In June 2016, the Organization for Economic Cooperation and Development (OECD) hosted a meeting of ministers to consider the state of the Digital Economy. The central message from this meeting was the message that: “Governments must act faster to help people and firms to make greater use of the Internet and remove regulatory barriers to digital innovation or else risk missing out on the potentially huge economic and social benefits of the digital economy.” All well and good, and as a piece of rhetoric, it seems to strike an appropriately positive note without straying far from what appears to be bland truisms of our time.
In this article, I'm showing how we can mitigate DNS attacks by implementing a stateless firewall filter at the aggregation or edge router.
There are about 600 DNS root server instances deployed around the world. But does everyone have an equal level of access to a root server in their region? Are they fairly distributed? Do all major (and country level) network operators recognise the value in deploying (or peering with) a root server in their network?
Last week I had the opportunity to visit the LPWA IoT Networks Event in Amsterdam, a two-day conference dedicated to the use of low power wide area (LPWA) wireless networks that lie behind many Internet of Things (IoT) solutions that are entering the market.
The issue of the relative sizes of the IPv4 and IPv6 Internet in BGP came up during discussion at the APNIC/APRICOT meeting held in Auckland, New Zealand earlier this year.
The third RIPE Atlas hackathon took place in Copenhagen the weekend before RIPE 72. In this article, we share the details about the hackathon and a preview of the fourth hackathon.
As our activity in the Middle East slows from now until the end of July, we take the opportunity to present a recap of the RIPE NCC's second year of operations from the Dubai office.
IP anycast has been widely used to replicate services in multiple locations as a way to deliver better performance and resilience. It has been largely employed by CDNs and DNS operators, such as on the root server system. However, there is little evaluation of anycast under stress.
After 15 years conducting training on IPv6 in over 110 countries, I’ve been asked all sorts of questions. “How do I use my IPv6 addressing space?” “What prefix size should I provide to customers?” Although I have answers to these and many other best practice related questions, the one question, which I have not been able to answer to the best of my ability, is “What is the approach of other ISPs?”. So I decided to find out.
For a while now, the number of active RIPE Atlas probes has hovered around the 9,400 mark. This means that new probes are being connected at a fast enough rate to replace failing probes, but not enough to grow the network. At the same time, the version 3 probes have problems with their USB sticks. This led us to wonder whether these two issues are related.
In May 2015, we looked at IPv4 transfers in the RIPE NCC service region and found signs of an emerging market. Both the number and size of transfers conducted under RIPE Policy showed an upward trend in the years 2013-2014. One year later, we take another look. Did this trend continue? What have been the effects of the inter-RIR transfer policy?
When Rob Blokzijl stepped down, he handed over the role as Chair of RIPE to me in the closing plenary of RIPE 68 in Warsaw, 16 May 2014. Rob had been the RIPE Chair for 25 years since 1989 and there has not been any procedure for selecting the Chair. Rob tasked me to put in place a procedure to elect my successor.
We've updated the RIPE Atlas APIs - and there's a comprehensive new manual to explain how to use them. As a result, the current (version 1) APIs are still available for now, but will be deprecated by the end of the year.
This work demonstrates the value of the results collected by RIPE Atlas independent of the original purpose for collecting them. Using all traceroute results from a particular day as an example, we first show that near real-time analysis of the result stream is feasible. Then we show that this has great potential for studying the packet layer of the Internet in general and for providing tools to network operators in particular. All this suggests a large and diverse potential for further work.
The design of IPv6 represented a relatively conservative evolutionary step of the Internet protocol. Mostly, it's just IPv4 with significantly larger address fields. Mostly, but not completely, as there were some changes. IPv6 changed the boot process to use auto-configuration and multicast to perform functions that were performed by ARP and DHCP in IPv4. IPv6 added a 20-bit Flow Identifier to the packet header. IPv6 replaced IP header options with an optional chain of extension headers. IPv6 also changed the behaviour of packet fragmentation. Which is what we will look at here.
Pinpointing Delay and Forwarding Anomalies Using RIPE Atlas Built-in Measurements - Or How I Learned to Stop Worrying and Love the Built-Ins
Detecting network disruptions is a recurring problem. Clearly locating performance degradation is an important step in debugging and subsequently fixing connectivity issues.
Over the last year the RIPE NCC made a significant number of incremental changes to the RIPE Database user interface. The implementation of streamlined authentication using RIPE NCC Access has put us in a position where we can further improve the user experience in other areas.
Ahead of RIPE 72, we wanted to take another look at our membership statistics. Was membership growth affected by the Executive Board's resolution preventing multiple LIR accounts? And how will the growth in new LIRs affect the projected lifespan of the available IPv4 pool?
This article explains how I use RIPE Atlas probes, the official API and custom scripts, to debug network issues.
Please read this guest post by Byron Ellacott, Senior Software Architect at APNIC: The Internet of Things without the Internet is just things, and we’ve had things since the first caveman used a pointy stick to draw on a wall. What then does the Internet bring to things to justify a capital T?