Filtrer par genre
PING is a podcast for people who want to look behind the scenes into the workings of the Internet. Each fortnight we will chat with people who have built and are improving the health of the Internet. The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
- 77 - The IPv6 Transition
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/geoff-huston/) discusses the slowdown in worldwide IPv6 uptake. Although within the Asia-Pacific footprint we have some truly remarkable national statistics, such as India which is now over 80% IPv6 enabled (https://stats.labs.apnic.net/ipv6/IN)by APNIC Labs measurements, And Vietnam which is not far behind on 70% (https://stats.labs.apnic.net/ipv6/VN) the problem is that worldwide, adjusted for population and considering levels of internet penetration in the developed economies, the pace of uptake overall has not improved and has been essentially linear since 2016 (https://stats.labs.apnic.net/ipv6/XA). In some economies like the US, a natural peak of around 50% capability was reached in 2017 (https://stats.labs.apnic.net/ipv6/US) and since then uptake has been essentially flat: There is no sign of closure to a global deployment in the US, and many other economies.Geoff takes a high level view of the logisitic supply curve with the early adopters, early and late majority, and laggards, and sees no clear signal that there is a visible endpoint, where a transition to IPv6 will be "done". Instead we're facing a continual dual-stack operation of both IPv4 (increasingly behind Carrier Grade Nats (CGN) deployed inside the ISP) and IPv6.There are success stories in mobile (such as seen in India) and in broadband with central management of the customer router. But, it seems that with the shift in the criticality of routing and numbering to a more name-based steering mechanism and the continued rise of content distribution networks, the pace of IPv6 uptake worldwide has not followed the pattern we had planned for.Read more about the IPv6 transition at the APNIC Blog* The IPv6 Transition (https://blog.apnic.net/2024/10/22/the-ipv6-transition/) (Geoff Huston, APNIC Blog November 2024)* The Transition to IPv6 are we there yet (https://blog.apnic.net/2022/05/04/the-transition-to-ipv6-are-we-there-yet/) (Geoff Huston, APNIC Blog May 2022)
Wed, 13 Nov 2024 - 59min - 76 - A student-led IPv6 deployment at NITK Karnataka
In this episode of PING, Vanessa Fernandez and Kavya Bhat, two students from the National Institute of Technology Karnataka (NITK) (https://www.nitk.ac.in/) discuss the student led, multi-year project to deploy IPv6 at their campus. Kavya & Vanessa have just graduated, and are moving into their next stages of work and study in computer sciences and network engineering.Across 2023 and 2024 they were able to attend IETF118 and IETF119 and present on their project and it’s experiences to the IPv6 working groups and off-Working Group meetings, in part funded by the APNIC ISIF Project and the APNIC Foundation.This multi-year project is supervised by the NITK Centre for Open-source Software and Hardware (COSH) and has outside review from Dhruv Dhody (ISOC) and Nalini Elkins (Inside Products inc). Former students have also acted as alumni and remain involved in the project as it progresses.We often focus on IPv6 deployment at scale in the telco sector, or experiences with small deployments in labs, but another side of the IPv6 experience is the large campus network, in scale equivalent to a significant factory or government department deployment but in this case undertaken by volunteer staff, with little or no prior experience of networking technology. Vanessa and Kavya talk about their time on the project, and what they got to present at IETF.Read more information on the NITK and their IPv6 deployment project on the APNIC Blog, the IETF website and the APNIC Foundation pages:* Migrating the NITK Surathkal Campus Network to IPv6 (https://apnic.foundation/projects/migrating-nitk-surathkal-campus-network-to-ipv6/) (APNIC Foundation)* How Deploying IPv6 at NITK Led me to IETF (https://blog.apnic.net/2024/07/08/how-deploying-ipv6-at-nitk-led-me-to-ietf/) (Vanessa Fernandez, APNIC Blog)* IPv6 Deployment at NITK (https://datatracker.ietf.org/meeting/118/materials/slides-118-v6ops-ipv6-deployment-at-nitk-00) (IETF118 Presentation)
Wed, 30 Oct 2024 - 27min - 75 - The back of the class: looking at 240/4 reachability
In his regular monthly spot on PING, APNIC’s Chief Scientist, Geoff Huston (https://blog.apnic.net/author/geoff-huston/), discusses a large pool of IPv4 addresses left in the IANA registry, from the classful allocation days back in the mid 1980s. This block, from 240.0.0.0 to 255.255.255.255 encompasses 268 million hosts, which is a significant chunk of address space: it's equivalent to 16 class-A blocks, each of 16 million hosts. Seems a shame to waste it, how about we get this back into use?Back in 2007 Geoff Paul and myself submitted An IETF Draft (https://datatracker.ietf.org/doc/draft-wilson-class-e/history/) which would have removed these addresses from the "reserved" status in IANA and used to supplement the RFC1918 private use block. We felt at the time this was the best use of these addresses because of their apparent un-routability, in the global internet. Almost all IP network stacks at that time shared a lineage with the BSD network code developed at the University of California, and released in 1983 as BSD4.2. Subsequent versions of this codebase included a 2 or 3 line rule inside the Kernel which checked the top 4 bits of the 32 bit address field, and refused to forward packets which had these 4 bits set. This reflected the IANA status marking this range as reserved. The draft did not achieve consensus.A more recent proposal has emerged (https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-240/) from Seth Schoen, David Täht and John Gilmore in 2021 which continues to be worked on, but rather than assigning to RFC1918 internal non-routable puts the address into global unicast use. The authors believe that the critical filter in devices has now been lifted, and no longer persists at large in the BSD and Linux derived codebases. This echoes use of the address space which has been noted inside the Datacentre.Geoff has been measuring reachability at large to this address space, using the APNIC Labs measurement system and a prefix in 240.0.0.0/4 temporarily assigned and routed in BGP. The results were not encouraging, and Geoff thinks routability of the range remains a very high burden.Read more about 240/4 in the APNIC Blog, and the IETF Datatracker website:* Looking for 240/4 addresses (https://blog.apnic.net/2024/09/10/looking-for-240-4-addresses/) (Geoff Huston, APNIC Blog September 2024)* Re-delegation of 240/4 from "future use" to "private use" (https://datatracker.ietf.org/doc/draft-wilson-class-e/) (expired IETF draft, 2008)* Unicast use of the formerly reserved 240/4 (https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-240/00/) (active IETF draft, 2024)
Wed, 16 Oct 2024 - 1h 09min - 74 - Focusing purely on technology limits the understanding of Internet resilience
In this episode of PING, Nowmay Opalinski (https://blog.apnic.net/author/nowmay-opalinski/) from the French Institute of Geopolitics at Paris 8 University discusses his work on resilience, or rather the lack of it, confronting the Internet in Pakistan.As discussed in his blog post (https://blog.apnic.net/2024/09/17/focusing-on-technology-limits-understanding-of-internet-resilience-pakistan-case-study/), Nowmay and his colleagues at the French Institute of Geopolitics (IFG), University Paris 8 (https://www.univ-paris8.fr/en/ur-centre-de-recherches-et-d-analyses-geopolitiques-ifg-lab-research-unit), and LUMS University Pakistan (https://lums.edu.pk/) used a combination of technical measurement from sources such as RIPE Atlas (https://atlas.ripe.net/), in a methodology devised by the GEODE project, combined with interviews in Pakistan, to explore the reasons behind Pakistan’s comparative fragility in the face of seaborne fibre optical cable connectivity. The approach deliberately combines technical and social-science approaches to exploring the problem space, with quantitative data and qualitative interviews.Located at the head of the Arabian Sea, but with only two points of connectivity into the global Internet, Pakistan has suffered over 22 ‘cuts’ to the service in the last 20 years, However, as Nowmay explores in this episode, there actually are viable fibre connections to India close to Lahore, which are constrained by politics.Nowmay is completing a PhD at the institute, and is a member of the GEODE project (https://geode.science/en/about/). His paper on this study was presented at the 2024 AINTEC conference (https://interlab.ait.ac.th/aintec2024) held in Sydney, as part of ACM SIGCOMM 2024 (https://conferences.sigcomm.org/sigcomm/2024/).Read more about GEODE, and Nowmay’s work:* The GEODE project (https://geode.science/en/)* Pakistan, a case study (https://blog.apnic.net/2024/09/17/focusing-on-technology-limits-understanding-of-internet-resilience-pakistan-case-study/) in Internet fragility* The Quest for a Resilient Internet Access in a Constrained Geopolitical Environment (https://dl.acm.org/doi/fullHtml/10.1145/3674213.3674220)(AINTEC 2024 Paper)
Wed, 02 Oct 2024 - 34min - 73 - Privacy and DNS Client Subnet
In his regular monthly spot on PING, APNIC’s Chief Scientist, Geoff Huston (https://blog.apnic.net/author/geoff-huston/), discusses another use of DNS Extensions: The EDNS0 Client Subnet option (RFC 7871 (https://datatracker.ietf.org/doc/html/rfc7871)). This feature, though flagged in its RFC as a security concern, can help route traffic based on the source of a DNS query. Without it, relying only on the IP address of the DNS resolver can lead to incorrect geolocation, especially when the resolver is outside your own ISP’s network.The EDNS Client Subnet (ECS) signal can help by encoding the client’s address through the resolver, improving accuracy in traffic routing. However, this comes at the cost of privacy, raising significant security concerns. This creates tension between two conflicting goals: Improving routing efficiency and protecting user privacy.Through the APNIC Labs measurement system (https://labs.apnic.net/measurements/), Geoff can monitor the prevalence of ECS usage in the wild. He also gains insights into how much end-users rely on their ISP’s DNS resolvers versus opting for public DNS resolver systems that are openly available.Read more about EDNS0 and UDP on the APNIC Blog and at APNIC Labs:* Privacy and DNS Client Subnet (Geoff Huston, APNIC Blog July 2024) (https://blog.apnic.net/2024/07/23/privacy-and-dns-client-subnet/)* The use of ECS as measured by APNIC Labs (https://stats.labs.apnic.net/ecs)
Wed, 18 Sep 2024 - 49min - 72 - The APNIC Labs Measurement System
In this episode of PING, Joao Damas (https://blog.apnic.net/author/joao-luis-silva-damas/) from APNIC Labs explores the mechanics of the Labs measurement system. Commencing over a decade ago, with an "actionscript" (better known as flash) mechanism, backed by a static ISC Bind DNS configuration cycling through a namespace, the Labs advertising measurement system now samples over 15 million end users per day, using Javascript and a hand crafted DNS system which can synthesise DNS names on-the-fly and lead users to varying underlying Internet Protocol transport choices, packet sizes, DNS and DNSSEC parameters in general, along with a range of Internet Routing related experiments.Joao explains how the system works, and the mixture of technologies used to achieve the goals. There's almost no end to the variety of Internet behaviour which the system can measure, as long as it's capable of being teased out of the user in a javascript enabled advert backed by the DNS!* Measurements from APNIC Labs (https://labs.apnic.net/measurements/)* How we measure: RPKI ROA and ROV (https://labs.apnic.net/index.php/2023/11/09/how-we-measure-rpki-roa-signing-and-route-origination-validation/) (2023)* How we measure: DNSSEC Validation (https://labs.apnic.net/index.php/2023/10/30/how-we-measure-dnssec-validation/) (2023)* The APNIC Labs IPv6 Measurement system (https://labs.apnic.net/index.php/2013/05/30/apnic-labs-ipv6-measurement-system/) (2013)
Wed, 04 Sep 2024 - 33min - 71 - DNS and UDP truncation
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) re-visits the question of DNS Extensions, in particular the EDNS0 option signalling maximum UDP packet size accepted, and it’s effect in the modern DNS.Through the APNIC Labs measurement system Geoff has visibility of the success rate for DNS events where EDNS0 signalling triggers DNS “truncation” and the consequent re-query in TCP as well as the impact of UDP fragmentation even inside the agreed limit, as well as the ability to handle the UDP packet sizes proffered in the settings.Read more about EDNS0 and UDP on the APNIC Blog and at APNIC Labs* Revisiting DNS and UDP truncation (https://blog.apnic.net/2024/07/15/revisiting-dns-and-udp-truncation/) (Geoff Huston, APNIC Blog July 2024)* DNS TCP Requery failure rate (https://stats.labs.apnic.net/dnstcp) (APNIC Labs)
Wed, 21 Aug 2024 - 54min - 70 - The SIDN Labs Post-Quantum DNSSEC testbed
In this episode of PING, Caspar Schutijser (https://blog.apnic.net/author/caspar-schutijser/) and Ralph Koning (https://ralph.alotof.it/)from SIDN Labs (https://www.sidnlabs.nl/) in the Netherlands discuss their post-quantum testbed project. As mentioned in the previous PING episode about Post Quantum Cryptography (PQC) in DNSSEC with Peter Thomassen (https://github.com/peterthomassen) from SSE (https://www.securesystems.de/) and Jason Goertzen (https://github.com/Martyrshot) from Sandbox AQ (https://www.sandboxaq.com/) it's vital we understand how this technology shift will affect real-world DNS systems in deployment.The SIDN Labs system has been designed to be a "one stop shop" for DNS operators to test configurations of DNSSEC for their domain management systems, with a complete virtualised environment to run inside. It's fully scriptable so can be modified to suit a number of different situations and potentially include builds of your own critical software components to include with the system under test.Read more about the testbed and PQC on the APNIC Blog and at SIDN Labs:* PATAD: The SIDN Labs post-quantum cryptography DNSSEC testbed (https://patad.sidnlabs.nl/)* [Podcast] Testing Post Quantum Cryptography DNSSEC (https://blog.apnic.net/2024/07/11/podcast-testing-post-quantum-cryptography-dnssec/)* A quantum-safe cryptography DNSSEC testbed (https://blog.apnic.net/2024/02/16/a-quantum-safe-cryptography-dnssec-testbed/)* How organizations can prepare for post-quantum cryptography (https://blog.apnic.net/2023/04/10/how-organizations-can-prepare-for-post-quantum-cryptography/)
Wed, 07 Aug 2024 - 30min - 69 - Calling time on DNSSEC part 2 of 2
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) continues his examination of DNSSEC. In the first part (https://blog.apnic.net/2024/06/27/podcast-calling-time-on-dnssec-part-1-of-2/) of this two-part story, Geoff explored the problem space, with a review of the comparative failure of DNSSEC to be deployed by zone holders, and the lack of validation by the resolvers. This is visible to APNIC labs from carefully crafted DNS zones with validly and invalidly signed DNSSEC states, which are included in the Labs advertising method of user measurement.This second episode offers some hope for the future. It reviews the changes which could be made to the DNS protocol, or use of existing aspects of DNS, to make DNSSEC safer to deploy. There is considerable benefit to having trust in names, especially as a "service" to Transport Layer Security (TLS) which is now ubiquitous worldwide in the web.Read more about DNSSEC and TLS on the APNIC Labs website and the APNIC Blog:* Calling time on DNSSEC (https://blog.apnic.net/2024/05/28/calling-time-on-dnssec/) (Geoff Huston, APNIC Blog, June 2024)* 'Keytrap' attacks on DNSSEC (https://blog.apnic.net/2024/03/12/keytrap/) (Geoff Huston, APNIC Blog, June 2024)* DNS topics at RIPE 88 (https://blog.apnic.net/2024/06/06/dns-topics-at-ripe-88/) (Geoff Huston, APNIC Blog, June 2024)* The Tranco list (https://tranco-list.eu/)* DNSSEC validation client usage (https://stats.labs.apnic.net/dnssec) (APNIC Labs)* DNSSEC-enabled domains from Cloudflare public DNS (https://stats.labs.apnic.net/cfdnssecdata/?w=1&a=0) (APNIC Labs)
Wed, 24 Jul 2024 - 49min - 68 - Testing post quantum cryptography in DNSSEC
This time on PING, Peter Thomassen (https://github.com/peterthomassen) from deSEC (https://www.securesystems.de/dns-security/) and Jason Goertzen (https://github.com/Martyrshot) from Sandbox AQ (https://www.sandboxaq.com/) discuss their research project on post quantum cryptography in DNSSEC, funded by NLNet Labs. (http://nlnetlabs.nl)Post Quantum cryptography is a response to the risk that a future quantum computer will be able to implement Shor's Algorithm (https://en.wikipedia.org/wiki/Shor%27s_algorithm) -a mechanism to uncover the private key in the RSA public-private key cryptographic mechanism, as well as Diffie-Hellman and Elliptic Curve methods. This would render all existing public-private based security useless, because with knowledge of the private key by a third party, the ability to sign uniquely over things is lost: DNSSEC doesn't depend on secrecy of messages but it does depend on RSA and elliptic curve signatures. We'd lose trust in the DNSSEC protections the private key provides.Post Quantum Cryptography (PQC) addresses this by implementing methods which are not exposed to the weakness that Shor's Algorithm can exploit. But, the cost and complexity of these PQC methods rises.Peter and Jason have been exploring implementations of some of the NIST candidate post quantum algorithms, deployed into bind9 and PowerDNS code. They've been able to use the Atlas system to test how reliably the signed contents can be seen in the DNS and have confirmed that some aspects of packet size in the DNS, and new algorithms will be a problem in deployment as things stand.As they note, it's too soon to move this work into IETF DNS standards process but there is a continuing interest in researching the space, with other activity underway from SIDN (https://blog.apnic.net/2024/02/16/a-quantum-safe-cryptography-dnssec-testbed/) which we'll also feature on PING.
Wed, 10 Jul 2024 - 35min - 67 - Calling time on DNSSEC: Part 1 of 2
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses DNSSEC and it's apparent failure to deploy at scale in the market after 30 years: Both as the state of signed zone uptake (the supply side) and the low levels of verification seen by DNS client users (the consumption side) there is a strong signal DNSSEC isn't making way, compared to the uptake of TLS which is now ubiquitous in connecting to websites. Geoff can see this by measurement of client DNSSEC use (https://stats.labs.apnic.net/dnssec) in the APNIC Labs measurement system, and from tests of the DNS behind the Tranco top website rankings. (https://tranco-list.eu/)This is both a problem (the market failure of a trust model in the DNS is a pretty big deal!) and an opportunity (what can we do, to make DNSSEC or some replacement viable) which Geoff explores in the first of two parts.A classic "cliffhanger" conversation about the problem side of things will be followed in due course by a second episode which offers some hope for the future. In the meantime here's the first part, discussing the scale of the problem.Read more about DNSSEC and TLS on the APNIC Labs website and the APNIC Blog:* Calling time on DNSSEC (https://blog.apnic.net/2024/05/28/calling-time-on-dnssec/) (Geoff Huston, APNIC Blog June 2024)* "Keytrap" attacks on DNSSEC (https://blog.apnic.net/2024/03/12/keytrap/) (Geoff Huston, APNIC Blog June 2024)* DNS topics at RIPE88 (https://blog.apnic.net/2024/06/06/dns-topics-at-ripe-88/) (Geoff Huston, APNIC Blog June 2024)* The Tranco top website Rankings (https://tranco-list.eu/)* DNSSEC validation client usage (https://stats.labs.apnic.net/dnssec) (APNIC Labs)* DNSSEC enabled domains from Cloudflare public DNS (https://stats.labs.apnic.net/cfdnssecdata/?w=1&a=0) (APNIC Labs)
Wed, 26 Jun 2024 - 54min - 66 - The check is in the (e)Mail(s)
This time on PING, Philip Paeps (https://blog.apnic.net/author/philip-paeps/) from the FreeBSD (https://www.kentik.com/company/) Cluster Administrators and Security teams discusses their approach to systems monitoring and measurement. Its eMail.“Short podcast” you say, but no, there’s a wealth of war-stories and “why” to explore in this episode.We caught up at the APNIC57/APRICOT meeting held in Bangkok in February of 2024. Philip has a wealth of experience in systems management and security and a long history of participation in the free software movement. So his ongoing of support of email as a fundamental measure of system health isn’t a random decision, it’s based on experience.Mail may not seem like the obvious go-to for a measurement podcast, but Philip makes a strong case that it’s one of the best tools available for a high-trust measure of how systems are performing, and in the first and second order derivative can indicate aspects of velocity and rate of change of mail flows, indicative of the continuance or change in the underlying systems issues.Philip has good examples of how Mail from the FreeBSD cluster systems indicates different aspects of systems health. Network delays, disk issues. He’s realistic that there are other tools in the armoury, especially the Nagios and Zabbix systems which are deployed in parallel. But from time to time, the first best indication of trouble emerges from a review of the behaviour of email.A delightfully simple, and robust approach to systems monitoring can emerge from use of the fundamental tools which are part of your core distribution.Read more about Philip, FreeBSD, Zabbix and Nagios at their websites:* FreeBSD Project home page (https://www.freebsd.org/)* The FreeBSD Foundation welcomes donations! (https://freebsdfoundation.org/)* The FreeBSD Project and Administration (https://www.freebsd.org/administration/#t-clusteradm)* Philip’s home page (https://trouble.is/who/)* Zabbix for systems and network monitoring (https://www.zabbix.com/)* Nagios for systems and network monitorin (https://www.nagios.org/)g
Wed, 12 Jun 2024 - 38min - 65 - We don't need subnets any more
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the question of subnet structure, looking into the APNIC Labs measurement data which collects around 8 million discrete IPv6 addresses per day, worldwide.Subnets are a concept which "came along for the ride" in the birth of Internet Protocol, and were baked into the address distribution model as the class-A, class-B and class-C subnet models (there are also class-D and class-E addresses we don't talk about much).The idea of a sub-net is distinct from a routing network, many pre-Internet models of networking had some kind of public-local split, but the idea of more than one level of structure in what is "local" had to emerge when more complex network designs and protocols came into being.Subnets are the idea of structure inside the addressing plan, and imply logical and often physical separation of hosts, and structural dependency on routing. There can be subnets inside subnets, its "turtles all the way down" in networks.IP had an ability out-of-the-box to permit subnets to be defined, and when we moved beyond the classful model into classless inter-domain routing or CIDR, the idea of prefix/length models of networks came to life.But IPv6 is different, and the assumption we are heading to a net-subnet-host model of networks may not be applicable in IPv6, or in the modern world of high speed complex silicon for routing and switching.Geoff discusses an approach to modelling how network assignments are being used in deployment, which was raised by Nathan Ward in a recent NZNOG meeting. Geoff has been able to look into his huge collection of IPv6 addresses and see what's really going on.Read more about networks and subnets and address policy on the APNIC Web and blog* APNIC's current address policy (https://www.apnic.net/community/policy/resources)* RFC4632 Classless Inter-Domain Routing (https://datatracker.ietf.org/doc/html/rfc4632) (CIDR) (IETF RFC)* IPv6 Prefix Lengths (https://blog.apnic.net/2024/04/25/ipv6-prefix-lengths/) (Geoff Huston, blog article)
Wed, 29 May 2024 - 1h 01min - 64 - Measuring RPKI and BGP with Oregon RouteViews
This time on PING Doug Madory (https://blog.apnic.net/author/doug-madory/) from Kentik (https://www.kentik.com/company/) discusses his recent measurements of the RPKI system worldwide, and it's visible impact on the stability and security of BGP.Doug makes significant use of the Oregon RouteViews (https://www.routeviews.org/routeviews/) repository of BGP data, a collection maintained continuously at the University of Oregon for decades. It includes data from back to 1997, originally collected by the NLANR/MOAT project (http://moat.nlanr.net/) and has archives of BGP Routing Information Base (RIB) dumps taken every two hours from a variety of sources, and made available in both human-readable (https://www.routeviews.org/routeviews/index.php/archive/#cisco) and machine readable binary formats. (https://www.routeviews.org/routeviews/index.php/archive/#frr)This collection has become the de-facto standard for publicly available BGP state worldwide, along with the RIPE RIS collection (https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/). As Doug discusses, research papers which cite Oregon RouteViews data (https://www.routeviews.org/routeviews/index.php/papers/) (over 1,000 are known of, but many more exist which have not registered their use of the data) invite serious appraisal because of the reproducibility of the research, and thus the testability of the conclusions drawn. It is a vehicle for higher quality science about the nature of the Internet through BGP.Doug presented on RPKI and BGP, at the APOPS (https://2024.apricot.net/program/program/#/day/8/apops-2) session held in February at APRICOT/APNIC57 Bangkok, Thailand (https://2024.apricot.net/)Read more about Doug's presentation, his measurements at Kentik, Oregon RouteViews, the state of BGP and RPKI on the Kentik website, and the APNIC Blog:* RPKI ROV Reaches Major Milestone/ (https://blog.apnic.net/2024/05/08/rpki-rov-deployment-reaches-major-milestone/) (APNIC Blog May 2024)* Doug Madory's blog at Kentik (https://www.kentik.com/blog/author/doug-madory/)* Digging into the Orange España Hack (https://blog.apnic.net/2024/01/26/digging-into-the-orange-espana-hack/) (APNIC Blog January 2024)* What can be learned from BGP hijacks targeting cryptocurrency services? (https://blog.apnic.net/2022/11/07/what-can-be-learned-from-bgp-hijacks-targeting-cryptocurrency-services/) (APNIC Blog November 2022)* The University of Oregon RouteViews (https://www.routeviews.org/routeviews/) project website* The RIPE Routing Information Service (RIS) (https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/) website
Wed, 15 May 2024 - 30min - 63 - Measuring Starlink TCP performance
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses Starlink again, and the ability of modern TCP flow control algorithms to cope with the highly variant loss and delay seen over this satellite network. Geoff has been doing more measurements using starlink terminals in Australia and the USA, at different times of day exploring the system behaviour.Starlink has broken new ground in Low Earth Orbit internet services. Unlike Geosynchronous satellite services which have a long delay but constant visibility of the satellite in stationary orbit above, Starlink requires the consumer to continuously re-select a new satellite as they move overhead in orbit. In fact, a new satellite has to be picked every 15 seconds. This means there's a high degree of variability in the behaviour of the link, both between signal quality to each satellite, and in the brief interval of loss ocurring at each satellite re-selection window. Its a miracle TCP can survive, and in fact in the case of the newer BBR protocol thrive, and achieve remarkably high throughput, if the circumstances permit. This is because of the change from a slow start, fast backoff model used in Cubic and Reno to a much more aggressive link bandwidth estimation model, which continuously probes to see if there is more room to play in.Read more about Satellites, TCP and flow control algorithms on the APNIC Blog and on the IETF website.* An explainer on Coherent Optical Transcievers (https://blog.apnic.net/2024/04/15/coherent-optical-transceivers/) (Geoff Huston, APNIC Blog 2024)* Low Earth Orbit and the Congestion Control Problem (https://blog.apnic.net/2023/11/23/podcast-low-earth-orbit-and-the-tcp-congestion-control-problem/) (Geoff Huston, APNIC Blog 2023)* APNIC Labs measurements of Starlink (https://labs.apnic.net/starlink/) (APNIC Labs)* Comparing TCP and QUIC (https://blog.apnic.net/2022/11/03/comparing-tcp-and-quic/) (Geoff Huston APNIC Blog 2022)* Testing LEO and GEO Satellite Services in Australia (https://blog.apnic.net/2022/05/02/testing-leo-and-geo-satellite-services-in-australia/) * Transport Protocols and the Network (https://blog.apnic.net/2021/05/11/transport-protocols-and-the-network/) * Congestion Control at IETF 110 (https://blog.apnic.net/2021/03/30/congestion-control-at-ietf-110/)
Wed, 01 May 2024 - 1h 02min - 62 - Using Fibre Optics to measure vehicle traffic
This time on PING, Dr Mona Jaber (https://www.qmul.ac.uk/dtsdg/team-details/profiles/jabermona.html) from Queen Mary University of London (https://www.qmul.ac.uk/) (QMUL), discusses her work exploring IoT, Digital Twins and Social Science led research in the field of networking and telecommunications.Dr Jaber is a senior lecturer in QMUL and is the founder and director of the Digital Twins for Sustainable Development Goals (DT4SDG) at QMUL. She was one of the invited Keynote speakers at the recent APRICOT/APNIC57 meeting held in Bangkok, and the podcast explores the three major themes explored in her keynote presentation.* The role of deployed fibre optic communication systems in measurement for sustainable green goals* Digital Twin Simulation platforms for exploring the problem space* Social Sciences led research, an inter-disciplinary approach to formulating and exploring problems which has been applied to Sustainable Development-related research through technical innovation in IoT, AI, and Digital Twins.The Fibre Optic measurement method is Distributed Acoustic Sensor or DAS:"DAS reuses underground fibre optic cables as distributed strain sensing where the strain is caused by moving objects above ground. DAS is not affected by weather or light and the fibre optic cables are often readily available, offering a continuous source for sensing along the length of the cable. Unlike video cameras, DAS systems also offer a GDPR-compliant source of data."The DASMATE Project at theengineer.co.ukThis Episode of PING was recorded live in the venue and is a bit noisy compared to the usual recordings, but it's well worth putting up with the background chatter!Read more about Dr Jaber's presentation, the DAS system, Digital Twins and Fibre Optic communications:* Intelligent IoT for sustainable development Goals (https://2024.apricot.net/assets/files/APIC378/intelligent-iot-for-_1709020139.pdf): Keynote talk at APRICOT/APNIC57* The recording of Dr Jaber's Keynote talk (https://youtu.be/BOY8tVNL3yQ?t=1564)* The DASMATE project (https://www.theengineer.co.uk/content/news/das-signal-modelling-to-assist-in-uptake-of-active-travel): Assisting the uptake of Active Travel Tower Hamlets, London* The DT4SDG group (https://www.qmul.ac.uk/dtsdg/) page at QMUL* Coherent Optical Tranceivers (https://blog.apnic.net/2024/04/15/coherent-optical-transceivers/) (Geoff Huston, April 2024)
Wed, 17 Apr 2024 - 27min - 61 - Digital sovereignty and standards
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the European Union's consideration of taking a role in the IETF, as itself. Network engineers, policy makers and scientists from all around the world have participated in IETF but this is the first time an entity like the EU has considered participation as itself in the process of standards development. What's lead to this outcome? What is driving the concern that the EU as a law setting and treaty body, an inter-governmental trade bloc needs to participate in the IETF process? Is this a mis-understanding of the nature of Internet Standards development or does it reflect a concern that standards are diverging from society's needs? Geoff wrote this up in a recent opinion piece on the APNIC Blog and the podcast is a conversation around the topic.Read more about digital sovereignty on the APNIC Blog and on the IETF website.* Digital sovereignty and standards (https://blog.apnic.net/2024/03/06/opinion-digital-sovereignty-and-standards/) (Geoff Huston, APNIC Blog)* As the Balance of Security Controls shifts where does responsibility rest? (https://blog.apnic.net/2024/03/20/as-the-balance-of-security-controls-shifts-where-does-responsibility-rest/) (Kathleen Moriarty, Guest Author on the APNIC Blog)* Reflections on Ten Years Past the Snowden Revelations (https://datatracker.ietf.org/doc/rfc9446/) (IETF RFC9446)* Pervasive Monitoring is an Attack (https://datatracker.ietf.org/doc/html/rfc7258) (IETF RFC7528)
Wed, 03 Apr 2024 - 1h 05min - 60 - DNS OARC's many faces
This time on PING we have Phil Regnauld (https://www.linkedin.com/in/philregnauld/) from DNS Operations Analysis & Resource Center (DNS-OARC) (https://www.dns-oarc.net/) talking about the three distinct faces OARC presents to the community.Phil came to the OARC presidents role, replacing Keith Mitchell (https://www.linkedin.com/in/keithmitchell/) who was the founding president since 2008 through to this year. Phil previously has worked with the Network Startup Resource Centre (NSRC) (https://nsrc.org/)and with AFNOG (https://www.afnog.org/), and the Francophone Internet community at large.DNS OARC has at least 3 distinct faces. It is a community of DNS operators and researchers, who maintain an active ongoing dialogue face to face in workshops and online in the OARC Mattermost community hub. Secondly it is a home, repository and ongoing development environment for DNS related tools such as DNSVIZ (https://dnsviz.net/) (written by Casey Deccio) hosting the AS112 (https://www.as112.net/) project, and development of the DSC systems amongst many other tools.Thirdly it is the organiser and host of the Day In The Life or DITL (https://www.dns-oarc.net/index.php/oarc/data/ditl) activity, the periodic collection of 48-72 hours of DNS traffic from the DNS root operators, and other significant sources of DNS traffic. Stretching back over 10 years DITL is a huge resource for DNS research, providing insights in the use of DNS and its behaviour on-the-wire.Read more about DNS OARC and its activities:* The Domain Name Service Operations, Analysis and Research Center (https://www.dns-oarc.net/index.php/)* The DSC (https://www.dns-oarc.net/index.php/oarc/data/dsc) data collection and analysis system* DNS OARC software tools catalog (https://www.dns-oarc.net/index.php/oarc/tools)* The Day In The Life (DITL) (https://www.dns-oarc.net/index.php/oarc/data/ditl) collection
Wed, 20 Mar 2024 - 40min - 59 - DELEG - a proposed new way to manage DNS Delegation in-band
In this episode of PING, APNICs Chief Scientist Geoff Huston discusses a new proposed DNS resource record called DELEG. The record is being designed to aid in managing where a DNS zone is delegated.Delegation is the primary mechanism used in the DNS to separate responsibility between child and parent for a given domain name. The DELEG RR is designed to address several problems, including a goal of moving to new transports for the name resolution service the DNS provides to all other Internet protocols.Additionally, Geoff believes it can help with cost and management issues inherent in out-of-band external domain name management through the registry/registrar process, bound in the whois system and in a protocol called Extensible Provisioning Protocol or EPP.There are big costs here and they include some problems dealing with intermediaries who manage your DNS on your behalf.Unlike whois, EPP, and registrar functions, DELEG would be an in-band mechanism between the parent zone, any associated registry, and the delegated child zone. It’s a classic disintermediation story about improved efficiency and enables the domain name holder to nominate intermediaries for their services, via an aliasing mechanism that has until now eluded the DNS.Read more about DELEG on the APNIC Blog and on the IETF website.* DNS and the proposed DELEG record (https://blog.apnic.net/2024/02/08/dns-and-the-proposed-deleg-record/) (APNIC Blog)* ‘Extensible Delegation for DNS (https://datatracker.ietf.org/doc/draft-dnsop-deleg/)‘ (IETF draft)* Extensible Provisioning Protocol (EPP) (https://datatracker.ietf.org/doc/html/rfc3731) (IETF RFC)
Wed, 06 Mar 2024 - 1h 01min - 58 - Taking the PULSE of the Internet
This time on PING we have Amreesh Phokeer (https://www.internetsociety.org/author/phokeer/) from the Internet Society (ISOC) talking about a system they operate called Pulse, available at https://pulse.internetsociety.org/ (https://pulse.internetsociety.org/). Pulse’s purpose is to assess the “resiliency” of the Internet in a given locality.Similar systems we have discussed before on Ping include APNIC’s DASH (https://dash.apnic.net/) service, aimed at resource holding APNIC members, and the MANRS (https://manrs.org/) project. Both of these take underlying statistics like resource distribution data, or measurements of RPKI uptake or BGP behaviours and present them to the community, and in the case of MANRS there’s a formalised “score” which shows your ranking against current best practices.The Pulse system measures resilience in four pillars: Infrastructure, Quality, Security and Market Readiness. Some of these are “hard” measures analogous to MANRS and DASH, but Pulse in addition to these kinds of measurements includes “soft” indicators like the economic impacts of design decisions in an economy of interest, the extent of competition, and less formally defined attributes like the amount of resiliency behind BGP transit. This allows the ISOC Pulse system to consider governance-related aspects of the development of Internet, and has a simple scoring model which allows a single health metric analogous to the use of pulse and blood pressure by a physician to assess your condition, but this time applied to the Internet.Read more about Pulse:* The https://pulse.internetsociety.org/ (https://pulse.internetsociety.org/) website* The Pulse Blog (https://pulse.internetsociety.org/blog)* Don’t put all your internet infrastructure in one basket (https://blog.apnic.net/2023/11/14/dont-put-all-your-internet-infrastructure-in-one-basket/) (Robbie Mitchell in the APNIC Blog)* Internet Resilience on Pulse (https://pulse.internetsociety.org/resilience)* Internet Resilience Index Methodology (https://pulse.internetsociety.org/wp-content/uploads/2021/11/Internet-Society-Pulse-IRI-Methodology-October-2021-v1.0-Final-EN.pdf)
Wed, 21 Feb 2024 - 35min - 57 - DNS is the new BGP
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the role of DNS in directing where your applications connect to, and where content comes from. Although this more “steering” traffic than it “routing” in the strict sense of IP packet forwarding, (that’s still the function of the border gateway protocol or BGP) It does in fact represent a kind of routing decision, to select a content source or server logistically “best” or “closest” to you. So in the spirit of “Orange is the new Black” -DNS is the new BGP.As this change in delivery of content has emerged, the effective control on this kind of routing decision has also become more concentrated, into the hands of the small number of at-scale Content Distribution Networks (CDN) and associated DNS providers worldwide. This is far less than the 80,000 or so BGP speakers with their own AS and represents another trend to be thought about. How we optimise content delivery isn’t decided in common amongst us, its managed by simpler contractual relationships between content owner and intermediaries.The upside of course remains the improvement in efficiency of fetch for each client, the reduction in delay and loss. But the evolution of the Internet over time and the implications for governance in “steering” decisions is going to be of increasing concern.Read more about Geoff’s views of Concentration in the Internet, Governance, and Economics on the APNIC Blog and at APNIC Labs (https://labs.apnic.net/):* DNS is the new BGP (https://blog.apnic.net/2023/09/22/dns-is-the-new-bgp/)* Internet Governance in 2023 (https://blog.apnic.net/2023/10/20/internet-governance-in-2023/)* On Internet Centrality and Fragmentation (https://blog.apnic.net/2023/07/17/opinion-on-internet-centrality-and-fragmentation/)* The Internet as a Public Utility (https://blog.apnic.net/2023/05/08/the-internet-as-a-public-utility/)* An Economic Perspective on Internet Centrality (https://blog.apnic.net/2023/03/07/economic-perspective-on-internet-centrality/)* Looking at Centrality in the DNS (https://blog.apnic.net/2022/11/22/looking-at-centrality-in-the-dns/)
Wed, 07 Feb 2024 - 54min - 56 - Global Cyber Alliance Measurements
In this episode of PING, Leslie Daigle from the Global Cyber Alliance (GCA) (https://www.globalcyberalliance.org/team-members/leslie-daigle/) discusses their honeynet project, measuring bad traffic internet-wide. This was originally focussed on IoT devices with the AIDE project but is clearly more generally informative. Leslie also discusses the quad-nine DNS service, GCA’s domain trust work and the MANRS project. Launched in 2014 with support from ISOC, MANRS now has a continuing relationship with GCA and may represent a model for the routing community regarding the ‘bad traffic’ problem which the AIDE project explores.Leslie has a long history of work in the public interest, as Chief Internet Technology Officer of the Internet Society, and with the IETF. She is currently the chair of the MOPS working group, has co-authored 22 RFCs and was chair of the IAB for five years.Read more about GCA, AIDE, domain trust and honeynets:* The Global Cyber Alliance (GCA) (https://www.globalcyberalliance.org/)The AIDE programme at GCA (https://www.globalcyberalliance.org/aide/)Domain Trust at GCA (https://www.globalcyberalliance.org/domain-trust/)* Honeynet tagged blog entries at APNIC (https://blog.apnic.net/tag/honeynet/)
Wed, 24 Jan 2024 - 38min - 55 - IPv6 Fragmentation and the DNS
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the change in IP packet fragmentation behaviour adopted by IPv6, and the implications of a change in IETF “Normative Language” regarding use of IPv6 in the DNS.IPv4 arguably succeeds over so many variant underlying links and networks because it’s highly adaptable to fragmentation in the path. IPv6 has a proscriptive requirement that only the end hosts fragment, which limits how intermediate systems can handle IPv6 data in flight. In the DNS, increasing complexity from things like DNSSEC mean the the DNS packet sizes are getting larger and larger, which risks invoking the IPv6 fragmentation behaviour in UDP. This has consequences for the reliability and timeliness of the DNS service.For this reason, a revision of the IETF normative language (the use of capitalised MUST MAY SHOULD and MUST NOT) directing how IPv6 integrates into the DNS service in deployment has risks. Geoff argues for a “first, do no harm” approach to this kind of IETF document.Read more about IPv6, Fragmentation, the DNS and Geoff’s measurements on the APNIC Blog and APNIC Labs:* IPv6, the DNS and Happy Eyeballs (https://blog.apnic.net/2023/11/17/ipv6-the-dns-and-happy-eyeballs/)* How we measure DNSSEC Validation (https://blog.apnic.net/2023/10/31/how-we-measure-dnssec-validation/)* DNS is the new BGP (https://blog.apnic.net/2023/09/22/dns-is-the-new-bgp/) * To DNSSEC or Not (https://blog.apnic.net/2023/02/20/opinion-to-dnssec-or-not/)
Wed, 10 Jan 2024 - 55min - 54 - The ICANN DNS stats collector system
In this episode of PING, Sara Dickinson from Sinodun Internet Technologies (https://sinodun.com/team/sara-dickinson/) and Terry Manderson (https://www.linkedin.com/in/terrymanderson/?originalSubdomain=au), VP, Information Security and Network Engineering at ICANN discuss the ICANN DNS stats collector system which ICANN commissioned, and Sinodun wrote for them.This system (https://github.com/dns-stats) consists of two parts, a DNS stats compactor framework (https://github.com/dns-stats/compactor) which captures data in the C-DNS format, a specified set of data in CBOR format, and the DNS stats visualiser (https://github.com/dns-stats/visualizer) which is uses Grafana. The C-DNS (https://datatracker.ietf.org/doc/html/rfc8618) format is not a complete packet capture but allows the recreation of all the DNS context of the query and response. It was standardised in 2019, in an RFC authored by Sara, her partner John, Jim Hague, John Bond and Terry.Unlike DSC (https://github.com/DNS-OARC/dsc), which is a 5 minute sample aggregation system, this system is able to preserve a significantly larger amount of the seen DNS query information and can even be used to re-create an on-the-wire view of the DNS (albiet not 1 to 1 identical to the original IP packetflows)Read more about the systems, and IMRS online:* RFC8618 Compacted-DNS (C-DNS): A Format for DNS Packet Capture (https://datatracker.ietf.org/doc/html/rfc8618)* The ICANN github repository for DNS Stats (https://github.com/dns-stats)* ICANN Managed Root Server (IMRS) (https://www.dns.icann.org/imrs/)
Wed, 06 Dec 2023 - 30min - 53 - Low Earth Orbit and the TCP congestion control problem
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the rise of Low Earth Orbiting (LEO) Satellite based Internet, and the consequences for end-to-end congestion control in TCP and related protocols.Modern TCP has mostly been tuned for constant delay, low loss paths and performs very well at balancing bandwidth amongst the cooperating users of such a link, achieving maximum use of the resource. But a consequence of the new LEO internet is a high degree of variability in delay, loss and consequently an unstable bandwidth, which means TCP congestion control methods aren’t working quite as well in this kind of Internet.A problem is, that with the emergence of TCP bandwidth estimation models such as BBR, and the rise of new transports like QUIC (which continue to use the classic TCP model for congestion control), we have a fundamental mismatch in how competing flows try to share the link. Geoff has been exploring this space with some tests from starlink home routers, and models of satellite visibility. His Labs starlink (https://labs.apnic.net/starlink/) page shows a visualisation of behaviour of the starlink system, and a movie of views of the satellites in orbit.Read more about TCP, QUIC, LEO and Geoff’s measurements on the APNIC Blog and APNIC Labs:* APNIC Labs measurements of Starlink. (https://labs.apnic.net/starlink/)(2023, Geoff Huston)* Comparing TCP and QUIC (https://blog.apnic.net/2022/11/03/comparing-tcp-and-quic/)(November 2022, Geoff Huston)* Testing LEO and GEO Satellite Services in Australia (https://blog.apnic.net/2022/05/02/testing-leo-and-geo-satellite-services-in-australia/)(May 2022, Geoff Huston)* Transport Protocols and the Network (https://blog.apnic.net/2021/05/11/transport-protocols-and-the-network/)(May 2021, Geoff Huston)* Congestion Control at IETF110 (https://blog.apnic.net/2021/03/30/congestion-control-at-ietf-110/)(March 2021, Geoff Huston)
Wed, 22 Nov 2023 - 1h 16min - 52 - Negative Caching of DNS Resolution Failures
In this episode of PING, Verisign fellow Duane Wessels (https://blog.apnic.net/author/Duane-Wessels/) discusses a late state (version 08) Internet draft he’s working on with two colleagues from Verisign. The draft is on Negative Caching of DNS Resolution Failures (https://datatracker.ietf.org/doc/draft-ietf-dnsop-caching-resolution-failures/) and is co-authored by Duane, William Carroll (https://datatracker.ietf.org/person/wicarroll@verisign.com), and Matt Thomas (https://datatracker.ietf.org/person/mthomas@verisign.com)This episode discusses the behaviour of the DNS system overall in the face of failures to answer. There are already mechanisms to deny the existence of a queried name or a specific resource type. There are also mechanisms to define how long this negative answer should be cached, just as there are cache lifetimes defined for how long to hold valid answers, things that do exist, and have been supplied.This time, it’s a cache of not being able to answer. The thing asked about? It might exist, or it might not. This cached data isn’t saying if it does exist or not, it’s a caching failure to be able to answer. As the draft states: “… a non-response due to a resolution failure in which the resolver does not receive any useful information regarding the data’s existence.”Prior DNS specifications did provide guidance on caching in the context of positive responses and negative responses but the only guidance relating to failing to answer was to avoid aggressive re-querying of the nameservers that should be able to answer.Read more about the draft, and other DNS-related work by Duane on the APNIC Blog:* The draft Negative Caching of DNS Resolution Failures (https://datatracker.ietf.org/doc/draft-ietf-dnsop-caching-resolution-failures/) (2023, Version 08)* Adding ZONEMD protections to the root zone (https://blog.apnic.net/2023/07/18/adding-zonemd-protections-to-the-root-zone/) (2023, APNIC Blog post)* [Podcast] Adding ZONEMD protections to the root zone (https://blog.apnic.net/2023/07/20/podcast-adding-zonemd-protections-to-the-root-zone/) (2023, related podcast on PING)* [Podcast] A look back at notable root zone changes (https://blog.apnic.net/2023/05/24/podcast-a-look-back-at-notable-root-zone-changes/) (Duane discusses three significant root zone changes over the last decade)
Wed, 08 Nov 2023 - 32min - 51 - What really happened — 30 years of APNIC
In this episode of PING, instead of a conversation with APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) we’ve got a panel session from APNIC56 (https://conference.apnic.net/56/program/program/#/day/7/apnic-30th-anniversary-panel/) he facilitated, where Geoff and six guests got to discuss the 30 year history of APNIC.With Geoff on the panel were:* Professor Jun Murai (https://conference.apnic.net/56/program/speakers/#/jun-murai) known as the ‘father of the Internet’ in Japan. In 1984, he developed the Japan University UNIX Network (JUNET), the first-ever inter-university network in that nation. In 1988, he founded the Widely Integrated Distributed Environment (WIDE (https://www.wide.ad.jp/index_e.html)) Project, a Japanese Internet research consortium, for which he continues to serve as a board member. Along with Geoff, Jun was one of the main progenitors of what became APNIC.* Elise Gerich (https://conference.apnic.net/56/program/speakers/#/elise-gerich), a 31 year veteran of Internet networking, is recognised globally for her significant contributions to the Internet. Before retiring, Elise was President of PTI and prior to that, Vice President of IANA at ICANN. Elise served as the Associate Director National Networking at Merit Network in Michigan. While at Merit she was also a Principal Investigator for NSFNET’s T3 Backbone Project and the Routing Arbiter Project and was responsible for much of the early address management Impetus which led to the creation of the RIR system.* David Conrad (https://conference.apnic.net/56/program/speakers/#/david-conrad) Previously the Chief Technology Officer of ICANN, who was involved in the creation of APNIC as its first full-time employee and founding Director-General.* Akinori Maemura (https://conference.apnic.net/56/program/speakers/#/akinori-maemura) the JPNICChief Policy Officer, and a member of the APNIC EC for 16 years, 13 of which he was Chair of the EC.* Gaurab Raj Upadhaya (https://conference.apnic.net/56/program/speakers/#/gaurab-raj-upadhaya) Head of WWW Video Delivery Strategy, Prime Video at Amazon. Gaurab has been active in the Internet community for more than a decade and like Akinori served on the APNIC EC for 12 years, 7 of these as Chair of the EC.* Paul Wilson (https://conference.apnic.net/56/program/speakers/#/paul-wilson) has more than thirty years’ involvement with the Internet, including 25 years’ experience as the Director General of APNIC.The Panel discussed the early years of the Internet and the processes which led to the creation of APNIC along with some significant moments in the life of the registry.
Wed, 25 Oct 2023 - 1h 19min - 50 - Where in the world is Carmen Santiego's Data Centre?
In this episode of PING, Stephen Song discusses his work mapping the Internet. This is a long-term project, which he carries out alongside and supported by Mozilla Corporation (https://www.mozilla.org/en-US/foundation/moco/), and the Association for Progressive Communications (APC (https://apc.org/)).Stephen has long championed the case (https://manypossibilities.net/2017/06/the-case-for-open-data-in-telecoms/) for Open Data in telecommunications decision-making and maintains a list (https://manypossibilities.net/resources-i-maintain/) of resources for capacity building and development of the Internet with a particular focus on Africa.The combination of some opaque business practices and the change from end delivery to mediated proxies from the content distribution network model raises questions about where the things users engage with and depend on are, so network infrastructure can be efficiently and openly planned. The latest episode of PING explores the issues inherent in understanding ‘where things are’ in the modern Internet.Explore Stephen’s resources:* Many Possibilities website (https://manypossibilities.net/about/)* Connectivity indexes, maps, and reports (GitHub) (https://github.com/stevesong/awesome-connectivity-info/blob/main/README.md)* Open Data map of Content Distribution Networks around the world (https://opentelecomdata.org/cdns/)* After Fibre (https://afterfibre.nsrc.org/)* Village Telco (https://villagetelco.org/)
Wed, 11 Oct 2023 - 34min - 49 - How APNIC Labs measures the world using adverts
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the technique APNIC Labs uses to measure end user behaviour in the global internet. (https://stats.labs.apnic.net/) This is probably the only worldwide web advert based measurement system in continuous use since 2010.Originally written in Adobe Flash, the system is now coded in Javascript and HTML5, and continuously samples as many as 25 million users per day, across mobile devices and desktop PCs, Android, iPhone and Chromebook.The system was first designed to inform the community on the rate of IPv6 deployment. The APNIC Labs measurements now encompass IPv6, RTT, HTTP/3 (Quic) adoption, DNSSEC, use of public DNS resolvers, IPv6 EH support, RPKI validation amongst other measurements.Data is available at a per-economy, and per-AS (origin-AS) level, both as a web view and as JSON downloads. No end user identifying material is held, or distributed in any way. The measurement program is generously supported by Google, ICANN and APNIC.Read more about some recent research outcomes from the labs advert on the APNIC Blog:* Measuring the use of DNSSEC (https://blog.apnic.net/2023/09/18/measuring-the-use-of-dnssec/)(September 2023, Geoff Huston)* Measuring NXDOMAIN responses (https://blog.apnic.net/2023/07/12/measuring-nxdomain-responses/)(July 2023, Geoff Huston)* A Further Update on IPv6 Extension Headers (https://blog.apnic.net/2023/06/23/a-further-update-on-ipv6-extension-headers/)(June 2023, Geoff Huston)* A second look at QUIC use (https://blog.apnic.net/2022/09/07/a-second-look-at-quic-use/)(September 2022, Geoff Huston)
Wed, 27 Sep 2023 - 1h 05min - 48 - DASH sees a large route leak in Singapore
In june of this year, the Dashboard for AS Health or DASH, a service operated by APNIC saw a leak of approximately 260,000 BGP routes from a vantage point in Singapore, and sent alerts to around 90 subscribers to our routing mis-alignment notification service which is part of DASH.BGP is the state of announcements made and heard worldwide, calculated by every BGP speaker for themselves and although its globally connected and represents “the same” network, not everyone sees all things, as a result of filtering and configuration differences around the globe. BGP also should align with two external information systems, the older Internet Routing Registry (IRR) system which uses a notation called RPSL to represent routing policy data, including the “route” object, and Resource Public Key Infrastructure or RPKI, which represents the origin-AS (in BGP, who originates a given prefix) in a cryptographically signed objected called a ROA. The BGP prefix and origin (the route) should align with whats in an IRR route object and an RPKI ROA, but sometimes these disagree. Thats what DASH is designed to do: tell you when these three information sources fall out of alignment.I discussed this incident, and the APNIC Information Product family (DASH, a collaboration with RIPE NCC called NetOX, and the delegation statistics portal called REX) with Rafael Cintra (https://blog.apnic.net/author/rafaelcintra/), the product manager of these systems, and with Dave Phelan (https://blog.apnic.net/author/dave-phelan/) who works in the APNIC Academy and has a background in Network Routing Operations.You can find the APNIC Information products here: (note that the DASH service needs a MyAPNIC login to be used)* https://dash.apnic.net (https://dash.apnic.net/) the DASH portal login page (MyAPNIC resource login needed)* https://netox.apnic.net (https://netox.apnic.net/) NetOX the Network Observatory web service* https://rex.apnic.net (https://rex.apnic.net/) Resource Explorer: delegation statistics for the worldAnd you can read about the Information Products family in these blog articles:* New Alert Options for DASH (https://blog.apnic.net/2022/12/09/new-alert-options-for-dash/)* Routing Status added to DASH (https://blog.apnic.net/2022/06/27/routing-status-added-to-dash/)* Suspicious Traffic Alerts added to DASH (https://blog.apnic.net/2022/06/02/suspicious-traffic-alerts-released-to-dash/)* Using DASH to rank economies by suspicious traffic (https://blog.apnic.net/2021/04/09/using-dash-to-rank-economies-by-malicious-traffic/)* How DASH helps monitor Network Health (https://blog.apnic.net/2020/09/09/how-dash-helps-monitor-network-health/)* Worldwide REX (https://blog.apnic.net/2023/08/07/worldwide-rex/)* Introducing REX a new approach for the internet directory (https://blog.apnic.net/2021/10/08/introducing-rex-a-new-approach-for-the-internet-directory/)* Hands-On with APNIC’s NetOX (https://blog.apnic.net/2020/09/07/hands-on-with-apnics-netox/)
Wed, 13 Sep 2023 - 29min - 47 - The Chips are down: Moore's Law coming to an end.
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the coming future of VLSI with Moores law coming to an end. This was motivated by a key presentation made at the most recent ANRW session at IETF117, San Francisco.For over 5 decades we have been able to rely on an annual, latterly bi-annual doubling of speed called Moore's Law (https://en.wikipedia.org/wiki/Moore%27s_law), and halving of size of the technology inside a microchip: Very Large Scale Integration (VLSI), the basic building block of the modern age being the transistor.From it's beginnings off the back of the diode, replacing valves but still discrete components, to the modern reality of trillions of logic "gates" on a single chip, everything we have built in recent times which includes a computer, has been built under the model "it can only get cheaper next time round" -But for various reasons explored in this episode, that isn't true any more, and won't be true into the future.We're going to have to get used to the idea it isn't always faster, smaller, cheaper, and this will have an impact on how we design Networks, including details inside the protocol stack which go to processing complexity forwarding those packets along the path.A few times, Both Geoff and myself get our prefixes mixed up and may say millimeters for nanometers or even worse on air. We also confused the order of letters in the company Acronym TSMC -The Taiwan Semiconductor Manufacturing Company (https://en.wikipedia.org/wiki/TSMC).Read more about the end of Moore's law on APNIC Blog and the IETF:* Chipping Away at Moore's Law (https://blog.apnic.net/2023/08/17/chipping-away-at-moores-law/) (August 2023, Geoff Huston)* It’s the End of DRAM As We Know It (https://datatracker.ietf.org/meeting/117/materials/slides-117-anrw-sessa-keynote-its-the-end-of-dram-as-we-know-it-02) (July 2023, Philip Levis, IETF117 ANRW session)
Wed, 30 Aug 2023 - 57min - 46 - Here comes the sun(spots) — what are the real risks in solar storms?
In this episode of PING Jaap Akkerhuis (NLNet Labs) (https://www.internethalloffame.org/inductee/jaap-akkerhuis/), Ulrich Spiedel (University of Auckland) (https://blog.apnic.net/author/ulrich-speidel/) and Russ White (Juniper) (https://rule11.tech/about/) discuss the issues behind Sunspots, ionisation in the atmosphere and its effects on satellite communications and terrestrial infrastructure based on wires in the air: Power grids and data services.In two blogs Good day sunshine (https://blog.apnic.net/2023/05/15/good-day-sunshine/) and Solar Storms and the Internet (https://blog.apnic.net/2021/07/22/are-solar-storms-a-threat-to-the-internet/) we've highlighted the potential risks from increases in solar activity such as solar flares (https://en.wikipedia.org/wiki/Solar_flare) and the associated Coronal Mass Ejection or CME (https://en.wikipedia.org/wiki/Coronal_mass_ejection).Spectacular as the effects on earths atmosphere can be, The risk of these events is quite high, if things line up badly for us: It's possible for there to be compounding effects on Satellite systems orbit, their electrical components, their lifetime in orbit (due to repositioning costs burning fuel to cope with the event) as well as effects on land as the suspended wires in power grids and data communications act as antenna, and produce voltage "spikes" to attached equipment at the end, as well as along the path.However, as explored in this episode of PING the situation is often overblown by the news cycle, and it's more a story about being prepared with resilience in systems exposed to risk and understanding those risks.Read more about solar storms and their impact on infrastructure, satellite communications and space weather:* Good day, sunshine (https://blog.apnic.net/2023/05/15/good-day-sunshine/) (George Michaelson, May 2023)* Solar storms and the Internet (https://blog.apnic.net/2021/07/22/are-solar-storms-a-threat-to-the-internet/) (Ulrich Spiedel, July 2021)* APNIC Blog articles about Satellite Communications (https://blog.apnic.net/tag/satellites/)* The Space Weather website (https://www.spaceweather.gov/) (as mentioned by Jaap in the podcast)
Wed, 16 Aug 2023 - 45min - 45 - Content vs Carriage
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the eternal tension between content and carriage.At the RIPE 86 meeting held in Rotterdam in May of this year, Rudolf van der Berg (https://www.stratix.nl/ons-team/rudolf-van-der-berg/) presented a talk titled "The EU Gigabit Connectivity Package and How It Will Hurt the Internet" (https://ripe86.ripe.net/presentations/28-Presentatie-voor-RIPE86-Rudolf-van-der-Berg-.pdf)Geoff has looked at the tensions between content and carriage, Transit and CDNs, the economics of networks for decades, and a conversation about the problems has gone on for some time now, some of which repeats here, but with a new twist: some inside information from Vodafone about their underlying cost and price issues which perhaps undermine the basis of the complaint from the European operator community to the EU seeking regulation of the "cost" side of carrying the content domestic consumers seek.Read more about the economics of the Internet on the APNIC Blog:* RIPE 86 bites - Gigabits for EU (https://blog.apnic.net/2023/06/01/ripe-86-bites-gigabits-for-eu/) (June 2023, Geoff Huston on this RIPE86 presentation)* On Internet Centrality and Fragmentation (https://blog.apnic.net/2023/07/17/opinion-on-internet-centrality-and-fragmentation/) (July 2023, Geoff Huston)* The Internet as a Public Utility (https://blog.apnic.net/2023/05/08/the-internet-as-a-public-utility/) (May 2023, Geoff Huston)* An Economic Perspective on Internet Centrality (https://blog.apnic.net/2023/03/07/economic-perspective-on-internet-centrality/) (March 2023, Geoff Huston)* Sender Pays (https://blog.apnic.net/2022/09/09/sender-pays/) (September 2022, Geoff Huston)* Content Vs Carriage: Who Pays? (https://blog.apnic.net/2022/06/16/content-vs-carriage-who-pays/) (June 2022, Geoff Huston)Watch Rudolph Van Der Berg's talk at RIPE86 (https://ripe86.ripe.net/archives/video/1000), or read his slides (pdf) (https://ripe86.ripe.net/wp-content/uploads/presentations/28-Presentatie-voor-RIPE86-Rudolf-van-der-Berg-.pdf)
Wed, 02 Aug 2023 - 50min - 44 - Adding ZONEMD protections to the root zone
In this episode of PING, Verisign fellow Duane Wessels (https://blog.apnic.net/author/Duane-Wessels/) presents the ZONEMD resource record, defined in RFC8976 (https://www.rfc-editor.org/rfc/rfc8976.html).The “MD” in ZONEMD stands for “message digest” and this resource record (RR) is a checksum over the state of a zone, including all its records and the zone serial record (“start of authority” or SOA) which includes a serial number.This means that by fetching an entire zone, either in the DNS or “out of band” from an FTP or Web server or however you receive it, if it has the ZONEMD record you have a way to check that the entire zone, as it should be for that serial, is exactly what you have in-hand.ZONEMD is going to permit people who copy zones to serve them (locally, or more widely) now have a basis to trust the state of the zone before publishing it.Duane talks about the long lifetime of this idea with roots back into the 1990s, and the road to RFC8976 taken by the co-authors. A ZONEMD record with an un-testable signature will be placed in the root zone of the DNS in September of this year, and will become testable in December to allow time for the community to understand it’s behaviour.This podcast is accompanied by a repost of a Verisign blog Duane wrote recently which has just been republished here on the APNIC Blog: Adding ZONEMD protections to the root zone (https://blog.apnic.net/2023/07/18/adding-zonemd-protections-to-the-root-zone/)Read more about DNS, ZONEMD, and other blogs and podcasts by Duane on the APNIC Blog and elsewhere online:* The Root of the DNS revisited (https://blog.apnic.net/2023/02/08/the-root-of-the-dns-revisited/)(2023, Geoff Huston)* Notes from DNS OARC 38 (https://blog.apnic.net/2022/08/04/notes-from-dns-oarc-38/) (2022 APNIC Blog post by Geoff Huston)* Notes from DNS OARC 35 (https://blog.apnic.net/2021/05/25/notes-from-dns-oarc-35/) (2021 APNIC Blog post by Geoff Huston)* RFC8976 (https://www.rfc-editor.org/rfc/rfc8976.html) (2021 RFC D. Wessels, P. Barber – Verisign; M. Weinberg – Amazon; W. Kumari – Google; & W. Hardaker – USC/ISI)* [Podcast] A look back at notable root zone changes (https://blog.apnic.net/2023/05/24/podcast-a-look-back-at-notable-root-zone-changes/) (Duane Wessels on PING discusses 3 significant root zone changes over the last decade)
Wed, 19 Jul 2023 - 36min - 43 - About Time: The Swedish national secure time distribution initiative
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses how Sweden built a national time distribution system and the nature of time in the modern Internet.At the RIPE86 Meeting held in Rotterdam in May of this year, Karin Ahl, the CEO of Netnod (https://www.netnod.se/about-netnod/karin-ahl) presented a talk titled “How Sweden Built a World-Leading Time Network” (https://ripe86.ripe.net/presentations/16-Netnod_RIPE-86_v.2.pdf)A central problem in time distribution on the Internet is firstly the lack of security inside the Network Time Protocol (NTP), and secondly the sources and reliability of the time information. The first problem is solved by using the newer Network Time Security (NTS) protocol which adds TLS, and the second by investment in reliable and strategically placed time distribution servers, which is the basis of the Swedish national time initiative.Geoff attended the Netnod presentation and reflects on the complex and murky history of time, and the emergence of worldwide communities that coordinate both civil time (what the time of day is, in the world) and the nature of how time is measured (how a ‘second’ is defined, for example).Geoff discusses historic and current attempts to standardise time measurements (such as UT1 and UTC) — with their inherent compromises — against Earth’s revolutions and rotations around the Sun. These measurements have become increasingly critical to modern technology, such as GPS.Read more about NTP, NTS, and the time problem at the APNIC Blog and elsewhere online:* Watch Karin Ahl’s presentation (https://ripe86.ripe.net/archives/video/1002/) at RIPE86 Rotterdam* RIPE 86 bites — what’s the time? (https://blog.apnic.net/2023/06/02/ripe-86-bites-whats-the-time/) (2023 Geoff Huston’s APNIC Blog write-up on the issues)* Network Time Security: new NTP authentication mechanism (https://blog.apnic.net/2019/11/08/network-time-security-new-ntp-authentication-mechanism/) (2021 APNIC Blog by Martin Langer)* How do you know what time it is? (https://blog.apnic.net/2020/04/28/how-do-you-know-what-time-it-is/) (2020 APNIC Blog by Patrik Fälström)* Putting a stop to Internet Time Shifters (https://blog.apnic.net/2019/07/18/putting-a-stop-to-internet-time-shifters/) (2019 APNIC Blog by Neta Rosen Schiff)* Is the Internet Running Late? (https://blog.apnic.net/2018/11/28/is-the-internet-running-late/) (2018 APNIC Blog by Geoff Huston)* Steve Allan blogs on time (https://www.ucolick.org/~sla/leapsecs/dutc.html) (background reading)* Tony Finch blogs on time (https://dotat.at/@/2022-12-04-leap-seconds.html) (background reading)The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 05 Jul 2023 - 1h 16min - 42 - Measuring Ourselves: How the IETF performs at producing documents
In this episode of PING, Christian Huitema (https://en.wikipedia.org/wiki/Christian_Huitema) discusses how looking into the IETF data tracker allowed him to assess "how well we are doing" at document production.As the IETF has grown, and as the process of developing standards has got more complex its understandable it takes a bit longer to produce a viable RFC but some questions have been made about exactly where in process the delays come from. Are we really doing better or worse than we used to? and, why might that be? Christian took an interesting approach to the problem, using a random sample of 20 documents from 2018 (initially) and a hand method of collating the issues, and then applied the same methodology back into 2008 and 1998. His approach to measurement was rigorous and careful, separating his own opinions from the underlying data to aide reproducibility.Christian has a long history of network development and research, with experience in industry, and in the french national computing research institute "INRIA" before joining Bell Communications Research, and Microsoft. He worked on OSI systems, X.500 directories, Satellite communications, and latterly the IPv6 stack including the "Tededo" transition technology, the H/D ratio used in determining IPv6 allocations and assignments in the RIR model, and the QUIC transport layer protocol.The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 21 Jun 2023 - 55min - 41 - Failed Expectations: 40 years of network history
In this episode of PING, APNIC’s Chief Scientist Geoff Huston (https://blog.apnic.net/author/Geoff-Huston/) discusses the major themes from his recent blog on “Failed Expectations” (https://blog.apnic.net/2023/05/24/failed-expectations/)In a trip down memory lane, the podcast ranges over the 40 year plus history of how we came to have the current Internet as we know it, and some of the “road not taken” alternates which were under consideration at the time. In this context. “Failed” doesn’t have to mean “failed to work” -it can mean the technology simply wasn’t chosen, or it can be the “failure” to turn off something which was believed to be at best temporary!In part, the story of IPv6 deployment is part of this mismatch of expectations and reality, because nobody sought the outcome we’re now living through, of a 20 plus year transition from 32 bit addresses to a world of 128 bit addressing. IPv6 was designed with an eye to the needs of addressing at scale, but the emergence of a transfer model, and continued improvement in NAT (and deployment of Carrier-grade NAT or CGN) at scale, worldwide has perpetuated a 32 bit address and routing world. IPv4 Internet is the “little network which could” and refuses to go away quietly.The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 07 Jun 2023 - 1h 11min - 40 - A Look Back at Notable Root Zone Changes
In this episode of PING, Verisign Fellow Duane Wessels discusses notable changes in the DNS root zone over the last 13 years.Duane joined Verisign in the early stages of DNSSEC deployment and has conducted measurements of DNS for many years, in his measurement factory days, and in DNS OARC as well as inside Verisign. The significant changes to the DNS root zone, and it's implications for the root zone operators are discussed: Deploying DNSSEC, the first DNSSEC KSK key changes, the increase in packet sizes with RSA keylength changes, and the future KSK and ZSK algorithm changesRead more about DNS and DNSSEC on the APNIC Blog.Here's some articles from the blog which discuss the issues:* The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 24 May 2023 - 43min - 39 - How much buffer is enough?
In this episode of PING, APNIC's Chief Scientist Geoff Huston discusses the question of buffers, flow control and 'efficient' use of a network link.How do we maximise the use of a given network path, without knowing everything about its size along the way? It turns out, the story isn't as simple as "more is better" because sometimes, adding more memory to the system adds delay. Modern TCP's flow control algorithms are being modified to react to delay as well as loss, and become more efficient at occupying the available space. At the same time bit-marks inside the IP packet are modifying how end hosts can react to signals of congestion along the path. Are these two mechanisms in conflict? how do they stack up, and achieve critical mass in deployment?Read more about TCP (https://blog.apnic.net/tag/TCP) and f (https://blog.apnic.net/tag/satellites/)low control on the APNIC Blog.Here's some articles from the blog which discuss the issues:* Comparing TCP and QUIC (https://blog.apnic.net/2022/11/03/comparing-tcp-and-quic/) (Geoff Huston) (https://blog.apnic.net/author/geoff-huston/)* Does TCP keep pace with QUIC? (https://blog.apnic.net/2019/09/25/does-tcp-keep-up-the-pace-against-quic/) (Konrad Wolsing (https://blog.apnic.net/author/konrad-wolsing/))* TCP Congestion Signatures (https://blog.apnic.net/2018/01/25/tcp-congestion-signatures/) (Srikanth Sundaresan (https://blog.apnic.net/author/srikanth-sundaresan/))* Striking a balance between bufferbloat and TCP queue oscillation (Ulrich Speidel (https://blog.apnic.net/author/ulrich-speidel/))* TCP initial window configurations in the wild (https://blog.apnic.net/2018/01/15/tcp-initial-window-configurations-wild/) (Jan Rüth (https://blog.apnic.net/author/jan-ruth/))* Underload: The future of congestion control (https://blog.apnic.net/2022/09/22/underload-the-future-of-congestion-control/) (Safiqul Islam (https://blog.apnic.net/author/safiqul-islam/))* Beyond bufferbloat: End-to-end congestion control cannot avoid latency spikes (https://blog.apnic.net/2022/01/26/beyond-bufferbloat-end-to-end-congestion-control-cannot-avoid-latency-spikes/) (Bjørn Teigen (https://blog.apnic.net/author/bjorn-ivar-teigen/))* Congestion Control at IETF 110 (https://blog.apnic.net/2021/03/30/congestion-control-at-ietf-110/) (Geoff Huston (https://blog.apnic.net/author/geoff-huston/))The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 10 May 2023 - 1h 05min - 38 - Network Dependency measurement at IIJ
In this episode of PING, Dr Romain Fontugne, the deputy director of research at IIJ Labs in Tokyo discusses the IIJ "Internet Health Report" and AS Hegemony (or network centrality) in particular.This is a data model they have been working on for some time (6 years now) which exposes dependencies between ASs in BGP, both directly (as in customer-cone) and indirectly through transitive dependencies. It's a fascinating insight into how BGP dependencies can be seen through the state of the routing table worldwide, and how IIJ are helping BGP speakers understand the dependencies in the transit paths they use. It's also a fertile space for student engagement with google summer of code opportunities.You can read more about AS Hegemony on the APNIC blog, as well as other posts Romain has made reflecting IIJ's research.* AS hegemony: measuring AS interdependence (https://blog.apnic.net/2018/05/30/as-hegemony-measuring-as-interdependence/) (2018)* BGP zombies (https://blog.apnic.net/2019/05/01/bgp-zombies/) (2019)* The impact of COVID-19 on last-mile latency (https://blog.apnic.net/2020/12/11/the-impact-of-covid-19-on-last-mile-latency/) (2020)IIJ's Internet Health Report (IHR) is reachable at http://ihr.iijlab.net (http://ihr.iijlab.net/)
Wed, 26 Apr 2023 - 50min - 37 - But wait - there's more: The rise (and possible fall) of LEO
In this episode of PING, APNIC's Chief Scientist Geoff Huston discusses Low Earth Orbit (LEO) satellite communications and the amazing effects they are having on internet reach worldwide.Read more about the issues in LEO (https://blog.apnic.net/tag/leo/) and satellite communications (https://blog.apnic.net/tag/satellites/) on the APNIC Blog.Here's some recent articles of note:* Getting hands-on experience with Starlink (https://blog.apnic.net/2023/03/16/getting-hands-on-experience-with-starlink/) (Ulrich Speidel (https://blog.apnic.net/author/ulrich-speidel/))* Everything, everywhere, all the time (for the internet at least) (https://blog.apnic.net/2023/03/31/everything-everywhere-all-the-time/) (George Michaelson (https://blog.apnic.net/author/ggm/))* The APRICOT Panel discussing satellite broadband in the Asia Pacific region (https://blog.apnic.net/2023/03/01/panel-discusses-satellite-broadband-in-the-asia-pacific-region-at-apricot-2023/) (Geoff Huston, Dan York, Debopam Batterchee, Ulrich Speidel, Mike Puchol)* How does starlink compare to broadband (https://blog.apnic.net/2022/12/06/how-does-starlink-compare-to-broadband/) (Mohamed Kassem (https://blog.apnic.net/author/mohamed-kassem/) in 2022)* Fact checking Starlink’s performance figures (https://blog.apnic.net/2022/11/28/fact-checking-starlinks-performance-figures/)(Martino Trevisan (https://blog.apnic.net/author/martino-trevisan/) in 2022)The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 12 Apr 2023 - 00min - 36 - Reverse Traceroute: It's just traceroute, but the other direction
In this episode of PING, Dr Rolf Winter (https://blog.apnic.net/author/rolf-winters/), the Professor of Data Communications at Augsburg University of Applied Sciences (https://www.hs-augsburg.de/en/) discusses his work on ‘reverse traceroute’, which is an approach to using the well-known traceroute (https://en.wikipedia.org/wiki/Traceroute) mechanism but driven from the other end.The inherent problem with traceroute and its related diagnostics is that it only informs you about the path outwards from your address to the other end.Reverse traceroute is an attempt to ‘mechanize’ the reverse path information, using proposed new codepoints in the Internet Control Message Protocol (ICMP). Rolf discusses this approach and some of the logistical issues with attempting to modify an established protocol like ICMP, and measurements of the acceptability of proposed new codepoints in the wild.Read more about Professor Winter’s work on the APNIC Blog:* Troubleshooting ‘the other half’ (https://blog.apnic.net/2023/03/01/troubleshooting-the-other-half/)* Watch his presentation at DENOG 14 (https://www.youtube.com/watch?v=Y7NtqLEtgjU)* Visit his GitHub code repository (https://github.com/HSAnet/reverse-traceroute/)
Wed, 29 Mar 2023 - 39min - 35 - DNSSEC: The case for and against
In this episode of PING, APNIC's Chief Scientist Geoff Huston discusses DNSSEC and presents a case "for" and "against" deployment, in the context of complexity, fragility, and impact on the DNS process at large. DNSSEC is net beneficial but its by no means automatic to deploy it protecting a zone.Read more about the issues in DNSSEC deployment on the APNIC Blog:* to DNSSEC or not? (https://blog.apnic.net/2023/02/20/opinion-to-dnssec-or-not/) (Geoff Huston (https://blog.apnic.net/author/geoff-huston/))* IP Fragmentation and the DNS - Mitigation (https://blog.apnic.net/2022/12/13/ip-fragmentation-and-the-dns-mitigation/) (Carsten Strotmann (https://blog.apnic.net/author/carsten-strotmann/)) (https://blog.apnic.net/author/carsten-strotmann/)* DNSSEC Validation - Performance Killer (https://blog.apnic.net/2022/08/22/dnssec-validation-performance-killer/) (Petr Špaček (https://blog.apnic.net/author/petr-spacek/))* [Podcast] DNS spoofing is a non-issue if we all do DNSSEC (https://blog.apnic.net/2022/08/18/podcast-dns-spoofing-is-a-non-issue-if-we-all-do-dnssec/) (Geoff Huston (https://blog.apnic.net/author/geoff-huston/))* Addressing the challenges of modern DNS (https://blog.apnic.net/2022/07/29/addressing-the-challenges-of-modern-dns/) (Moritz Müller (https://blog.apnic.net/author/moritz-muller/))And for Geoff's continuing measurement of DNSSEC see https://stats.labs.apnic.net/dnssec for his daily updated measurements of DNSSEC validation.The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 15 Mar 2023 - 1h 04min - 34 - Measuring User Experience on the Web at APNIC
In this episode of PING, Andre Geldeblom from APNIC product development (https://blog.apnic.net/author/andregelderblom/)discusses how APNIC is measuring user experience, satisfaction and engagement with the "Orbit" (https://orbit.apnic.net/news-feed/)system we deployed to provide web services integrated with email.Andre discusses the different motivations and mechanisms we're using at APNIC to understand "UX" and how this integrates in our planning to deliver "value for money" to the APNIC community.Read about the different motivations and mechanisms we’re using at APNIC to understand “UX” and how this integrates in our planning to deliver “value for money” to the APNIC community.* Upcoming changes to MyAPNIC (Andre, October 2022) (https://blog.apnic.net/2022/10/14/upcoming-changes-to-myapnic/)* how APNIC is implementing your feedback (Dale, September 2022) (https://blog.apnic.net/2022/09/09/how-apnic-is-implementing-your-feedback/)* Improving Accessibility at APNIC (Dale, August 2021) (https://blog.apnic.net/2021/08/18/improving-accessibility-at-apnic/)* APNIC help centre now live (Andre, February 2021) (https://blog.apnic.net/2021/02/16/apnic-help-centre-now-live/)* Help APNIC create better products and services (Dale, September 2020) (https://blog.apnic.net/2020/09/08/help-apnic-create-better-products-and-services/)The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 01 Mar 2023 - 34min - 33 - What's happening with growth in BGP?
In this episode of PING, APNIC's Chief Scientist Geoff Huston discusses the current situation in BGP across IPv4 and IPv6. Historically. we've met the "running out of memory" problem with incremental upgrades but things have now come to a place where "simply adding more memory" may not be the answer, and the dynamics of BGP growth appear to have changed. Geoff explores the changing surface of the BGP default-free zone, and what it means for routing technology and the ISPRead more about the APNIC Labs analysis of BGP on the APNIC Blog:* BGP in 2022 - The Routing Table (bgp-in-2022-the-routing-table/)* BGP in 2022 - BGP Updates (https://blog.apnic.net/2023/01/11/bgp-in-2022-bgp-updates/)* IP Addressing through 2022 (https://blog.apnic.net/2023/01/23/ip-addressing-through-2022/)And for Geoff's continuing measurement of BGP see bgp.potaroo.net (https://bgp.potaroo.net/) for his daily updated history of BGP from 1994.The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 15 Feb 2023 - 45min - 32 - Is my Internet Down?
In this episode of PING, Ege Cem Kirci from ETH Zurich discusses his IMC paper on users perceptions of internet outages, measured using Google Trends. This was presented at the IMC conference held in NIce, France in October 2022.Ege and his co-authors have been exploring the relationship of Internet outages, (for example caused by weather events) and the information in google trends, with a mechanism to combine snapshots of data by time period which auto-scale, to a single unified time series. In their IMC talk they presented SIFT, a detection and analysis tool for capturing user-affecting Internet outages. SIFT leverages users' aggregated web search activity to detect outages.Watch Ege's presentation :* "Is my Internet down?": Sifting through User-Affecting Outages with Google TrendsThe views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 01 Feb 2023 - 43min - 31 - Measuring Centrality in the DNS
In this episode of PING, APNIC's Chief Scientist Geoff Huston explores how APNIC Labs has been able to look inside behaviour in the DNS, to see signs of the "centrality" problem: How much concentration of delivery of service is there, across different market segments of users, and between the supply side (name serving as an authority) and and request side (recursive resolvers)Read more about the APNIC Labs measurement of DNS:* Looking at Centrality in the DNS (looking-at-centrality-in-the-dns)The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 18 Jan 2023 - 1h 17min - 30 - Journeying into XDP: Cardinality and Keys
In this episode of PING, Luuk Hendricks and Willem Toorop from NLNet talk about their work to embed telemetry in the linux kernel using eXpress Data Path (XDP)Read more about XDP in a series of articles published in the APNIC blog:* Journeying into XDP: Part 0* Journeying into XDP: Augmenting the DNS* Journeying into XDP: Fully-fledged DNS service augmentation* Journeying into XDP: Augmenting the DNSand their blog covering this episode of Ping:* Journeying into XDP: XDPerimenting with DNS telemetryThe views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 21 Dec 2022 - 44min - 29 - A brief dip into DNS OARC 39
In this episode of PING, APNIC's Chief Scientist Geoff Huston talks through some of the presentations he saw (and gave) at the recent DNS OARC 39 meeting held in Belgrade.Read more about DNS OARC and the presentations mentioned:* DNS OARC (https://www.dns-oarc.net)* Casey Deccio's presentation on DITL data and vulnerabilities (https://indico.dns-oarc.net/event/44/contributions/956/attachments/922/1697/2022-10-22-resolversec-oarc.pdf)* Geoff Huston's presentation on resolverless DNS (https://indico.dns-oarc.net/event/44/contributions/951/attachments/914/1672/2022-10-22-resolverless-oarc39.pdf)* David Lawrence's presentation on the registrar API problem (https://indico.dns-oarc.net/event/44/contributions/952/attachments/926/1695/UI%2C%20UX%2C%20and%20the%20Registry_Registrar%20Landscape%20with%20notes.pdf)All of the DNS OARC 39 Speakers and their presentations (https://indico.dns-oarc.net/event/44/contributions/speakers)can also be seen online now.The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 07 Dec 2022 - 59min - 28 - COLIBRI: Brokering bandwidth across the path in SCION
In this episode of PING, Juan Garcia Pardo from ETH Zurich discusses the Cooperative Lightweight Inter-domain Bandwidth-Reservation Infrastructure (COLIBRI) project for the SCION network, last discussed in episode 18 of PING.Juan explores the motivations for setting up a bandwidth reservation framework, and how it might be used in practice.Read more about COLIBRI and SCION:* The SCION network architecture (https://www.scion-architecture.net/)* The SCION Inter-domain Routing Architecture. From research to deployment (https://conference.apnic.net/54/assets/files/APSG129/scionapnic22_1663125162.pdf) (APNIC54 presentation by Nicola Rustignoli)* [Podcast] Taking a clean slate to designing the Internet of the future (https://blog.apnic.net/2022/07/07/podcast-taking-a-clean-slate-to-designing-the-internet-of-the-future/) (Ping Episode 18, a podcast with Nicola Rustignoli)* Can we provide SLOs in an open Internet in a scalable manner? (https://blog.apnic.net/2022/04/15/can-we-provide-slos-in-an-open-internet-in-a-scalable-manner/) (Giacomo Giuliari)* A new Internet architecture (https://blog.apnic.net/2021/10/05/a-new-internet-architecture/) (Nicola Rustignoli)* Future Internet at terabit speeds: SCION in P4 (https://blog.apnic.net/2021/06/14/future-internet-at-terabit-speeds-scion-in-p4/) (Caspar Schutijse)The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Wed, 23 Nov 2022 - 38min
Podcasts similaires à PING
- Global News Podcast BBC World Service
- El Partidazo de COPE COPE
- Herrera en COPE COPE
- The Dan Bongino Show Cumulus Podcast Network | Dan Bongino
- Es la Mañana de Federico esRadio
- La Noche de Dieter esRadio
- Hondelatte Raconte - Christophe Hondelatte Europe 1
- Affaires sensibles France Inter
- La rosa de los vientos OndaCero
- Más de uno OndaCero
- La Zanzara Radio 24
- Espacio en blanco Radio Nacional
- Les Grosses Têtes RTL
- L'Heure Du Crime RTL
- El Larguero SER Podcast
- Nadie Sabe Nada SER Podcast
- SER Historia SER Podcast
- Todo Concostrina SER Podcast
- 安住紳一郎の日曜天国 TBS RADIO
- TED Talks Daily TED
- The Tucker Carlson Show Tucker Carlson Network
- 辛坊治郎 ズーム そこまで言うか! ニッポン放送
- 飯田浩司のOK! Cozy up! Podcast ニッポン放送
- 武田鉄矢・今朝の三枚おろし 文化放送PodcastQR