The Swedish carrier group Telia has recently announced the sale of its international wholesale business to Polhelm Infra, an infrastructure investment manager jointly owned by a number of Swedish pension funds. Why would a telco operator sell off what was a core part of its operation to a pension fund?
In Part 2 we look at the various proposals to add security to the routing environment and also review the current state of the effort in the IETF to provide a standard specification of the elements of a secure BGP framework.
The Border Gateway Protocol (BGP) is the Internet’s inter-domain routing protocol, and after some thirty years of operation BGP is now one of the more venerable of the Internet’s core” protocols. One of the major ongoing concerns related to BGP is its lack of effective security measures, and as a result the routing infrastructure of the Internet continues to be vulnerable to various forms of attack. In Part 1 of this study, we will look at the design of BGP, the threat model and the requirements from a security framework for BGP.
The world of cryptographic algorithms is one that constantly evolves and increasing key sizes in the venerable RSA crypto algorithm is a source of concern for DNSSEC. The response to this escalation in key sizes is to look at alternative forms of public-key algorithms which have a higher cryptographic “density”, using elliptic curve cryptography. Here we will look at the level of Internet support provided for a recent crypto offering, the Edwards curve algorithm Ed25519.
How did we get to here? How did a network technology such as the Internet, which was designed to pass control away from the central network to the connected devices succumb to unprecedented levels of centrality?
According to the OSI Reference Model for network protocols it should not matter in the slightest what value you put in the IP protocol field in IP packet headers. It’s really none of the network's business! but in today’s public Internet it appears to matter a lot that the transport protocol header is visible to the network. Why?
The world of IPv4 addresses is a relatively obscure backwater of the Internet. All that drama of IPv4 address exhaustion happened with little in the way of mainstream media attention. So it came as a bit of a surprise to see a recent headline in the Washington Post about IPv4 addresses.
In this report I would like to revisit this measurement of packet drop for IPv6 Fragmented packets and see if the picture has changed over the intervening four years since we last measured this behaviour.
The amount of activity in the DNS in the IETF seems to be growing every meeting. I thought that the best way to illustrate to considerably body of DNS working being undertaken at the IETF these days would be to take a snapshot of DNS activity that was reported to the DNS-related Working Group meetings at IETF 110.
IETF 110 was held virtually in March 2020. These are some notes I took on the topic of current research activities in the area of transport protocol flow control at the meeting of the Internet Congestion Control Research Group at that meeting.
In 2020 APNIC Labs set up a measurement system for the validators. What we were trying to provide was a detailed view of where invalid routes were being propagated, and also take a longitudinal view of how things are changing over time. The report is at https://stats.labs.apnic.net/rpki and the description of the measurement is at https://www.potaroo.net/ispcol/2020-06/rov.html. I'd like to update this description with some work we’ve done on this measurement platform in recent months.
There are many issues that lurk just below the surface of the DNS, but in recent years one topic has been very prominent, namely privacy. You see the DNS is a precursor to almost everything we do on the Internet. And this is valuable information.
As the pandemic continues, the network operational community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting.
The common theme of many of reviews of the Internet in 2020 has been that the Internet has been used to plug the gap caused by shutting down many of our physical venues where we previously worked and played. No matter what aspect of the Internet you look at, its clear that we all made much more use of the Internet this year. Here I would like to ask the inevitable IPv6 question: What role did IPv6 play in 2020?
It's often a clear signal that we’re in in deep trouble when politicians believe that they need to lend a hand and help out with regulations. Either the actions of the market have failed consumers and some form of public action is necessary to address aspects of this failure, or the situation is so desperately broken and beyond help that the legislature is performing a largely ineffectual action that serves more to disclaim any residual responsibility on the part of the public sector for the mess that we’ve created.
Time for another annual roundup from the world of IP addresses. Let’s see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself.
The first part of this report looked at the size of the routing table and looked at some projections of its growth for both IPv4 and IPv6. However, the scalability of BGP as the Internet’s routing protocol also is related to the rate of dynamic routing updates. If the update rate of BGP is growing faster than we can deploy processing capability to match, then the routing system will lose coherence, and at that point the network will head into periods of instability. This second part of the BGP report looks at the profile of BGP updates across 2020