Vantage Points in the Internet 35 3.1 Overview and Facets of Vantage Points

Total Page:16

File Type:pdf, Size:1020Kb

Vantage Points in the Internet 35 3.1 Overview and Facets of Vantage Points TECHNISCHE UNIVERSITÄT BERLIN FAKULTÄT FÜR ELEKTROTECHNIK UND INFORMATIK LEHRSTUHL FÜR INTELLIGENTE NETZE UND MANAGEMENT VERTEILTER SYSTEME Understanding Benefits of Different Vantage Points in Today’s Internet vorgelegt von Jan Böttger (M.Sc.) geb. in Berlin Fakultät IV – Elektrotechnik und Informatik der Technischen Universität Berlin zur Erlangung des akademischen Grades –DOKTOR DER INGENIEURWISSENSCHAFTEN (DR.-ING.) – genehmigte Dissertation Promotionsausschuss: Vorsitzender Prof. Dr. Axel Küpper, Technische Universität Berlin Gutachterin: Prof. Anja Feldmann, Ph.D., Technische Universität Berlin Gutachter: Dr. Walter Willinger, NIKSUN (USA) Gutachter: Prof. Dr. Odej Kao, Technische Universität Berlin Gutachter: Prof. Dr. Jean-Pierre Seifert, Technische Universität Berlin Tag der wissenschaftlichen Aussprache: 24.10.2016 Berlin 2017 Eidesstattliche Erklärung Ich versichere an Eides statt, dass ich diese Dissertation selbständig verfasst und nur die angegebe- nen Quellen und Hilfsmittel verwendet habe. Datum Jan Böttger (M.Sc.) 3 Abstract Measuring the Internet is indispensable to a better understanding of its current state and trends, but obtaining measurements is difficult both qualitatively and quantitatively. The challenges of “Internet Measurement” are manifold due to the nature of the beast, namely its complexity, dis- tribution, and constant change. The Internet grows continuously and since it consists of many interdependent autonomous systems, there is no ground truth regarding how it looks – not even retrospectively. Nonetheless, we rely on a fundamental understanding of its state and dynamics to approach a solution. Since it is impractical to understand such complex systems at once – research on complex systems is older than the Internet itself – in this study we focus on a better under- standing of the key players on the Internet by measuring Internet service providers (ISPs), Internet exchange points (IXPs), and systems running the Internet, such as routing, packet exchange, and the Domain Name System (DNS). We describe our methodology of passively measuring large amounts of network traffic data at dif- ferent vantage points, and discuss the challenges, solutions, and best practices that we experienced in the course of our work. Our measurements require an understanding of the vantage points in terms of their characteristics, the systems we measure, and the data we obtain. In the course of the work, we do not exclusively rely on passive data collection and its analysis. Instead, combin- ing our active and passive measurements helps us to improve the understanding of the data in the domain of Internet network operation. Our primary findings regard the role of IXPs in the current Internet ecosystem. We find that IXPs are understudied compared to their importance as hubs for exchanging Internet traffic, some of them handling traffic volumes comparable to major ISPs. We identify and describe different models of IXPs’ operation specific to marketplaces, namely Europe and North America. We make use of different kinds of publicly available data and proprietary data collection of Internet traffic to which we have been granted access. Our measurement results show that the Internet peering complexity is higher than anticipated in previous publications, and that IXPs are the key to this unexpected complexity. This highlights the importance of IXPs and the role they play in today’s Internet ecosystem. To further improve our understanding of global players’ operation in the Internet, we use a DNS protocol extension (EDNS0) to reveal the mapping of users to servers for one of the early adopters of this extension. The elegance of this particular measurement is in its ability to run a global crawl from a single vantage point without the need to access proprietary data or a significant amount of infrastructure. We find it useful to examine both dominant and emerging Internet components to gain a better understanding of how the Internet changes and how it is used. It is critical to measure the Internet’s driving forces, but this is a difficult task and comes with technical and legal restrictions. In order to make the best use of the data we have, it is possible and practical to combine measurement methods. As the Internet evolves constantly and rapidly, the quest to understand becomes more 5 challenging by the hour. However, even without access to private data it is possible to find exciting details regarding how this large system is operated. 6 Zusammenfassung Um den Zustand und die Entwicklung des Internets einzuschätzen, bedarf es Messungen, die er- hebliche Herausforderungen bezüglich Qualität und Quantität darstellen. Die Hauptproblematik liegt in den Komponenten, die das Internet erst erfolgreich machten: Komplexität, Verteilung, Wachstum und ständige Weiterentwicklung. Aufgrund seiner Partitionierung in unabhängige ko- operierende Autonome Systeme, ist es nicht möglich den Ist-Zustand dieses verteilten Systems zu irgendeinem Zeitpunkt festzustellen oder im Nachhinein zu rekonstruieren. Für eine sinnvolle Weiterentwicklung des Internets ist es jedoch unabdingbar, die treibenden Kräfte des Internets zu verstehen. Wir konzentrieren uns auf die großen Hauptakteure, Internet Service Provider (ISPs) und Internet Exchange Points (IXPs), sowie auf einige der Kerntechnologien des Internet, bei- spielsweise Routing, Paketvermittlung und DNS. Wir legen unsere Methodik der passiven Datengewinnung an verschiedenen strategischen Mess- punkten dar, arbeiten die wichtigsten Herausforderungen (und Lösungen) heraus und beschreiben unsere Verfahrensweisen. Die Arbeit erfordert ein exaktes Verständnis der Messpunkte, der ge- messenen Systeme, der Messsysteme und der Daten. Im Verlauf der Arbeit beschränken wir uns nicht ausschließlich auf passive Messungen, sondern kombinieren passive und aktive Messungen. Damit gewinnen wir ein besseres Verständnis über Funktion, Prozesse und Betrieb des Internets. Die Hauptergebnisse liegen in den Erkenntnissen über Internet Exchange Points, die, gemessen an ihrer Bedeutung und Funktion im Internet, bislang nicht ausreichend erforscht wurden. Einige der großen IXPs bewegen täglich Datenvolumen, die denen der großen Internet Service Provider entsprechen. Wir stellen die verschiedenen Betriebsarten von IXPs heraus, die sich geografisch stark unterscheiden – namentlich in Europa und Nordamerika. Für die Erkenntnisse nutzen wir einerseits öffentlich zugängliche Daten und andererseits eigene Messungen, die uns im Rahmen von Forschungskooperationen möglich gemacht wurden und die selbst nicht-öffentlich sind. Die Ergebnisse zeigen, dass die Peering-Komplexität signifikant höher ist als bislang angenommen und dass IXPs dafür verantwortlich sind. Ebenso bedeutsam ist der Einblick in die Art und Weise wie Route-Server funktionieren und zu einer besseren Skalierbarkeit mit vielen Peering-Parteien beitragen. Diese Skalierbarkeit kommt jedoch auf Kosten von Sichtbarkeit. Um ein besseres Verständnis einiger Hauptakteure im Internet zu gewinnen, benutzen wir eine Erweiterung des DNS-Protokolls, EDNS0. Wir identifizieren die Zuordnung von Nutzer-IPs zu Servern für einen bestimmten Inhalteanbieter (Content Provider) auf globaler Ebene. Die Eleganz des Verfahrens liegt in der Zugänglichkeit der Information, deren Gewinnung keine proprietären Daten oder eine dedizierte Infrastruktur zur Messung voraussetzt. 7 Publications Pre-published Papers Parts of this thesis are based on the following peer-reviewed papers that have been published or have been accepted for publication already. The thesis includes the author’s versions of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in ACM conferences. International Conferences N. Chatzis, G. Smaragdakis, J. Böttger, T. Krenc, A. Feldmann, On the Benefits of Using a Large IXP as an Internet Vantage Point, Internet Measurement Conference 2013, Barcelona [65]. http://doi.org/10.1145/2504730.2504746 F. Streibelt, J. Böttger, G. Smaragdakis, N. Chatzis, A. Feldmann, Exploring EDNS-Client-Subnet Adopters in your Free Time, Internet Measurement Conference 2013, Barcelona [146]. http://doi.org/10.1145/2504730.2504767 P. Richter, G.Smaragdakis, N.Chatzis, J.Böttger, A. Feldmann, W. Willinger, Peering at Peerings: On the Role of IXP Route Servers, Internet Measurement Conference 2014, Vancouver [136]. http://doi.org/10.1145/2663716.2663757 9 Contents 1 Introduction 15 1.1 Challenges . 15 1.2 Internet Players and Network Topology . 17 1.3 Contributions . 20 1.4 Structure of this Thesis . 22 2 Background 25 2.1 Active and Passive Measurements . 25 2.2 Legal Implications . 28 2.3 Data Sources . 28 2.4 Supplementary Information . 30 2.5 Data Formats for Representation of Network Traffic . 31 2.6 EDNS-Client-Subnet DNS Extension . 32 2.6.1 EDNS Protocol Specification . 33 2.6.2 Challenges in Enabling ECS . 33 3 Vantage Points in the Internet 35 3.1 Overview and Facets of Vantage Points . 36 3.1.1 Internet Traffic and Communication Models . 37 3.1.2 Measurement Data . 44 3.2 Internet Exchange Points . 46 3.2.1 IXP 101 . 46 3.2.2 Under the Surface . 52 3.2.3 Surprised by the Obvious . 54 3.2.4 Non-profit Matches Profit . 55 3.2.5 Challenges and Opportunities . 56 3.3 Internet Service Providers . 58 3.3.1 Description . 58 3.3.2 Typical Services . 59 3.3.3 Information Availability . 61 3.3.4 Layout of an ISP Eye-ball Network . 62 3.3.5 Data . 62 3.3.6 Measurement Opportunities . 63 3.3.7 Challenges and Limitations . 64 3.3.8 Scope of the ISP Vantage
Recommended publications
  • ECE 435 – Network Engineering Lecture 15
    ECE 435 { Network Engineering Lecture 15 Vince Weaver http://web.eece.maine.edu/~vweaver [email protected] 25 March 2021 Announcements • Note, this lecture has no video recorded due to problems with UMaine zoom authentication at class start time • HW#6 graded • Don't forget HW#7 • Project Topics due 1 RFC791 Post-it-Note Internet Protocol Datagram RFC791 Source Destination If other than version 4, Version attach form RFC 2460. Type of Service Precedence high reliability Routine Fragmentation Offset high throughput Priority Transport layer use only low delay Immediate Flash more to follow Protocol Flash Override do not fragment CRITIC/ECP this bit intentionally left blank TCP Internetwork Control UDP Network Control Other _________ Identifier _______________________ Length Header Length Data Print legibly and press hard. You are making up to 255 copies. _________________________________________________ _________________________________________________ _________________________________________________ Time to Live Options _________________________________________________ Do not write _________________________________________________ in this space. _________________________________________________ _________________________________________________ Header Checksum _________________________________________________ _________________________________________________ for more info, check IPv4 specifications at http://www.ietf.org/rfc/rfc0791.txt 2 HW#6 Review • Header: 0x000e: 4500 = version(4), header length(5)=20 bytes ToS=0 0x0010: 0038 = packet length (56 bytes) 0x0012: 572a = identifier 0x0014: 4000 = fragment 0100 0000 0000 0000 = do not fragment, offset 0 0x0016: 40 = TTL = 64 0x0017: 06 = Upper layer protocol (6=TCP) 0x0018: 69cc = checksum 0x001a: c0a80833 = source IP 192.168.8.51 0x001e: 826f2e7f = dest IP 130.111.46.127 • Valid IPs 3 ◦ 123.267.67.44 = N ◦ 8.8.8.8 = Y ◦ 3232237569 = 192.168.8.1 ◦ 0xc0a80801 = 192.168.8.1 • A class-A allocation is roughly 224=232 which is 0.39% • 192.168.13.0/24.
    [Show full text]
  • Směrovací Démon BIRD
    Směrovací démon BIRD CZ.NIC z. s. p. o. Ondřej Filip / [email protected] 8. 6. 2010 – IT10 1 Směrování a forwarding ● Router - zařízení připojené k více sítím ● Umí přeposlat „cizí“ zprávu - forwarding ● Cestu pozná podle směrovací (routovací) tabulky ● Sestavování routovací tabulky – routing – Statické – Dynamické ● Interní - uvnitř AS rychlé, důvěřivé, přesné – RIP, OSPF ● Externí (mezi AS, pomalé, filtering, přibližné – pouze BGP 2 Rozdělení směrovacích protokolů AS 2 RIP BGP AS 1 OSPF BGP BGP AS 3 3 static Směrovací démon ● Na Linuxu (a ostatních UNIXech) – uživatelská aplikace mimo jádro, forwarding v jádře ● Obvykle implementuje více směrovacích protokolů ● Směrovací politika - filtrování ● Quagga (Zebra) – Cisco syntax http://www.quagga.net ● OpenBGPd - http://www.openbgpd.org ● GateD – zastaralý, ne volná licence ● BIRD 4 Historie projektu ● Start projektu v roce 1999 ● Seminární projekt – MFF UK Praha ● Projekt uspán ● Drobné probuzeni v letech 2003 a 2006 (CESNET) ● Plně obnoveno na přelomu 2008/2009 v rámci Laboratoří CZ.NIC - http://labs.nic.cz 5 Cíle projektu ● Opensource směrovací démon – alternativa k tehdejšímu démonu Quagga/Zebra (GateD) ● Rychlý a efektivní ● Portabilní, modulární ● Podpora současných směrovacích protokolů ● IPv6 a IPv4 v jednom zdrojovém kódu (dvojí překlad) ● Snadná konfigurace a rekonfigurace (!) ● Silný filtrovací jazyk 6 Vlastnosti ● Portabilní – Linux, FreeBSD, NetBSD, OpenBSD ● Podpora IPv4 i IPv6 ● Static, RIP, OSPF, BGP - Route reflektor, Směrovací server (Route server) ASN32 (ASPLAIN), MD5
    [Show full text]
  • BIRD's Flight from Lisbon to Prague
    BIRD's flight from Lisbon to Prague CZ.NIC Ondrej Filip / [email protected] With help of Wolfgang Hennerbichler May 6, 2009 – RIPE 60 / Prague 1 Features ● GPL implementation of RIP, BGP, OSPF ● BGP – ASN32, MD5, route server, ... ● IPv4, IPv6 ● Highly flexible – Multiple routing tables - RIBs (internal and also synchronization with OS) ● Protocol PIPE - multiple routers, route reflectors ● Powerful configuration & filtering language ● Automatic reconfiguration ● Currently developed by CZ.NIC Labs 2 Design 3 Filters example define myas = 47200; function bgp_out(int peeras) { if ! (source = RTS_BGP ) then return false; if (0,peeras) ~ bgp_community then return false; if (myas,peeras) ~ bgp_community then return true; if (0, myas) ~ bgp_community then return false; return true; } protocol bgp R25192x1 { local as myas; neighbor 194.50.100.13 as 25192; import where bgp_in(25192); export where bgp_out(25192); rs client; } 4 Filters example function avoid_martians() prefix set martians; { martians = [ 169.254.0.0/16+, 172.16.0.0/12+, 192.168.0.0/16+, 10.0.0.0/8+, 224.0.0.0/4+, 240.0.0.0/4+, 0.0.0.0/32-, 0.0.0.0/0{25,32}, 0.0.0.0/0{0,7} ]; # Avoid RFC1918 networks if net ~ martians then return false; return true; } 5 define myas = 47200; function bgp_out(int peeras) { if ! (source = RTS_BGP ) then return false; if (0,peeras) ~ bgp_community then return false; if (myas,peeras) ~ bgp_community then return true; if (0, myas) ~ bgp_community then return false; return true; } protocol bgp R25192x1 { local as myas; neighbor 194.50.100.13 as 25192;
    [Show full text]
  • Internet Exchange Points 2014 Report Contents
    Internet Exchange Points 2014 Report Contents 1. Introduction ................................................................................................................................................................ 3 1.1 Foreword ...................................................................................................................................................................... 3 1.2 Notes on this report .................................................................................................................................................... 3 1.3 Internet Exchange Point (IXP) ..................................................................................................................................... 3 2. About Euro-IX ............................................................................................................................................................. 4 2.1 List of Euro-IX Standard Members in 2014 ................................................................................................................. 5 2.2 List of Euro-IX Associate Members in 2014................................................................................................................. 6 2.3 List of Euro-IX Remote Members (Europe) .................................................................................................................. 6 2.4 List of Euro-IX Remote Members (outside of Europe) ................................................................................................
    [Show full text]
  • Kratka Povijest Unixa Od Unicsa Do Freebsda I Linuxa
    Kratka povijest UNIXa Od UNICSa do FreeBSDa i Linuxa 1 Autor: Hrvoje Horvat Naslov: Kratka povijest UNIXa - Od UNICSa do FreeBSDa i Linuxa Licenca i prava korištenja: Svi imaju pravo koristiti, mijenjati, kopirati i štampati (printati) knjigu, prema pravilima GNU GPL licence. Mjesto i godina izdavanja: Osijek, 2017 ISBN: 978-953-59438-0-8 (PDF-online) URL publikacije (PDF): https://www.opensource-osijek.org/knjige/Kratka povijest UNIXa - Od UNICSa do FreeBSDa i Linuxa.pdf ISBN: 978-953- 59438-1- 5 (HTML-online) DokuWiki URL (HTML): https://www.opensource-osijek.org/dokuwiki/wiki:knjige:kratka-povijest- unixa Verzija publikacije : 1.0 Nakalada : Vlastita naklada Uz pravo svakoga na vlastito štampanje (printanje), prema pravilima GNU GPL licence. Ova knjiga je napisana unutar inicijative Open Source Osijek: https://www.opensource-osijek.org Inicijativa Open Source Osijek je član udruge Osijek Software City: http://softwarecity.hr/ UNIX je registrirano i zaštićeno ime od strane tvrtke X/Open (Open Group). FreeBSD i FreeBSD logo su registrirani i zaštićeni od strane FreeBSD Foundation. Imena i logo : Apple, Mac, Macintosh, iOS i Mac OS su registrirani i zaštićeni od strane tvrtke Apple Computer. Ime i logo IBM i AIX su registrirani i zaštićeni od strane tvrtke International Business Machines Corporation. IEEE, POSIX i 802 registrirani i zaštićeni od strane instituta Institute of Electrical and Electronics Engineers. Ime Linux je registrirano i zaštićeno od strane Linusa Torvaldsa u Sjedinjenim Američkim Državama. Ime i logo : Sun, Sun Microsystems, SunOS, Solaris i Java su registrirani i zaštićeni od strane tvrtke Sun Microsystems, sada u vlasništvu tvrtke Oracle. Ime i logo Oracle su u vlasništvu tvrtke Oracle.
    [Show full text]
  • Free, Functional, and Secure
    Free, Functional, and Secure Dante Catalfamo What is OpenBSD? Not Linux? ● Unix-like ● Similar layout ● Similar tools ● POSIX ● NOT the same History ● Originated at AT&T, who were unable to compete in the industry (1970s) ● Given to Universities for educational purposes ● Universities improved the code under the BSD license The License The license: ● Retain the copyright notice ● No warranty ● Don’t use the author's name to promote the product History Cont’d ● After 15 years, the partnership ended ● Almost the entire OS had been rewritten ● The university released the (now mostly BSD licensed) code for free History Cont’d ● AT&T launching Unix System Labories (USL) ● Sued UC Berkeley ● Berkeley fought back, claiming the code didn’t belong to AT&T ● 2 year lawsuit ● AT&T lost, and was found guilty of violating the BSD license History Cont’d ● BSD4.4-Lite released ● The only operating system ever released incomplete ● This became the base of FreeBSD and NetBSD, and eventually OpenBSD and MacOS History Cont’d ● Theo DeRaadt ○ Originally a NetBSD developer ○ Forked NetBSD into OpenBSD after disagreement the direction of the project *fork* Innovations W^X ● Pioneered by the OpenBSD project in 3.3 in 2002, strictly enforced in 6.0 ● Memory can either be write or execute, but but both (XOR) ● Similar to PaX Linux kernel extension (developed later) AnonCVS ● First project with a public source tree featuring version control (1995) ● Now an extremely popular model of software development anonymous anonymous anonymous anonymous anonymous IPSec ● First free operating system to implement an IPSec VPN stack Privilege Separation ● First implemented in 3.2 ● Split a program into processes performing different sub-functions ● Now used in almost all privileged programs in OpenBSD like httpd, bgpd, dhcpd, syslog, sndio, etc.
    [Show full text]
  • Irscp.Phase2.Pdf
    Wresting Control from BGP: Scalable Fine-grained Route Control ¡ ¡ ¡ Patrick Verkaik , Dan Pei , Tom Scholl , Aman Shaikh , ¡ Alex C. Snoeren , and Jacobus E. van der Merwe ¡ University of California, San Diego AT&T Labs Abstract Internet paths can often provide improved performance characteristics [1, 2, 20], suggesting the potential bene- Today's Internet users and applications are placing in- fit of making routing aware of network conditions [11]. creased demands on Internet service providers to deliver Additionally, today's operators are often required to re- fine-grained, flexible route control. To assist network op- strict the any-to-any connectivity model of the Internet erators in addressing this challenge we present an Intelli- to deal with unwanted traffic in the form of DDoS at- gent Route Service Control Point (IRSCP), a route con- tacks. Responses can take the form of black-holing traf- trol architecture that allows a network operator to flexibly fic, redirecting it to “scrubbing complexes”, or even more control routing between the traffic ingresses and egresses sophisticated differentiation of unwanted traffic based on of an ISP's network without modifying existing routers. network intelligence [24]. Finally, in some cases the de- In essence, IRSCP subsumes the control plane of an ISP's fault BGP decision process is simply at odds with provider network by replacing the distributed BGP decision pro- and/or customer goals. For example, using IGP cost as cess of each router in the network with a more flexi- a tie breaker in the decision process can lead to unbal- ble, logically centralized route computation.
    [Show full text]
  • Beyond the Best: Real-Time Non-Invasive Collection of BGP Messages
    Beyond the Best: Real-Time Non-Invasive Collection of BGP Messages Stefano Vissicchio Luca Cittadini Maurizio Pizzonia Luca Vergantini Valerio Mezzapesa Maria Luisa Papagni Dipartimento di Informatica e Automazione, Universita` degli Studi Roma Tre, Rome, Italy fvissicch,ratm,pizzonia,verganti,mezzapes,[email protected] Abstract Despite such a rich set of potential applications, cur- Interdomain routing in the Internet has a large impact rent BGP monitoring practices are quite limited: very of- on network traffic and related economic issues. For this ten, they employ open source BGP daemon implementa- reason, BGP monitoring attracts both academic and in- tions to establish extra BGP peerings with border routers. dustrial research interest. The most common solution for The daemon acts as a route collector, in the sense that collecting BGP routing data is to establish BGP peerings it collects information received via those extra peerings, between border routers and a route collector. dumps it in some format, and stores it for future analy- The downside of this approach is that it only allows ses. For example, this is the approach adopted by Route- us to trace changes of routes selected as best by routers: Views [20] to collect BGP data for the Internet commu- this drawback hinders a wide range of analyses that need nity. Such a practice has two major drawbacks: (i) it is access to all BGP messages received by border routers. only able to collect those routes that have been selected In this paper, we present an effective technique en- as best by the routers that peer with the collector; and abling fast, non-invasive and scalable collection of all (ii) it is only able to collect BGP messages after ingress BGP messages received by border routers.
    [Show full text]
  • Open Source Software for Routing a Look at the Status of Open Source Software for Routing
    APNIC 34 Open Source Software for Routing A look at the status of Open Source Software for Routing Martin Winter OpenSourceRouting.org 1 Who is OpenSourceRouting Quick Overview of what we do and who we are www.opensourcerouting.org ‣ Started late summer 2011 ‣ Focus on improving Quagga ‣ Funded by Companies who like an Open Source Alternative ‣ Non-Profit Organization • Part of ISC (Internet System Consortium) 2 Important reminder: Quagga/Bird/… are not complete routers. They are only the Route Engine. You still need a forwarding plane 3 Why look at Open Source for routing, Why now? Reasons for Open Source Software in Routing 1 Popular Open Source Software Overview of Bird, Quagga, OpenBGPd, Xorp 2 Current Status of Quagga Details on where to consider Quagga, where to avoid it 3 What Open Source Routing is doing What we (OpenSourceRouting.org) do on Quagga 4 How you can help Open Source needs your help. And it will help you. 5 4 Reasons why the time is NOW A few reasons to at least start thinking about Open Source Could be much cheaper. You don’t need all the Money features and all the specialized hardware everywhere. All the current buzzwords. And most of it started SDN, with Open Source – and is designed for it. Does Cloud, .. your vendor provide you with the features for new requirements in time? Your Missing a feature? Need a special feature to distinguish from the competition? You have access Features to the source code. Not just one company is setting the schedule on Support what the fix and when you get the software fix.
    [Show full text]
  • Protecting Routing with RPKI Mark Kosters, ARIN CTO
    Protecting Routing with RPKI Mark Kosters, ARIN CTO @TeamARIN Agenda •Routing, a short •Using ARIN’s RPKI primer components •Operational routing •RPKI Statistics challenges •IRR Status •Do we have a solution? @TeamARIN 1 Core Internet Functions: Routing & DNS •The Internet relies on two critical resources • DNS: Translates domain names to IP addresses and IP addresses to domain names • Routing: Tells us how to get to an IP address •These critical resources are not secure •DNSSEC and RPKI secure these critical resources @TeamARIN 2 Routing – A Primer @TeamARIN 3 Routing Architecture •The Internet uses a two level routing hierarchy: • Interior Gateway (Routing) Protocol - IGP • Exterior Gateway (Routing) Protocol - EGP @TeamARIN 4 Routing Architecture - IGP • Interior Routing Protocols, used by each network to determine how to reach all destinations that lie within the network • Interior Routing protocols maintain the current topology of the network @TeamARIN 5 Routing Architecture - EGP • Exterior Routing Protocol, used to link each component network together into a single whole • Exterior protocols assume that each network is fully interconnected internally @TeamARIN 6 Exterior Routing: BGP •BGP is a large set of bilateral (1:1) routing sessions • A tells B all the destinations (prefixes) that A is capable of reaching • B tells A all the destinations that B is capable of reaching 10.0.0.0/24 192.2.200.0/24 10.1.0.0/16 10.2.0.0/18 A B @TeamARIN 7 Operational Routing Challenges @TeamARIN 8 Focus on Interconnections • Started out as informal
    [Show full text]
  • Internet Exchange Points 2013 Report Contents
    Internet Exchange Points 2013 Report Contents 1. Introduction ................................................................................................................................................3 1.1 Foreword ................................................................................................................................................3 1.2 Notes on this report ...............................................................................................................................3 1.3 Internet Exchange Point ........................................................................................................................4 1.4 About Euro-IX ........................................................................................................................................4 1.5 List of Euro-IX Affiliates .........................................................................................................................5 1.6 Participants distribution at Euro-IX member IXPs.................................................................................7 1.7 Evolution since 2007 ..............................................................................................................................8 2. European IXP growth since 1993 ..............................................................................................................9 2.1 IXP Trends in Europe since 1993 ...........................................................................................................9 2.2
    [Show full text]
  • Hosting Solutions
    Hosting Hosting Solutions Whether you need a reliable home Colocation for your website or a more bespoke Host your own network and server equipment in a secure, purpose-built solution, we’ll provide you with data centre environment Dedicated Servers technically superior hosting, backed We’ll provide you with enterprise class server hardware, hosted in a purpose- by a personal approach to service built data centre and provide you with and support. full remote access Managed Hosting Let us design, build, manage and maintain a hosting solution, tailored to your specific needs, and hosted in one Reliable hosting services have been a feature of our service portfolio for over 10 of our purpose-built data centres years. Domain Names We provide a suite of hosting services out of our purpose-built data centres in Establish your presence on the Internet Rochdale and Leeds. We also have data centre presence in Manchester and London, and protect your brand all of which are connected to each other and the wider Internet by our resilient 10Gbps network. Resilient, high performance data storage is available thanks to our Web Hosting Build your own website using one of our investment in an enterprise class, multi-site Storage Area Network. affordable Web Hosting packages Building on these foundations, we partner with leading hardware and software vendors enabling us to provide end to end hosting solutions which meet the requirements of single users and small businesses, as well as large multi-site organisations looking to host mission critical service infrastructure. With a comprehensive range of hosting services on offer, and a thorough approach to understanding your requirements, we are ideally positioned to provide the right solution to your hosting needs.
    [Show full text]