DNS blacklists for IPv4 addresses are now nearly 15 years old, and DNSBL operators have gathered a great deal of expertise running them. Over the next decade or two mail will probably move to IPv6. How will running IPv6 DNSBLs differ from IPv4? There aren't any significant IPv6 DNSBLs yet since there isn't significant unwanted IPv6 mail traffic yet (or significant wanted traffic, for that matter), but we can make some extrapolations from the IPv4 experience. more
All effective spam filters use DNS blacklists or blocklists, known as DNSBLs. They provide an efficient way to publish sets of IP addresses from which the publisher recommends that mail systems not accept mail. A well run DNSBL can be very effective; the Spamhaus lists typically catch upwards of 80% of incoming spam with a very low error rate. DNSBLs take advantage of the existing DNS infrastructure to do fast, efficient lookups. A DNS lookup typically goes through three computers... more
According to IDC, smartphones outsold personal computers, laptops included in Q4 2010! Nokia just announced the demise of the Venerable Symbian in favour of Windows 7 phone and Microsoft's bing search engine! Tectonic shifts are under way to adapt to the rise of wireless broadband, an all IP world, and the growing weight of Apple and Google Android. It is also time to head once again for Barcelona with the Mobile World Congress starting on the 14th. Highlights this year? more
A "New IP" framework was proposed to the ITU last year. This framework envisages a resurgence of a network-centric view of communications architectures where network-managed control mechanisms moderate application behaviors. It's not the first time that we've seen proposals to rethink the underlying architecture of the Internet's technology (for example, there were the "Clean Slate" efforts in the US research community a decade or so ago) and it certainly won't be the last. more
OARC held a 2-day meeting in February, with presentations on various DNS topics. Here are some observations I picked up from the presentations in that meeting... In a world where every DNS name is DNSSEC-signed, and every DNS client validates all received DNS responses, we wouldn't necessarily have the problem of DNS spoofing. Even if we concede that universal use of DNSSEC is a long time off ... more
This very interesting document was released by ICANN's Generic Names Supporting Organization (GNSO) for public comment yesterday. And it asks some fundamental questions while at the same time pointing to sources such as the Honeynet Alliance's reports on fast flux. more
The network operations community is cautiously heading back into a mode of in-person meetings, and the NANOG meeting at the start of November was a hybrid affair with a mix of in-person and virtual participation, both by the presenters and the attendees. I was one of the virtual mob, and these are my notes from the presentations I found to be of personal interest. I hope you might also find them to be of interest as well... The year 2021 has not been a good year for Internet outages. more
We used to think of computer networks as being constructed using two fundamental common infrastructure components: names and addresses. Every connected device had a stable protocol address to allow all other devices to initiate a communication transaction with this device by addressing a data packet to this protocol address. And every device was also associated with a name, allowing human users and human use applications to use a more convenient alias for these protocol addresses. more
So you are the IT regulator for a country and you are convinced that the shortage of IPv4 address space represents a threat to the development of the Internet in your country and you want to do something about it. Being that as regulator you don't really run the countries IP networks, what can you really do? I've heard many regulators in over 30 countries grapple with this problem. The purpose of this article is to think through some ideas to guide action on using (or not) regulation to drive IPv6 adoption. more
US government agencies are accelerating the transition to IPv6 and ensuring their public websites are accessible via IPv6. more
"What is a minimum set of specifications that a vendor must implement to be able to say that it is SIP-compliant?" A friend asked me that question and my response was: "It depends." and even more unfortunately:
"I don't know." It turns out to be a challenging question to answer... and it led me to ask: "How do we define what "SIP" is for telecommunications in 2014? How do we help vendors move their products/services to be based on SIP? As we talk about "turning off the PSTN" and "moving all telecom to IP", how can we make it easier for companies to switch to using SIP? more
A great deal of discussion is taking place about topics such as the digital economy, sharing economy and networked economy. Obviously these are concepts rather than being well-defined, but they are being used by the various players in the market to argue for or against certain developments. For example, in some of the broadband debates around the world, the digital economy is the key reason why national broadband infrastructure gets developed. more
There are still a number of countries who have Queen Elizabeth as their titular head of state. My country, Australia, is one of those countries. It's difficult to understand what exactly her role is these days in the context of Australian governmental matters, and I suspect even in the United Kingdom many folk share my constitutional uncertainty... In the United Kingdom every year the Queen reads a speech prepared by the government of the day, which details the legislative measures that are being proposed by the government for the coming year. Earlier this month the Queen's speech included the following statement in her speech. more
Reading about the EU Neutrality vote, I'm reminded of the challenge faced by traditional telecommunications regulators in understanding the very concept of the Internet. To put it bluntly zero-rate is a policy framed in terms of Minitel and setting the price based on what phone number is dialed and not at all about the Internet where the value is determined by relationships entirely outside of a network. more
Keynote speaker, and noted security industry commentator, Bruce Schneier (Co3 Systems ) set the tone for the two days with a discussion on how humans name things and the shortcomings of computers in doing the same. Names require context, he observed, and "computers are really bad at this" because "everything defaults to global." Referring to the potential that new gTLDs could conflict with internal names in installed systems, he commented, "It would be great if we could go back 20 years and say 'Don't do that'," but concluded that policymakers have to work with DNS the way it is today. more
A World-Renowned Source for Internet Developments. Serving Since 2002.