feat of reticulating clean potable water into every house, so that it is constantly accessible at the turn of a tap, is a great example of the outcome of large scale civil engineering projects, combining with metallurgy, hydrology, chemistry and physics. But we never notice it until it is no longer there. more»

Notes from NANOG 63

The following is a selected summary of the recent NANOG 63 meeting, held in early February, with some personal views and opinions thrown in! ...One view of the IETF's positioning is that as a technology standardisation venue, the immediate circle of engagement in IETF activities is the producers of equipment and applications, and the common objective is interoperability. more»

Decision Time for the Open Internet

On February 26 of this year the Federal Communications Commission (FCC) of the United States will vote on a proposed new ruling on the issue of "Network Neutrality" in the United States, bringing into force a new round of measures that are intended to prevent certain access providers from deliberately differentiating service responses on the carriage services that they provide. more»

Addressing 2014 - And Then There Were 2!

Time for another annual roundup from the world of IP addresses. What happened in 2014 and what is likely to happen in 2015? This is an update to the reports prepared at the same time in previous years. So lets see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. more»

The Resolvers We Use

The Internet's Domain Name System is a modern day miracle. It may not represent the largest database that has ever been built, but nevertheless it's truly massive. And even if it's not the largest database that's ever been built, it's perhaps one of the more intensively used... Given the fragmentation of the IPv4 address space with the widespread use of various forms of address sharing, then it increasingly looks as if the DNS is the only remaining common glue that binds the Internet together as a single network. more»

Some Observations from NANOG 62

NANOG 62 was held at Baltimore from the 6th to the 9th October. These are my observations on some of the presentations that occurred at this meeting. .. One of the more memorable sides in this presentation was a reference to "map" drawn by Charles Minard in 1869 describing the statistics relating to the Napoleonic military campaign in Russia, and the subsequent retreat. more»

Privacy and Security - Five Objectives

It has been a very busy period in the domain of computer security. With "shellshock", "heartbleed" and NTP monlink adding to the background of open DNS resolvers, port 445 viral nasties, SYN attacks and other forms of vulnerability exploits, it's getting very hard to see the forest for the trees. We are spending large amounts of resources in reacting to various vulnerabilities and attempting to mitigate individual network attacks, but are we making overall progress? What activities would constitute "progress" anyway? more»

Internet Regulation: Section 706 vs Title II

At the NANOG meeting in Baltimore this week I listened to a presentation by Patrick Gilmore on "The Open Internet Debate: Section 706 vs Title II." It's true that this is a title that would normally induce a comatose reaction from any audience, but don't let the title put you off. Behind this is an impassioned debate about the nature of the retail Internet for the United States, and, I suspect, a debate about the Internet itself and the nature of the industry that provides it. more»

How Big Is That Network?

It's often observed that the Internet was a direct outcome of the progressive liberalization of national telecommunications markets in the late twentieth century. This allowed the entry of a wave of Internet entrepreneurs into various national telecommunications markets that were historically dominated by incumbent telephone monopolies. The resultant transformation of telecommunications over the past two decades is as much a testament to the transformational power of open markets as it is to the prodigious ability of the Internet's technology base to service the ever increasing demands being made of it. more»

Where is Metadata Anyway?

I can't help but think that the situation in this rather old joke applies very precisely to the current Australian efforts to compel network operators, through some contemplated regulatory instrument, to record and retain network-collected data about their customers' online activities. What I'd like to examine here the emerging picture that while networks, and network operators, make convenient targets for such surveillance efforts, the reality of today's IP network's are far more complex, and Internet networks are increasingly ignorant about what their customers do. more»

What is Metadata, and Why Should I Care?

August 2014 is proving yet again to be an amusing month in the Australian political scene, and in this case the source of the amusement was watching a number of Australian politicians fumble around the topic of digital surveillance and proposed legislation relating to data retention measures. The politicians assured us that the proposed data retention measures were nothing untoward, and all that was being called for was the retention of "metadata" by Australian ISPs for a period of two years. more»

Some Internet Measurements

At APNIC Labs we've been working on developing a new approach to navigating through some of our data sets the describe aspects of IPv6 deployment, the use of DNSSEC and some measurements relating to the current state of BGP. The intent of this particular set of data collections is to allow the data to be placed into a relative context, displaying comparison of the individual measurements at a level of geographic regions, individual countries, and individual networks. more»

The Open Internet?

I'm sure we've all heard about "the open Internet." The expression builds upon a rich pedigree of term "open" in various contexts. For example, "open government" is the governing doctrine which holds that citizens have the right to access the documents and proceedings of the government to allow for effective public oversight, a concept that appears to be able to trace its antecedents back to the age of enlightenment in 17th century Europe. more»

NANOG 61 - Impressions of Some Presentations

The recent NANOG 61 meeting was a pretty typical NANOG meeting, with a plenary stream, some interest group sessions, and an ARIN Public Policy session. The meeting attracted some 898 registered attendees, which was the biggest NANOG to date. No doubt the 70 registrations from Microsoft helped in this number, as the location for NANOG 61 was in Bellevue, Washington State, but even so the interest in NANOG continues to grow... more»

RIP Network Neutrality

It's been an interesting couple of months in the ongoing tensions between Internet carriage and content service providers, particularly in the United States. The previous confident assertion was that the network neutrality regulatory measures in that country had capably addressed these tensions. While the demands of the content industry continue to escalate as the Internet rapidly expands into video content streaming models, we are seeing a certain level of reluctance from the carriage providers to continually accommodate these expanding demands... more»

Addressing 2013 - That Was the Year That Was

Time for another annual roundup from the world of IP addresses. What happened in 2013 and what is likely to happen in 2014? This is an update to the reports prepared at the same time in previous years, so let's see what has changed in the past 12 months in addressing the Internet, and look at how IP address allocation information can inform us of the changing nature of the network itself. more»

Who Uses Google's Public DNS?

Much has been said about how Google uses the services they provide, including their mail service, their office productivity tools, file storage and similar services, as a means of gathering an accurate profile of each individual user of their services. The company has made a very successful business out of measuring users, and selling those metrics to advertisers. But can we measure Google as they undertake this activity? How many users avail themselves of their services? Perhaps that's a little ambitious at this stage, so maybe a slightly smaller scale may be better. Let's just look at one Google service. more»

IP Addresses and Traceback

This is an informal description the evolution of a particular area of network forensic activity, namely that of traceback. This activity typically involves using data recorded at one end of a network transaction, and using various logs and registration records to identify the other party to the transaction. Here we'll look at the impact that IPv4 address exhaustion and IPv6 transition has had on this activity, and also note, as we explore this space, the changing role of IP addresses within the IP protocol architecture. more»

Technical Viability of Dotless Domain Names

It was never obvious at the outset of this grand Internet experiment that the one aspect of the network's infrastructure that would truly prove to be the most fascinating, intriguing, painful, lucrative and just plain confusing, would be the Internet's Domain Name System. After all, it all seemed so simple to start with: network applications rendezvous with their counterparts using protocol-level addresses, but we users prefer to use "natural" identifiers that act as aliases for these addresses. more»

The Big Bad Internet

I often think there are only two types of stories about the Internet. One is a continuing story of prodigious technology that continues to shrink in physical size and at the same time continue to dazzle and amaze us... The other is a darker evolving story of the associated vulnerabilities of this technology where we've seen "hacking" turn into organised crime and from there into a scale of sophistication that is sometimes termed "cyber warfare". And in this same darker theme one could add the current set of stories about various forms of state sponsored surveillance and espionage on the net. more»

Valuing IP Addresses

The prospect of exhaustion of the IPv4 address space is not a surprise. We've been anticipating this situation since at least 1990. But it's a "lumpy" form of exhaustion. It's not the case that the scarcity pressures for IP addresses are evidently to the same level in every part of the Internet. It's not the case that every single address is being used by an active device. A couple of decades ago we thought that an address utilisation ratio of 10% (where, for example, a block of 256 addresses would be used in a network with some 25 addressed devices) was a great achievement.  more»

All IP Addresses Are Not the Same

One IP address is much the same as another - right? There's hardly a difference between and is there? They are just encoded integer values, and aside from numerological considerations, one address value is as good or bad as any other - right? So IP addresses are much the same as each other and an after-market in IP addresses should be like many other markets in undistinguished commodity goods. Right? more»

A Question of DNS Protocols

One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more»

Exactly When Is ARIN Going to Run Out of IPv4 Addresses?

At the April 2013 ARIN meeting the inevitable question came up once more: "Exactly when is ARIN going to run out of IPv4 addresses?" Various dates have been proposed as an answer to this question, based on various methods of prediction. As the date is indeed getting closer, it may well be worth the time to review ARIN's situation, and make a few predictions here about the likely date when ARIN's exhausts its remaining pool of IPv4 addresses. more»

DNS, DNSSEC and Google's Public DNS Service

For some time now we've been tracking the progress of the deployment of DNSSEC in the Internet. Its been a story of an evolution of the measurement technique... In the process we've learned perhaps more than we had wanted to about the behaviour of Flash engines, Apache web servers and FreeBSD system tuning, and also learned much more than we had anticipated about the finer details of Google's online ad presentation behaviour. But one thing we did not see in all of this was any large scale jumps in the level of client use of DNSSEC validation over this period at the start of the year. more»

Here's Looking at You…

Much has been said in recent weeks about various forms of cyber spying. The United States has accused the Chinese of cyber espionage and stealing industrial secrets. A former contractor to the United States' NSA, Edward Snowden, has accused various US intelligence agencies of systematic examination of activity on various popular social network services... These days cloud services may be all the vogue, but there is also an emerging understanding that once your data heads into one of these clouds, then it's no longer necessarily entirely your data; it may have become somebody else's data too... more»

World IPv6 Day: A Year in the Life

On the 6th June 2012 we held the World IPv6 Launch Day. Unlike the IPv6 event of the previous year, World IPv6 Day, where the aim was to switch on IPv6 on as many major online services as possible, the 2012 program was somewhat different. This time the effort was intended to encourage service providers to switch on IPv6 and leave it on. What has happened since then? Have we switched it on and left it on? What has changed in the world of IPv6 over the past 12 months? Who's been doing all the work? more»

The Company You Keep

This story started earlier this year, with a posting to the Australian network operators' mailing list, asking if anyone had more information about why the web site that was operated by an outfit called "Melbourne Free University" was inaccessible through a number of major Australian ISPs. When they asked their local ISP if there was some issue, they were informed that "this was due to an Australian government request, and could say no more about it." more»

A Royal Opinion on Carrier Grade NATs

There are still a number of countries who have Queen Elizabeth as their titular head of state. My country, Australia, is one of those countries. It's difficult to understand what exactly her role is these days in the context of Australian governmental matters, and I suspect even in the United Kingdom many folk share my constitutional uncertainty... In the United Kingdom every year the Queen reads a speech prepared by the government of the day, which details the legislative measures that are being proposed by the government for the coming year. Earlier this month the Queen's speech included the following statement in her speech. more»

A Primer on IPv4, IPv6 and Transition

There is something badly broken in today's Internet. At first blush that may sound like a contradiction in terms. After all, the Internet is a modern day technical marvel. In just a couple of decades the Internet has not only transformed the global communications sector, but its reach has extended far further into our society, and it has fundamentally changed the way we do business, the nature of entertainment, the way we buy and sell, and even the structures of government and their engagement with citizens. In many ways the Internet has had a transformative effect on our society that is similar in scale and scope to that of the industrial revolution in the 19th century. How could it possibly be that this prodigious technology of the Internet is "badly broken?" more»

"Multi-Stakeholderism" and the Internet Policy Debate

With WICT-12 over, and now the preparation for the forthcoming WTPF underway, and of course also we have the WTDC and WTISD coming up, one could be excused for thinking that that world famous, but hopelessly unintelligible, cartoon character from the 80's and 90's, Bill the Cat, has come out of retirement to work as head of Acronym Engineering at the ITU. However, no matter how unintelligible the acronyms of these meetings can get, the issue of how we come to terms with a technology-dense world is a serious matter.  more»

Addressing 2012: Another One Bites the Dust

Time for another annual roundup from the world of IP addresses. What happened in 2012 and what is likely to happen in 2013? This is an update to the reports prepared at the same time in previous years, so lets see what has changed in the past 12 months in addressing the Internet, and look at how IP address allocation information can inform us of the changing nature of the network itself. more»

Calling Stumps at WCIT: Win, Lose or Draw?

The problem with setting expectations is that when they are not fulfilled the fallout is generally considered to be a failure, and while everyone wants to claim parenthood of success, failure is an orphan. In that sense it looks like the WCIT meeting, and the International Telecommunications Regulations (ITRs) that were being revised at that conference this month are both looking a lot like orphans. There have been a number of reports of the outcome of the two week... Most of the blogs were quick to characterize the outcome as a loss for the dark forces that lurked somewhere in the closets of the ITU's headquarters in Geneva. But there is more to it than that. more»

To Flat or To Cap?

I don't think it's a surprise to anyone, but it's the Christmas season again and doubtless a large number of television sets will be sold as part of the annual retail festivities. But these days the devices for sale in the shops are not just televisions: today's television is perhaps better described as a media computer with a very large display. Sure, the device can tune in to radio transmissions and display them... but the device also is equipped with either a WiFi or an Ethernet jack, or both. This alone sounds like a relatively innocuous addition to the television, but it's providing to be a highly disruptive change in the traditional Internet market space. more»

Superstorm Sandy and the Global Internet

The Internet has managed to collect its fair share of mythology, and one of the more persistent myths is that from its genesis in a cold war US think tank in the 1960's the Internet was designed with remarkable ability to "route around damage." Whether the story of this cold war think tank is true or not, the adoption of a stateless forwarding architecture, coupled with a dynamic routing system, does allow the network to "self-heal" under certain circumstances. Can we see this self-healing in today's network? more»

Carriage vs. Content

Does anyone remember the Internet before Google? And no, using Google to ask about the pre-Google Internet is not going to work all that well! For those of you who can recall the Internet of around 2000, do you also recall what debates were raging at the time? Let me give you a hand in answering that question. One big debate at the time was all about the relationship between the carriage service operators and the content providers, and, as usual, it was all about money. The debate was about who owed who money, and how much. Ten years later and it seems that nothing much has changed. more»

A Report on the OECD/BEREC Workshop on Interconnection and Regulation

I presented at a OECD/BEREC workshop that was held on the 20th June in Brussels, and I'd like to share some personal impressions and opinions from this workshop. The OECD/BEREC workshop was a policy-oriented peering and exchange forum. It was not a conventional operational peering forum where the aim is to introduce potential peers to each other and facilitate peer-based interconnection of network operators, but a workshop that involved both network operators and various national and EU regulators, as well has having inputs from the OECD. more»

Measuring IPv6 - Country by Country

Some years ago a report was published that ranked countries by the level of penetration of broadband data services. You can find the current version of that report at the OECD web site. This ranking of national economies had an electrifying impact on this industry and upon public policies for broadband infrastructure in many countries. Perhaps this happened because there were some real surprises lurking in the numbers at the time. more»

Occam's ITRs

It's been a quarter of a century since the world's governments convened to draft up a common set of regulations about the conduct of international telecommunications. In December of 2012 the world's governments will convene to reconsider these regulations, to hopefully sign an updated set of regulations. This time around, this activity is generating considerable levels of public interest. Congressional hearings in the United States have been held, and various pronouncements of intent from various governmental, regional, and industry groups have been made. more»

A Quick Primer on Internet Peering and Settlements

The business world today features many complex global service activities which involve multiple interconnected service providers. Customers normally expect to execute a single paid transaction with one service provider, but many service providers may assist in the delivery of the service. These contributory service providers seek compensation for their efforts from the initial provider. However, within a system of interdependent providers a service provider may undertake both roles of primary and contributory provider, depending on the context of each individual customer transaction. more»

Number Misuse, Telecommunications Regulations and WCIT

Another twenty five years has just zoomed by, and before you know it, it's all on again. The last time the global communications sector did this was at the WATTC in 1988, when "the Internet" was just a relatively obscure experiment in protocol engineering for data communications. At that time the Rather Grand telephone industry bought their respective government representatives... to the Rather Grandly titled "World Administrative Telegraph and Telephone Conference (WATTC) in November 1988 in Melbourne, Australia and resolved to agree to the Rather Grandly titled "International Telecommunication Regulations." more»

Hacking Away at the Internet's Security

The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network. more»

IPv6 Transitional Uncertainties

The telecommunications industry has been around for quite some time. Whether you take it as a starting date the first efforts with the wired telegraph in the 1830's, or the telephone in the 1870's, this industry has been around for quite a long time. During this periods it has made huge achievements, and there is no doubt that the impacts of this industry have changed our lives in many ways... It is literally amazing that this industry has managed to preserve dial tone on telephone handsets while completely changing the underlying network and switching fabric of the telephone system numerous times. more»

The Rising Technical Challenges of Networking at Home

For me, one of the more interesting sessions at the recent IETF 81 meeting in July was the first meeting of the recently established Homenet Working Group. What's so interesting about networking the home? Well, if you regard challenges as "interesting", then just about everything is interesting when you look at networking in the home! more»

The Future of the Internet Economy: Chapter 2

The OECD held a "high-level" meeting in June 2011 that was intended to build upon the OECD Ministerial on The Future of the Internet Economy held in Seoul, Korea in June 2008. I was invited to attend this meeting as part of the delegation from the Internet Technical Advisory Committee (ITAC), and here I'd like to share my impressions of this meeting. This 2 day meeting, "The Internet Economy: Generating Innovation and Growth", had the objective of exploring a number of current issues in the public policy space... more»

Addressing 2010

It's January again, and being the start of another year, it's as good a time as any to look at the last 12 months and see what the Internet was up to in 2010. This is an update to the report prepared 12 months ago when looking at 2009, so lets see what has changed in the past 12 months in addressing the Internet, and look at how address allocation information can inform us of the changing nature of the network itself. more»

IPv6 and Transitional Myths

I attended the RIPE 61 meeting this month, and, not unexpectedly for a group that has some interest in IP addresses, the topic of IPv4 address exhaustion, and the related topic of the transition of the network to IPv6 has captured a lot of attention throughout the meeting. One session I found particularly interesting was one on the transition to IPv6, where folk related their experiences and perspectives on the forthcoming transition to IPv6. I found the session interesting, as it exposed some commonly held beliefs about the transition to IPv6, so I'd like to share them here, and discuss a little about why I find them somewhat fanciful. more»

IP Address Exhaustion In 12 Easy Questions

It seems that there is an increasing level of interest in the topic of IPv4 address exhaustion, so I thought I'll share a set of answers to the most common questions I've been asked on this topic in recent times. ... If there is a common factor in many of these challenges, it is scaling the network to meet an ever expanding agenda of more users, more devices, more traffic, more services and more policies. more»

Wired vs Wireless Debate Becomes a Core Policy Differentiator in National Election

I never thought I'd see the day when the difference in capability between a wireless and a wireline Internet would become a core policy differentiator in a national election, but this has now happened in Australia. ... It seems that everyone has an interest in a ubiquitous, fast and cheap internet. Now that interest has been taken up as a major policy differentiator by both sides of the political spectrum in the recent Australian election. What was this all about? more»

NXDOMAIN Substitution: Good or Evil?

It might seem a little strange, but in the current economics of the market in registration of DNS names it appears that the set of names that are not "visible," or at least not associated with any dedicated network service point, represents a far larger set, and has a far higher total value to the DNS name registration industry, than the set of network-visible service endpoint domain names. In other words, there appears to be a larger and more valuable market for names that do not exist than for names that do. more»

RIPE at 59!

RIPE, or Réseaux IP Européens, is a collaborative forum open to all parties interested in wide area IP networks in Europe and beyond... RIPE has been a feature of the European Internet landscape for some twenty years now, and it continues to be a progressive and engaged forum. These days RIPE meets twice a year, and the most recent meeting was held at Lisbon, Portugal, from the 5th to the 9th of October 2009. In this column I'd like to share some of my impressions of this meeting. more»

Is the Transition to IPv6 a "Market Failure?"

At the outset I should say that here I would like to restrict my view to the transition from the IPv4 Internet to the IPv6 Internet, and, in particular, to examine the topic of the appropriate market structure that lies behind the dual stack transition strategy, and the manner in which the Internet can transition from the universal use of IPv4 as the underlying datagram protocol to the universal use of IPv6. more»

The Future of the Internet: A Political View

Lets face it, gathering a collection of ministerial delegations to laboriously recite prepared speeches to each other sounds about as exciting as watching paint dry. And observing meetings where the major outcome appears to be limited to the scheduling of the next meeting can become somewhat tedious after a while. It should not be surprising that the level of expectation of tangible outcomes for such governmental meetings is invariably abysmally low. So what's the value of adding yet another meeting to governments' schedule? What makes the OECD-hosted ministerial meeting on the Future of the Internet Economy so unique in the context of the Internet's current political landscape and its political future? Why would a meeting about the dismal science of economics hold any interest at all? more»

The End of End-to-End?

One of the major principles of the architecture of the Internet was encapsulated in a paper by Saltzer, Reed and Clark, "End-to-End Arguments in System Design". This paper, originally published in 1981, encapsulated very clearly the looming tension between the network and the application: "The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible." At the time this end-to-end argument was akin to networking heresy! more»

IPv6 Deployment: Just Where Are We?

In this article we'd like to look at some measures of the use of IPv4 and IPv6 protocols in today's Internet and see if we can draw any conclusions about just how far down the track we are with the IPv6 part of dual stack deployment. We'll use a number of measurements that have been made consistently since 1 January 2004 to the present, where we can distinguish between the relative levels of IPv4 and IPv6 use in various ways. more»

DNSSEC: Once More, With Feeling!

After looking at the state of DNSSEC in some detail a little over a year ago in 2006, I've been intending to come back to DNSSEC to see if anything has changed, for better or worse, in the intervening period... To recap, DNSSEC is an approach to adding some "security" into the DNS. The underlying motivation here is that the DNS represents a rather obvious gaping hole in the overall security picture of the Internet, although it is by no means the only rather significant vulnerability in the entire system. One of the more effective methods of a convert attack in this space is to attack at the level of the DNS by inserting fake responses in place of the actual DNS response. more»

On the Hunt for "Critical Internet Resources"

I'm writing this column in November, and that means that it is time for the traveling circus known as the Internet Governance Forum (IGF) to come down to earth, unpack its tents and sell tickets for its annual song and dance routine. The script for this year's show has been changed, and after being excluded from the main arena last year at the Athens gig, the headline act of "Critical Internet Resources" is taking a starring role this year in Rio. Some folk are even saying that it is the single most contentious issue to be scheduled at this year's IGF show. So what are "Critical Internet Resources" anyway? If folks are going to spend all this time, energy and carbon emissions traveling to Rio to talk on this topic, then wouldn't it be helpful to understand what it means in the first place? There are probably a number of ways to answer this question, so in this heavily opinionated column I'd like to look at the range of possible answers to this question. more»


There are many network operator group meetings being held these days. Even in the backwater of the South Pacific where I live there is now AUSNOG, and NZNOG is just next door in New Zealand. We now have MENOG in the Middle East and AFNOG in Africa. The original NOG was the North American Network Operators Group (NANOG), and they have the T-Shirts to prove it! NANOG meets three times a year, and I attended NANOG 41 in October 2007. NANOG meetings cover a broad variety of topics, from operational tools, measurement, and peering practices through to a commentary on the state of the Internet industry. Here are my impressions of the meeting. more»

Transition to IPv6 Address

Last month's column looked at the exhaustion of the IPv4 unallocated address pool and the state of preparedness in the Internet to grapple with this issue... There has been a considerable volume of discussion in various IPv6 and address policy forums across the world about how we should respond to this situation in terms of development of address distribution policies. Is it possible to devise address management policies that might both lessen some of the more harmful potential impacts of this forthcoming hiatus in IPv4 address supply, and also provide some impetus to industry to move in the originally intended direction to transition into an IPv6 network? more»

The End of the (IPv4) World is Nigher!

Funny how some topics seem sit on a quiet back burner for years, and then all of a sudden become matters of relatively intense attention. Over the past few weeks we've seen a number of pronouncements on the imminent exhaustion of the IP version 4 address pools. Not only have some of the Regional Internet Registries (RIRs) and some national registry bodies made public statements on the topic, we've now seen ICANN also make its pronouncement on this topic... Why the sudden uptake of interest in this topic? I suspect that a small part of this may be my fault! more»

Infrastructure ENUM

After much initial fanfare a couple of years ago ENUM has matured to a state where it is currently yet another under-achiever in the technology deployment stakes. ENUM initially presented itself as a very provocative response to the legacy telco position of monopolising public voice services through their exclusive control over the Public Switched Telephone Network (PSTN) and the associated controlling position over the telephone number space... The perception was that ENUM was going to dismantle these levers of control and open up the voice market to a new wave of competitive carriers. If the address plan was the key to the PSTN, then ENUM was intended unlock this network and position the new wave of Voice Over IP (VOIP) carriers to take over any residual treasures of the traditional voice market. Events have not played out according to these expectations... more»

Addressing the Future Internet

What economic and social factors are shaping our future needs and expectations for communications systems? This question was the theme of a joint National Science Foundation (NSF) and Organisation for Economic Co Operation and Development (OECD) workshop, held on the 31st January of this year. The approach taken for this workshop was to assemble a group of technologists, economists, industry, regulatory and political actors and ask each of them to consider a small set of specific questions related to a future Internet. Thankfully, this exercise was not just another search for the next "Killer App", nor a design exercise for IP version 7. It was a valuable opportunity to pause and reflect on some of the sins of omission in today's Internet and ask why, and reflect on some of the unintended consequences of the Internet and ask if they were truly unavoidable consequences... more»

Internationalizing the Internet

One topic does not appear to have a compellingly obvious localization solution in the multi-lingual world, and that is the Domain Name System (DNS). The subtle difference here is that the DNS is the glue that binds all users' language symbols together, and performing localized adaptations to suit local language use needs is not enough. What we need is a means to allow all of these language symbols to be used within the same system, or "internationalization". more»

A Fundamental Look at DNSSEC, Deployment, and DNS Security Extensions

In looking at the general topic of trust and the Internet, one of the more critical parts of the Internet's infrastructure that appears to be a central anchor point of trust is that of the Domain Name Service, or DNS. The mapping of "named" service points to the protocol-level address is a function that every Internet user relies upon, one way or another. The ability to corrupt the operation of the DNS is one of the more effective ways of corrupting the integrity of Internet-based applications and services. If an attacker can in some fashion alter the DNS response then a large set of attack vectors are exposed. ...The more useful question is whether it is possible to strengthen the DNS. The DNS is a query -- response application, and the critical question in terms of strengthening its function is whether it is possible to authenticate the answers provided by the DNS. DNSSEC provides an answer to this question. more»

ENUM: Mapping the E.164 Number Space into the DNS

Many communications networks are constructed for a single form of communication, and are ill suited to being used for any other form. Although the Internet is also a specialized network in terms of supporting digital communications, its relatively unique flexibility lies in its ability to digitally encode a very diverse set of communications formats, and then support their interaction over the Internet. In this way many communications networks can be mapped into an Internet application and in so doing become just another distributed application overlayed on the Internet. From this admittedly Internet-centric perspective, voice is just another Internet application. And for the growing population of Voice over IP (VoIP) users, this is indeed the case... more»

Examining the Reality of Convergence

If there is one word in the telecommunications that has suffered from over-abuse for many years now, it's convergence. The term has been liberally applied to each successive generation of communications technology for their supposed ability to solve a myriad of service delivery problems within a single unifying converged carriage and service delivery solution. Unfortunately, the underlying reality has always been markedly different from these wondrous promises, and we continue to see an industry that deploys a plethora of service delivery platforms and an equally diverse collection of associated switching and service delivery technologies. One can't help but wonder at the collective gullibility of an industry that continues to herald the convergent attributes of each new generation of communications technology, while at the same time being forced to admit that previous convergent promises have never been realized. more»

IPv6: Extinction, Evolution or Revolution?

For some years now the general uptake of IPv6 has appeared to be "just around the corner". Yet the Internet industry has so far failed to pick up and run with this message, and it continues to be strongly reluctant to make any substantial widespread commitment to deploy IPv6. Some carriers are now making some initial moves in terms of migrating their internet infrastructure over to a dual protocol network, but for many others it's a case of still watching and waiting for what they think is the optimum time to make a move. So when should we be deploying IPv6 services? At what point will the business case for IPv6 have a positive bottom line? It's a tough question to answer, and while advice of "sometime, probably sooner than later" is certainly not wrong, it's also entirely unhelpful as well! more»

Public Policy Questions for Internet

There is little doubt that the Internet has formed part of the impetus for a revolutionary change in the nature of the global communications industry. "Revolutionary" in the sense that the past decade has seen fundamental and highly disruptive changes in the nature of the underlying technologies used by the industry, changes in the composition, ownership and role of industry players, changes in the nature of services offered to the end consumer, changes in the associated financial models used by the industry, and changes in the regulatory environments in which this industry operates. Considering that this industry was, in the latter half of the twentieth century, one of the largest and most influential industry sectors on a global basis, these revolutionary changes will doubtless have consequences that will echo onward for some time yet. more»

Address Policies

When does an experiment in networking technology become a public utility? Does it happen on a single date, or is it a more gradual process of incremental change? And at what point do you change that way in which resources are managed to admit a broader of public interests? And how are such interests to be expressed in the context of the network itself, in terms of the players, their motivation and the level of common interest in one network? While many may be of the view that this has already happened some years ago in the case of the Internet, when you take a global perspective many parts of the globe are only coming to appreciate the significant role of the Internet in the broader context of enablers of national wealth. more»

Could IP Addressing Benefit from the Introduction of Competitive Suppliers?

An article written by Paul Wilson, Director General of Asia Pacific Network Information Centre (APNIC), and Geoff Huston, Senior Internet Research Scientist at APNIC. "In recent months proposals have been made for the introduction of competition into the system of allocation of IP addresses. In particular, calls have been made for new IP address registries to be established which would compete with the existing Regional Internet address Registries (RIRs). Specific proposals have been made by Houlin Zhao of the ITU-T and by Milton Mueller of the Internet Governance Project, both of which propose that the ITU itself could establish such a registry group, operating as a collection of national registries." ...It would appear that part of the rationale for these proposals lies in the expectation that the introduction of competition would naturally lead to outcomes of "better" or "more efficient" services the address distribution function. This article is a commentary on this expectation, looking at the relationship between a competitive supply framework and the role of address distribution, and offering some perspective on the potential outcomes that may be associated with such a scenario for IP addresses, or indeed for network addresses in general. more»

Exposing 9 Myths About IPv6

This is a special two-part series article providing a distinct and critical perspective on Internet Protocol Version 6 (IPv6) and the underlying realities of its deployment. The first part gives a closer look at how IPv6 came about. This part exposes the myths.

Good as all this is, these attributes alone have not been enough so far to propel IPv6 into broad-scale deployment, and consequently there has been considerable enthusiasm to discover additional reasons to deploy IPv6. Unfortunately, most of these reasons fall into the category of myth, and in looking at IPv6 it is probably a good idea, as well as fair sport, to expose some of these myths as well. more»

How Did IPv6 Come About, Anyway?

This is a special two-part series article providing a distinct and critical perspective on Internet Protocol Version 6 (IPv6) and the underlying realities of its deployment. The first part gives a closer look at how IPv6 came about and the second part exposes the myths.

In January 1983, the Advanced Research Projects Agency Network (ARPANET) experienced a "flag day," and the Network Control Protocol, NCP, was turned off, and TCP/IP was turned on. Although there are, no doubt, some who would like to see a similar flag day where the world turns off its use of IPv4 and switches over to IPv6, such a scenario is a wild-eyed fantasy. Obviously, the Internet is now way too big for coordinated flag days. The transition of IPv6 into a mainstream deployed technology for the global Internet will take some years, and for many there is still a lingering doubt that it will happen at all. more»

Topic Interests

IPv6Internet ProtocolIP AddressingSecurityMobileTelecomICANNRegional RegistriesInternet GovernancePolicy & RegulationDomain NamesDNSEnumVoIPDDoSSpamDNS SecurityMultilinguismTop-Level DomainsWirelessP2PPrivacyCybercrimeCyberattackRegistry ServicesAccess ProvidersWhite SpaceBroadbandNet NeutralityIntellectual PropertyWebIPTVWhoisMalwareInternet of Things

Recent Comments

DNSSEC: Once More, With Feeling!

Popular Posts

IPv6: Extinction, Evolution or Revolution?

Internationalizing the Internet

A Fundamental Look at DNSSEC, Deployment, and DNS Security Extensions

IP Address Exhaustion In 12 Easy Questions

DNSSEC: Once More, With Feeling!