Internet Protocol

Internet Protocol / Recently Commented

NANOG 61 - Impressions of Some Presentations

The recent NANOG 61 meeting was a pretty typical NANOG meeting, with a plenary stream, some interest group sessions, and an ARIN Public Policy session. The meeting attracted some 898 registered attendees, which was the biggest NANOG to date. No doubt the 70 registrations from Microsoft helped in this number, as the location for NANOG 61 was in Bellevue, Washington State, but even so the interest in NANOG continues to grow... more»

Designing Effective Regulation for IPv6 Adoption

So you are the IT regulator for a country and you are convinced that the shortage of IPv4 address space represents a threat to the development of the Internet in your country and you want to do something about it. Being that as regulator you don't really run the countries IP networks, what can you really do? I've heard many regulators in over 30 countries grapple with this problem. The purpose of this article is to think through some ideas to guide action on using (or not) regulation to drive IPv6 adoption. more»

How Do We Get More Network Operator Feedback Into IETF Standards? Please Take This Survey

How do we get more feedback from the operators of networks back into the standards process of the Internet Engineering Task Force (IETF)? How do we help know whether the open standards being developed within the IETF reflect the operational realities of the networks into which those standards will be deployed? If we could get more network operators participating in the IETF standards process, would that result in better standards that are deployed faster? more»

IETF Looking at Technical Changes to Raise the Bar for Monitoring

During a speech last week at the Internet Governance Forum in Bali, Jari Arkko, IETF's chair, re-emphasized it's efforts to ramp up online security in light of recent revelations of mass internet surveillance. "Perhaps the notion that internet is by default insecure needs to change," Arkko said. Significant technical fixes "just might be possible." more»

2% of All Traffic to Google Now Over IPv6! (Doubling in Past Year)

This weekend brought the great news that Google's IPv6 statistics have shown that connections over IPv6 to Google's web sites hit the 2% threshold for the first time. (You can see for yourself.) While 2% sounds tiny, as I wrote in a Deploy360 post today, the important fact here is that this represents a doubling of IPv6 traffic to Google over the past year! more»

TeleGeography's Interactive Submarine Cable Map Is a Fun and Fascinating View Into Infrastructure

Ever want to know where all the submarine cables are that provide part of the physical infrastructure of the Internet? Or which cities in the world have the most connectivity via submarine cables? (or which regions might be single points of failure?) In doing some research I stumbled across this excellent site from the folks at TeleGeography... It is a very well done and captivating (to me, anyway) view into where all the current and planned submarine cables are located. more»

A Question of DNS Protocols

One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more»

The Challenge of DNS Security

When the domain name system (DNS) was first designed, security was an afterthought. Threats simply weren't a consideration at a time when merely carrying out a function - routing Internet users to websites - was the core objective. As the weaknesses of the protocol became evident, engineers began to apply a patchwork of fixes. After several decades, it is now apparent that this reactive approach to DNS security has caused some unintended consequences and challenges. more»

Removing Need at RIPE

I recently attended RIPE 66 where Tore Anderson presented his suggested policy change 2013-03, "No Need -- Post-Depletion Reality Adjustment and Cleanup." In his presentation, Tore suggested that this policy proposal was primarily aimed at removing the requirement to complete the form(s) used to document need. There was a significant amount of discussion around bureaucracy, convenience, and "liking" (or not) the process of demonstrating need. Laziness has never been a compelling argument for me and this is no exception. more»

Moving Beyond Telephone Numbers - The Need for a Secure, Ubiquitous Application-Layer Identifier

Do "smart" parking meters really need phone numbers? Does every "smart meter" installed by electric utilities need a telephone number? Does every new car with a built-in navigation system need a phone number? Does every Amazon Kindle (and similar e-readers) really need its own phone number? In the absence of an alternative identifier, the answer seems to be a resounding "yes" to all of the above. more»

30 Years Ago Today, the Switch to TCP/IP Launched Today's Internet

It was 30 years ago today, on January 1, 1983, that the ARPANET had a "flag day" when all connected systems switched from using the Network Control Protocol (NCP) to the protocols known as TCP/IP. This, then, gave rise to the network we now know as the Internet. more»

IPv6 Subnetting - The Paradigm Shift

Almost every conversation I have with folks just learning about IPv6 goes about the same way; once I'm finally able to convince them that IPv6 is not going away and is needed in their network, the questions start. One of the most practical and essential early questions that needs to be asked (but often isn't) is "how do I lay out my IPv6 subnets?" The reason this is such an important question is that it's very easy to get IPv6 subnetting wrong by doing it like you do in IPv4. more»

Is IPv6 a Boon to Criminals and Foe to the FBI?

Declan McCullagh recently opined that the "FBI [and the] DEA warn [that] IPv6 could shield criminals from police." His post was picked-up relatively widely in the past few days, with the headlines adding more hyperbole along the way. So just how real is this threat? Let's take a look. more»

Accountability, Transparency, and… Consistency?

ICANN Compliance now has two conflicting answers on record concerning the enforceability of RAA 378 on WHOIS inaccuracy. This is a topic of extreme importance and one we are trying to get to the bottom of. ...inconsistency needs to be resolved as it directly impacts the current RAA negotiations and certainly before new gTLDs are deployed. more»

The Business Parallels Between IPv6 and DNSSEC

For two things that would seem to be completely unrelated there is an interesting parallel between IPv6 and DNSSEC. In both cases there is a misalignment of interests between content providers and service‚Ä®providers. Content providers aren't highly motivated to deploy IPv6 because only a small proportion of users have v6 connectivity and even fewer only have v6. Service providers aren't anxious to deploy IPv6‚Ä® because there isn't a lot of content on v6, and virtually none exclusively on v6 - so they don't expand the universe of interesting stuff on the web by deploying IPv6. Basically the same things could be said about DNSSEC. more»