Recent Articles
A Year in the Life
June 2013
On the 6th June 2012 we held the World IPv6 Launch Day. Unlike the IPv6 event of the previous year, World IPv6 Day, where the aim was to switch on IPv6 on as many major online services as possible, the 2012 program was somewhat different. This time the effort was intended to encourage service providers to switch on IPv6 and leave it on. What has happened since then? Have we switched it on and left it on? Who's been doing the work?
more...
The Company You Keep
June 2013
This story started earlier this year, with a posting to the Australian network operators' mailing list, asking if anyone had more information about why the web site that was operated by an outfit called “Melbourne Free University” was inaccessible through a number of major Australian ISPs. When they asked their local ISP if there was some issue, they were informed that "this was due to an Australian government request, and could say no more about it." This was unusual, as it was very hard to see that this site would fall under the gamut of Australian Internet censorship efforts, or fall foul of various law enforcement or security investigations. What dastardly crime had the good folk at the Melbourne Free University committed to attract such a significant response?
more...
How We Measure IPv6
May 2013
For some years now at APNIC Labs we've been conducting a measurement exercise intended to measure the extent to which IPv6 is being deployed in the Internet. This is not a measurement of IPv6 traffic volumes, nor of IPv6 routes, nor of IPv6-capable servers. This is a measurement of the Ipv6 capabilities of devices connected to the Internet, and is intended to answer the question: what proportion of devices on the Internet are capable of supporting an IPv6 connection? We've often been asked about our measurement methodology, and this article is intended to describe in some detail how we perform this measurement.
more...
A Royal Opinion on Carrier Grade NATs
May 2013
There are still a number of countries who have Queen Elizabeth as their titular head of state. My country, Australia, is one of those countries. It’s difficult to understand what exactly her role is these days in the context of Australian governmental matters, and I suspect even in the United Kingdom many folk share my constitutional uncertainty. Nevertheless, it’s all great theatre and rich pageantry, with great press coverage thrown in as well. In the United Kingdom every year the Queen reads a speech prepared by the government of the day, which details the legislative measures that are being proposed by the government for the coming year. Earlier this month the Queen’s speech included mention of IP addresses
more...
But That's Impossible!
May 2013
For some time now at APNIC Labs we’ve been running an experiment that is intended to measure the state of IPv6 capability across the Internet. To do this we use experiment code embedded in web sites, as well as active code embedded in an online advertisement. Across these two experimental approaches we perform a basic IPv6 capability test on between 800,000 and 1,000,000 clients each day. Such a large scale experiment is bound to produce some anomalous behaviours, but we've observed a couple of outcomes that, as far as I can tell, should just be impossible!
more...
Measuring DNSSEC Performance
May 2013
There are a number of reasons that both domain name administrators and vendors of client DNS software cite for not incorporating DNSSEC signing into their offerrings. The added complexity of the name administration process when signatures are added to the mix, the challenges of maintaining current root trust keys, and the adverse consequences of DNSSEC signature validation failure have all been mentioned as reasons to hesitate. We have also heard concerns over increased overhead of using DNSSEC. These concerns come from zone administrators, authoritative name server operators and from suppliers of DNS resolver systems, and all point to a concern over the imposition of further overheads in the process of DNS name resolution when the name being resolved is DNSSEC signed. While the issues of complexity are challenging to quantify, we were interested in the issues of performance. What are the performance costs of adding DNSSEC signatures to a domain? Can we measure them?
more...
What the Ftt?
April 2013
Three years ago, in September 2010, Australia held a federal election. At the time I thought that I'd never see the day when the difference in capability between a wireless and a wireline Internet would become a core policy differentiator in a national election, but that was what happened in Australia in 2010. Now, almost three years later, we seem to be having a national déjà vu moment. Yes, there is another election coming in September, and yes, once more the country’s national digital network is firmly in the sights of the politicians and it's technology is again part of the political debate.
more...
A Primer on IPv4, IPv6 and Transition
April 2013
There is something badly broken in today's Internet. At first blush that may sound like a contradiction in terms. After all, the Internet is a modern day technical marvel. In just a couple of decades the Internet has not only transformed the global communications sector, but its reach has extended far further into our society, and it has fundamentally changed the way we do business, the nature of entertainment, the way we buy and sell, and even the structures of government and their engagement with citizens. In many ways the Internet has had a transformative effect on our society that is similar in scale and scope to that of the industrial revolution in the 19th century. How could it possibly be that this prodigious technology of the Internet is "badly broken?" Everything that worked yesterday is still working today isn't it? In this article I'd like to explain this situation in a little more detail and expose some cracks in the foundations of today’s Internet.
more...
DNSSEC and Google’s Public DNS Service
April 2013
The story of DNSSEC has strong similarities to that of IPv6. Like IPv6, DNSSEC has been around for many years, but its languishing. Like IPv6, DNSSEC is most effective when everyone is using it, and the marginal returns from piecemeal adoption are extremely low. And like IPv6, the relatively low levels of deployment and use of DNSSEC does not reflect the longstanding effort to lift the visibility of the technology and concerted efforts to publicise the clear long term benefits in the use of this technology.
more...
Literally IPv6
March 2013
As many who have worked with computer software would attest, software bugs come in many strange forms. This month I'd like to relate a recent experience I’ve had with one such bug that pulls together aspects of IPv6 standard specifications and interoperability.
more...
"Multi-Stakeholderism" and the Internet Policy Debate
February 2013
With WICT-12 over, and now the preparation for the forthcoming WTPF underway, and of course also we have the WTDC and WTISD coming up, one could be excused for thinking that that world famous, but hopelessly unintelligible, cartoon character from the 80’s and 90’s, Bill the Cat, has come out of retirement to work as head of Acronym Engineering at the ITU. However, no matter how unintelligible the acronyms of these meetings can get, the issue of how we come to terms with a technology-dense world is a serious matter. Too often we appear to use yesterday’s tools and techniques to address tomorrow’s issues, and take the view that if it worked in the past it should work now. I’d like to look at this approach in a little more detail here, and try and understand why WCIT was such a comprehensive failure and why the prospects for the next round of telecommunications sector meetings are not exactly looking rosy.
more...
Addressing 2012 - Another One bites the dust!
January 2013
Time for another annual roundup from the world of IP addresses. What happened in 2012 and what is likely to happen in 2013? Lets see what has changed in the past 12 months in addressing the Internet, and look at how IP address allocation information can inform us of the changing nature of the network itself.
more...
Calling Stumps at WCIT: Win, Lose or Draw?
December 2012
The problem with setting expectations is that when they are not fulfilled the fallout is generally considered to be a failure, and while everyone wants to claim parenthood of success, failure is generally an orphan. In that sense it looks like the WCIT meeting, and the International Telecommunications Regulations (ITRs) that were being revised at that conference are both looking a lot like orphans this week.
more...
To Flat or to Cap?
December 2012
No that's not a question about Australian coffee tastes and the critically important difference between a flat white and a cappuccino. This is a question about the differences in ISP retail models for broadband Internet access and the choice between a retail model of a "unlimited" flat fee that has no volume component, and a "capped" model where the service fee provides for a certain data volume and when that volume is reached either the user is exposed to an incremental fee, or the service is throttled back to a narrowband service for the remainder of the billing period. It seems that this is once more a critical question in the ISP world, and maybe this time the topic is best approached through television.
more...
Superstorm Sandy and the Global Internet
November 2012
The Internet has managed to collect its fair share of mythology, and one of the more persistent myths is that from its genesis in a cold war US think tank in the 1960's the Internet was designed with remarkable ability to "route around damage.” Whether the story of this cold war think tank is true or not, the capability of the Internet to route around damage was put to the test when superstorm Sandy made landfall at the same point where more than 20 major trans-Atlantic submarine cables make their landfall. In the ensuing blackouts and tidal surges in New York just how well did the global Internet fare?
more...
Counting IPv6 in the DNS
November 2012
At the recent ARIN XXX meeting in October 2012 I listened to a debate on a policy proposal concerning the reservation of a pool of IPv4 addresses to address critical infrastructure. This term is intended to cover a variety of applications, including use by public Internet Exchanges and authoritative nameservers for various top level domains. As far as I can tell, the assumptions behind this policy proposal includes the assumption that a top level authoritative nameserver will need to use IPv4 for the foreseeable future, so that an explicit reserved pool of these IPv4 addresses needs to be maintained for use by the authoritative nameservers for these domain names. But it this really the case? If you set up an authoritative DNS nameserver for a domain name where all the nameservers were only reachable using IPv6, then what is the visibility of this nameserver? What proportion of the Internet's user base could still access the name if access to the authoritative nameservers was restricted to only IPv6?
more...
NANOG 56
November 2012
NANOG held its 56th meeting in Dallas on October 21 through 24. The following are my impressions of the presentations at this meeting.
more...
Re-Counting DNSSEC
October 2012
This is a followup article to Counting DNSSEC that reflects some further examination of the collected data. This time I'd like to describe some additional thoughts about the experiment, and some revised results in our efforts to count just how much DNSSEC is being used out there.
more...
NORDUnet 2012 - My Impressions
October 2012
I was able to attend NORDUnet 2012 in September of this year as an invited speaker. This is a brief report of my impressions of this meeting.
more...
Counting DNSSEC
October 2012
At the Nordunet 2012 conference in September, a presentation included the assertion that "more than 80% of domains could use DNSSEC if they so chose." This is an interesting claim that speaks to a very rapid rise in the deployment of DNSSEC in recent years, and it raises many questions about the overall status of DNSSEC deployment in today's Internet. The question now is: how is all this playing out in the world of the DNS? How many DNS zones are DNSSEC-signed? To what extent are Internet user's able to trust in the integrity of DNS name resolution? How many Internet users use DNS resolvers that perform DNSSEC validation? Lets try and answer these questions.
more...
Network Service Models and the Internet
September 2012
In recent times we've covered a lot of ground in terms of the evolution of telecommunications services, riding on the back of the runaway success of the Internet. We've taken the computer and applied a series of transformational changes in computing power and size, battery technology and radio systems to create a surprising result. We've managed to put advanced computation power in a form factor that fits in the palm of my hand, and couple it with a communications capability that can manage data flows of tens if not hundreds of megabits per second. All in a device that has as few as two buttons! But a few clouds that have strayed into this otherwise sunny story of technological wonder.
more...
The End, Part 2
August 2012
Once upon a time we thought that the end of the IPv4 phase of the Internet would be relatively quiet and possibly even pass unnoticed. The optimistic thought was that before we were even close to exhaustion of the remaining pool of IPv4 addresses we would've not only started off with the transition to IPv6, but we would've completed it. And having completed the transition, the remaining IPv4 addresses in the unallocated pool would sit there indefinitely, unwanted and unneeded.
more...
Leaping Seconds
August 2012
The tabloid press are never lost for a good headline, but this one in particular caught my eye: "Global Chaos as moment in time kills the Interwebs". I'm pretty sure that "global chaos" is somewhat over the top, but there was a problem happening on the 1st of July this year, and yes, it impacted the Internet in various ways, as well as many other enterprises who rely on IT systems. And yes, the problem had a lot to do with time and how we measure it.
more...
Carriage vs Content
July 2012
Does anyone remember the Internet before Google? And no, using Google to ask about the pre-Google Internet is not going to work all that well! For those of you who can recall the Internet of around 2000, do you also recall what debates were raging at the time? Let me give you a hand in answering that question. One big debate at the time was all about the relationship between the carriage service operators and the content providers, and, as usual, it was all about money. The debate was about who owed who money, and how much. Ten years later and it seems that nothing much has changed.
more...
All Your Packets Belong to Us
July 2012
On the 18th June, it was reported on an Australian users' forum, Whirlpool, that whenever a Telstra mobile data service user contacted a web site, then some 250 ms later the same web site URL was fetched from a different source address. It appeared that somehow this third party was stalking the mobile data user, visiting all the same web sites as the user, in every case shortly after the user.
more...
Measuring IPv6 - Country by Country
July 2012
Some years ago a report was published that ranked countries by the level of penetration of broadband data services. You can find the current version of that report at the OECD web site.This ranking of national economies had an electrifying impact on this industry and upon public policies for broadband infrastructure in many countries. Perhaps this happened because there were some real surprises lurking in the numbers at the time. more...
Occam's ITRs
July 2012
It's been a quarter of a century since the world's governments convened to draft up a common set of regulations about the conduct of international telecommunications. In December of 2012 the world's governments will convene to reconsider these regulations, to hopefully sign an updated set of regulations. This time around, this activity is generating considerable levels of public interest. Congressional hearings in the United States have been held, and various pronouncements of intent from various governmental, regional, and industry groups have been made. The level of interest in international telecommunications is high, and the diversity of views about what should be expressed in a revised set of regulations is also evident. more...
