Anycast is used by most of the DNS root-servers and other services like Cloudflare. It provides localization and scaling benefits to clients using the anycasted service. An anycast service uses one IP for several instances of the same service. The routing system is then responsible for directing a client to the closest instance of the service. In theory, a client should always reach the closest instance, but it turns out that this is not always the case. At the DACS group of the University of Twente, we analyzed the anycast infrastructure of K-root and tried to find how many clients reached the closest instance.
In an effort to increase the growth rate of connected RIPE Atlas probes and achieve better coverage across the globe, our Measurements Community Building team is experimenting with new outreach methods.
The adoption of the RPKI system is growing rapidly. To make sure the system scales, we’ve developed a new protocol that should drastically improve fetch times for RPKI repositories. This article explains how.
Despite the few RIPE Atlas probes available in Latin America, it is possible to obtain interesting measurements about changes in network architecture.
Most of the time, mostly everywhere, most of the Internet appears to work just fine. Indeed, it seems to work just fine enough to the point that that when it goes wrong in a significant way then it seems to be fodder for headlines in the industry press.
In this article we compare RIPE Atlas deployment against user population estimates provided by APNIC to see which eyeball networks are missing out on RIPE Atlas probes.
At RIPE 70, Tim Bruijnzeels presented some statistics on the type of authentication people use to update the RIPE Database. There was one data point that particularly stood out for me: 76% of all updates via email are done using an MD5 password. I was stunned, because this way you are required to send your password in clear text over the Internet...
We’d like to enable gzip compression on all of RIPE Atlas' measurement API calls — but thanks to the BREACH vulnerability, doing so could mean that some enterprising individual with an obscene amount of time on their hands might be able read the contents of the responses. This means measurement results as well as metadata for measurements — including the small number of measurements not marked as “public”. We believe the drawbacks are negligible, but we’re looking for community support.
After a discussion with the community about HTTP measurements, we'll start implementing this as a publicly available measurement type.
For EuroDIG 2015, held in Sofia, Bulgaria on 3 and 4 June 2015, the RIPE NCC was pleased to be able to support the participation of Corinne Cath, who presented her work on human rights in the development of technical protocols at the recent RIPE 70 Cooperation Working Group session. Below is her impression of the conference.
In this post (originally published on the APNIC blog), Cengiz Alaettinoglou gives a brief overview and comparison of the IRR and SIDR security models and shares his thoughts about the chances for these models to succeed.
Some time ago, many people noticed rapid IPv6 deployment growth in Estonia (from 0% to 5% in 4 weeks). Tarko Tikan, from 3249/Elion/Estonian Telecom, explains the reason behind this.
Tony Smith from the APNIC gives an update on the DNS Root Zone Key-Signing and explains how the key-signing-key roll over will be done for the first time.
The Domain Name Service Look-aside Validation Service (DLV) was an idea which was useful in the transition from a non-signed DNSSEC root to the current globally visible DNSSEC trust anchor. Now a significant number of people in the wider Internet may be running (particularly) Linux distributions that out-of-the-box expect the DLV service to be running, and provide valid answers.
Please find below a guest post by Darrin Veit and Christopher Palmer who originally posted this to the NANOG mailing list. It provides information for Xbox One, but also shares some relevant details on upcoming Windows functionality in terms of Teredo and IPv6 usage.
During the RIPE 70 Meeting in Amsterdam this week (on 13 May around 10:00 UTC), we experienced a network outage at AMS-IX. Let's see how this was monitored by various tools.
We introduce a new tool to read BGP RIB dump files, called BGPdump2. It has a unique feature, in which users can compare routes from BGP RIB files in the ”diff”-like display format. It is good for checking the correctness of BGP operation by comparing one ISP’s BGP routing table to another ISP’s.
In 2013 and 2014 we looked into measuring Interdomain Routing in Africa using the RIPE Atlas infrastructure. This resulted in a paper published at the PAM (Passive and Active Measurement) 2015 conference. Here we present some highlights of this research.
Now that the RIPE NCC has reached its last /8, some Local Internet Registries (LIRs) are choosing to obtain additional address space from other organisations via the emerging transfer market. Here we examine statistics from the last two and a half years of transfers and visualise per country aggregates on a map.
At the RIPE 69 meeting, the use of the RIPE Database as an Internet Routing Registry (IRR) and it's relationship with other IRRs was raised. But there hasn't been much discussion on options for the way forward since. Based on what was said at RIPE 69 and the few comments made on the mailing list, I feel that some issues might need further clarification and discussion.