The prospect of exhaustion of the IPv4 address space is not a surprise. We've been anticipating this situation since at least 1990. But it's a "lumpy" form of exhaustion. It's not the case that the scarcity pressures for IP addresses are evidently to the same level in every part of the Internet. It's not the case that every single address is being used by an active device. A couple of decades ago we thought that an address utilisation ratio of 10% (where, for example, a block of 256 addresses would be used in a network with some 25 addressed devices) was a great achievement. more
This weekend brought the great news that Google's IPv6 statistics have shown that connections over IPv6 to Google's web sites hit the 2% threshold for the first time. (You can see for yourself.) While 2% sounds tiny, as I wrote in a Deploy360 post today, the important fact here is that this represents a doubling of IPv6 traffic to Google over the past year! more
There are often confused reports in the media about mobile and fixed broadband, with arguments that one could replace the other. Yet the reality is that they coexist and complement each other - perhaps even more so since one cannot manage without the other. Increasingly, devices such as smartphones, tablets and smart TVs are at the end of fixed lines, with a wireless (WiFi) connection between the fixed line and the device. more
There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more
With a goal of 270M fixed broadband lines in 2015 and near-universal service by 2020, the new "Broadband China" strategy is extraordinary. OFweek, a valuable site in Chinese, breaks the plan into three phases. The first is a full speed stage, ending in 2013, that deploys basic broadband and 3G widely. The second stage, 2014-2015, is dedicated to a further takeup and wider deployment. That will include 400,000+ LTE cell sites. more
Having been a member of the Committee for this past year, I'm pleased to share that the US Federal Communications Commission (FCC) "Open Internet Advisory Committee" has published its first annual report... The report is weighty - 98pp if you kill trees to print it. The OIAC was established as part of the US FCC Open Internet activity and Open Internet Report and Order from 2010. The FCC appointed expert committee members from a broad range of commercial, academic, and not-for-profit organizations. more
This post follows an earlier post about DNS amplification attacks being observed around the world. DNS Amplification Attacks are occurring regularly and even though they aren't generating headlines targets have to deal with floods of traffic and ISP infrastructure is needlessly stressed -- load balancers fail, network links get saturated, and servers get overloaded. And far more intense attacks can be launched at any time. more
ICANN has, once again opened up a veritable can of worms, with their latest decision on the 'horrors' of Name Collision. While we are sure that ICANN and the Interisle Consulting Group have very good reason to make the decision that they have - delaying the delegation of several TLDs - we believe that the findings contained in Interisle's report do not give sufficient cause to delay the new gTLD program in the manner proposed by ICANN staff. more
Ever want to know where all the submarine cables are that provide part of the physical infrastructure of the Internet? Or which cities in the world have the most connectivity via submarine cables? (or which regions might be single points of failure?) In doing some research I stumbled across this excellent site from the folks at TeleGeography... It is a very well done and captivating (to me, anyway) view into where all the current and planned submarine cables are located. more
One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more
A World-Renowned Source for Internet Developments. Serving Since 2002.