Category Archives for "Potaroo blog"

The Path the Resolverless DNS

Using the DNS without directly using recursive resolvers seems like an approach that is totally alien to the DNS as we know it, so it might be useful to ask: How did we get to this point where a resolverless form of DNS name resolution makes some sense? And, to whom does it make sense?

Are we there yet?

This transition to IPv6 has been going on for 20 years now, and if there was any urgency that was instilled in the effort by the prospect of IPv4 address exhaustion then we’ve been living with exhaustion for a decade now. So perhaps it's time to ask the question: How much longer is this transition going to take?

Using LEOs and GEOs

Once you head off the main roads your Internet connectivity options are often pretty limited. However, things are improving, and in Australia you can use an Internet service based on a connection through a geostationary satellite connection or you could sign up for Starlink, a Low Earth Orbit service. Both services offer decent capacity, but there are some some other critical differences going on here. Let's look at these services using a custom test rig to put them through their paces.

Hop by Hop

It is a rare situation when you can create an outcome from two somewhat broken technologies where the outcome is not also broken. I’m referring to a recent effort to try and salvage something from the debacle that is IPv6 packet fragmentation support by taking another piece of operationally broken IPv6, namely Hop-by-Hop (HBH) extension headers, and trying to use that to solve the IPv6 Path Maximum Transfer Unit Discovery (PMTUD) problem.

IETF 113 – IEPG Meeting

The IEPG meets on the Sunday at the start of the IETF week. If there is a theme for the diverse collection of presentations here it is perhaps a focus on operational topics, but the particular selection of subjects in these sessions can be quite diverse.


A compromised private key should not be accepted. An attacker might use a compromised private key to impersonate a site, and this vulnerability needs to be prevented to ensure that users can use services over the network with trust in their integrity and security. The way to stop a compromised key from being accepted is to disseminate the information that the key is no longer trustable, and this is achieved by revoking the public key certificate. But we are having some problems in taking this theory and creating practical implementations of certificate revocation.


The last few decades have not been a story of unqualified success for European technology enterprises. The European industrial giants of the old telephone world have found it to be extraordinarily difficult to translate their former dominant positions in the telco world into the Internet world. To be brutally frank, none of the current generation of major players in the digital environment are European. The concern is that if today’s technology world equates to the previous world of far-flung colonial empires then relative national wealth and prosperity appear to be linked to the ability to master, or preferably dominate, critical aspects of the sector. And in this respect Europe appears to have been left behind.

What’s an “Address”?

Currently, there are discussions in the IETF's Internet Area on the topic of architectural evolution of the Internet and its implications for the changing role of IP addresses, and I'd like to share some of my thoughts on this topic here.

IP Addressing through 2021s

Time for another annual roundup from the world of IP addresses. Let's see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself.

BGP in 2021 – The BGP Table

At the start of each year, I have been reporting on the behaviour of the inter-domain routing system over the past 12 months, looking in some detail at some metrics from the routing system that can show the essential shape and behaviour of the underlying interconnection fabric of the Internet.

IPv4 Address Markets

We have come down a long and tortuous path with respect to the treatment of Internet addresses. The debate continues over whether the formation of markets for IPv4 addresses was a positive step for the Internet, or a forced decision that was taken with extreme reluctance. Let’s scratch at this topic and look at the formation of this market in IP addresses and the dynamics behind it and then look at the future prospects for this market.


It's conference and workshop season right now, and November has been unusually busy this year. At the end of the month was the DNS Operations and Research meeting, DNS-OARC 36. These are my notes from those presentations at the meeting that I found to be of interest.

Some Notes from RIPE 83

The RIPE community held a meeting in November. Like most community meetings in these Covid-blighted times it was a virtual meeting. Here’s my notes from a few presentations that piqued my interest.

IETF 112

Here the rest of the notes from some selected working group meetings that caught my attention at the recent IETF 112 meeting that are not related to DNS work.

DNS at IETF112

Here are notes from some selected working group meetings that caught my attention at the recent IETF 112 meeting. And, yes, I should say at the outset that the DNS continues to catch a lot of my attention these days, so I’ll divide this report into DNS and the other topics. This is the DNS part.
1 2 3 13