Is it time for a split between allocation and services for Internet number resources as was the case for domain name resources? Back in 1996, Network Solutions had essentially four different government granted monopolies... In 1997, Network Solutions "spun" off the 3rd and 4th monopoly into a non-stock corporation known as American Registry for Internet Numbers (ARIN) which has continued the monopoly for its region after spinning off several other Regional Internet Registers (RIR) which are in themselves monopolies. more»
Recently, the news that China is adopting IPv9 is making rounds on the Internet. While some of them write off as an April Fool's joke (in July?) like RFC 1606, other wonders if there are more than meets its eyes. But most of them wonders what is this IPv9 and how does it actually works. And some of the English translated article are so badly done that it is impossible to get any useful technical information except that 'It is developed and supported by Chinese government!' more»
Dynamic Host Configuration Protocol (DHCP) is a protocol intended to enable machines (servers, game consols, etc) wishing to be "online" the ability to request Internet Protocol information from a DHCP server automatically. ... In this article we will begin to outline some of the fundamental differences between DHCPv4 and DHCPv6, explore historical uses of DHCPv4 and how those concepts will adapt/change in IPv6. more»
RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all go into DNS, and folks have occasionally proposed doing just that. Its really just a question of figuring out how to use the DNS -- its ready to carry arbitrary identifiers. And by the way, this isn't a new idea, see RFC 1101 for proof, although even earlier I designed the DNS in the early 1980s to allow it to be so, but it seemed too far fetched to document for a while. ...I was in Geneva for a WSIS meeting of CTOs, and was surprised that the various organizations (ITU, ICANN, ISOC) haven't figured out that they need each other to make this technology work, rather than asserting ownership. more»
It is sometimes said that: 'IP addresses are hoarded by "developed nations" - if only "underdeveloped" nations were given more IP addresses, the Internet would grow more/better...' Assertions like this mistakenly conflate the administrative process of requesting and receiving public IP addresses with the economic or commercial act of routing IP addresses - of engaging in what is sometimes called "Internet production." The former, administrative process involves relatively little in the way of overhead, and confers nothing more than the potential to develop public Internet resources -- i.e., to create new Internet users (provide access) and/or Internet uses (provide content and other online services). more»
There are indications that the Internet, at least the Internet as we know it today, is dying. I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces. That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet. And the net has very long memory... more»
For some years now the general uptake of IPv6 has appeared to be "just around the corner". Yet the Internet industry has so far failed to pick up and run with this message, and it continues to be strongly reluctant to make any substantial widespread commitment to deploy IPv6. Some carriers are now making some initial moves in terms of migrating their internet infrastructure over to a dual protocol network, but for many others it's a case of still watching and waiting for what they think is the optimum time to make a move. So when should we be deploying IPv6 services? At what point will the business case for IPv6 have a positive bottom line? It's a tough question to answer, and while advice of "sometime, probably sooner than later" is certainly not wrong, it's also entirely unhelpful as well! more»
Fueled by the lack of public IP addresses, 70% of Fortune 1000 companies have been forced to deploy NATs (Source: Center for Next Generation Internet). NATs are also found in hundreds of thousands of small business and home networks where several hosts must share a single IP address. It has been so successful in slowing the depletion of IPv4 addresses that many have questioned the need for IPv6 in the near future. However, such conclusions ignore the fact that a strategy based on avoiding a crisis can never provide the long-term benefits that solving the underlying problems that precipitated the crisis offers. more»
Please do sit down. Should the shock cause you to suddenly lose consciousness, I hereby disclaim all responsibility for any subsequent loss or injury. I'm about to defend the anthrax of the Internet: NAT. Network Address Translation is a hack to enable private IP addresses on one side of a router (inside your network) to talk to public IP addresses on the other side (on the Internet, outside your network). It really doesn't matter how it works. The consequence is that unless the router is specifically configured, outsiders can't get in uninvited. So those on the inside can't, by default, act as servers of any service to the outside world. more»
There seems to be a heated debate on this site about NAT (network-address translation). What came as a surprise to me is that a lot of the arguments seem to reside in ideological point of views which obscure the real issues at hand -- IP addressing, IP security -- and have little to do with NAT's actual merits or drawbacks. more»
In follow-up to recent announcement on the release of the latest edition of the very popular DNS and BIND book -- often referred to as the bible of DNS -- CircleID has caught up with Cricket Liu, co-author and a world renowned authority on the Domain Name System. In this interview, Cricket Liu talks about emerging issues around DNS such as security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework). "Cricket Liu: We're now seeing more frequent attacks against DNS infrastructure. ...Turns out that name servers are terrific amplifiers -- you can get an amplification factor of nearly 100x. These attacks have raised awareness of the vulnerability of Internet name servers, which is possibly the only positive result..." more»
It seems like spam is in the news every day lately, and frankly, some of the proposed solutions seem either completely hare-brained or worse than the problem itself. I'd like to reiterate a relatively modest proposal I first made over a year ago: Require legitimate DNS MX records for all outbound email servers.
MX records are one component of a domain's Domain Name System (DNS) information. They identify IP addresses that accept inbound email for a particular domain name. To get mail to, say, linux.com, a mail server picks an MX record from linux.com's DNS information and attempts to deliver the mail to that IP address. If the delivery fails because a server is out of action, the delivering server may work through the domain's MX records until it finds a server that can accept the mail. Without at least one MX record, mail cannot be delivered to a domain.
Here's a good way to frighten yourself: Learn about something, and then read what the press writes about it. It's astonishing how often flatly untrue things get reported as facts. I first observed this back in 1997 when I was a Democratic lawyer in the U.S. House of Representatives working on the (rather ridiculous) campaign finance investigation. (The investigating committee's conspiracy-minded chairman was famous for shotgunning pumpkins in his backyard in order to figure out exactly how Hillary snuffed Vince Foster)...More recently, I've seen the same discouraging phenomenon in reporting on technology and, in particular, the Internet. more»
Some individual appears to have hijacked more than a 1,000 home computers starting in late June or early July and has been installing a new Trojan Horse program on them. The Trojan allows this person to run a number of small websites on the hijacked home computers. These websites consists of only a few web pages and apparently produce income by directing sign-ups to for-pay porn websites through affiliate programs. Spam emails messages get visitors to come to the small websites.
To make it more difficult for these websites to be shut down, a single home computer is used for only 10 minutes to host a site. After 10 minutes, the IP address of the website is changed to a different home computer... more»
It seems that there is an increasing level of interest in the topic of IPv4 address exhaustion, so I thought I'll share a set of answers to the most common questions I've been asked on this topic in recent times. ... If there is a common factor in many of these challenges, it is scaling the network to meet an ever expanding agenda of more users, more devices, more traffic, more services and more policies. more»