As the pandemic continues, the network operator community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting... Ethernet, developed in 1973 at Xerox PARC, was a revolutionary step in network architectures in many ways. The common bus architecture imposed several constraints on the network that have echoed through the ensuing four decades in all kinds of ways. more
On 23 February, the U.S. Administration had the chutzpah to file a formal communication to the World Trade Organization (WTO) complaining about "measures adopted and under development by China relating to its cybersecurity law." However, it is the U.S. complaint that is most troubling. Here is why. The gist of the U.S. complaint is that China's newly promulgated directive on the use of VPN (Virtual Private Network) encrypted circuits from foreign nations runs afoul of... more
The Australian Domain Name Administration, AUDA, recently published its quarterly report for the last quarter of 2020. The report contained the interesting snippet: "The rapid digitization of our lives and economy -- necessitated by COVID-19 -- continued to underpin strong growth in .au registrations. New .au domains created in December 2020 were up 23 percent from December 2019, while total domains under management were up more than 2.1 percent over the same period." more
This year, we expect that the RIPE NCC's pool of unallocated IPv4 addresses will reach the "last /8", meaning that we have 16,777,216 IPv4 addresses left in the available pool. At that point it will no longer be possible for RIPE NCC members to obtain the amount of IPv4 addresses they will require to expand their current and future networks. When we hit the last /8, the RIPE NCC will only be able to distribute IPv6 addresses and a one-off allocation of IPv4 address space... Has this caused a last minute rush? more
In the first part of this trilogy, I discussed the importance of automatically provisioned second generation DNS in connection with Software Defined Networking (SDN) and Software Defined Data Centre (SDDC). In the second post, I talked about IP addressing, private enterprise networks, and how DHCP does not meet the requirements of multitenant Infrastructure-as-a-Service (IaaS) cloud environments. I will now wrap up this trilogy by putting these two thesis into real-life context. more
Last week Czech researchers released information on a new worm which exploits CPE devices (broadband routers) by means such as default passwords, constructing a large DDoS botnet. Today this story hit international news... The spread of insecure broadband modems (DSL and Cable) is extremely wide-spread, with numerous ISPs, large and small, whose entire (read significant portions of) broadband population is vulnerable. more
Global IPv6 deployment just passed a major milestone over the past few days when Google's IPv6 adoption statistics showed over 10% of users connecting to Google's sites coming in over IPv6. Considering that only two years ago I wrote here on CircleID about IPv6 passing the 3% adoption mark, this is a great amount of growth to see! If you look on the "per-country" tab of Google's stats you will see that in some countries deployment is much higher. For example, around 25% in the USA, Portugal and Germany, 31% in Switzerland and 44% in Belgium. more
The U.S. Government is causing a huge disservice to protection and defense in the private sector (80%+ of CIKR) by creating an ECS that contains monetary incentive for a few large players to exert undue control over the availability, distribution, and cost of security threat indicators. While there may be a legitimate need for the federal government to share classified indicators to entities for protecting critical infrastructure, the over-classification of indicator data is a widely recognized issue that presents real problems for the private sector. ECS as currently construed creates monetary incentives for continued or even expanded over-classification. more
If you haven't been reading the news of late, venerable anti-spam service Spamhaus has been the target of a sustained, record-setting Distributed Denial-of-Service (DDoS) attack over the past couple of weeks... Of course, bad guys are always mad at Spamhaus, and so they had a pretty robust set-up to begin with, but whoever was behind this attack was able to muster some huge resources, heretofore never seen in intensity, and it had some impact, on the Spamhaus website, and to a limited degree, on the behind-the-scenes services that Spamhaus uses to distribute their data to their customers. more
A new type of DDoS attack takes advantage of an old vulnerability with the potential to put any company with an online presence at risk of attack warn researchers. more
I have come to the conclusion that "net neutrality" is an ethical issue at heart, one about the appropriate constraint of unfair ISP power. Some people are (I pray unintentionally) on the wrong side of a now-clear moral divide. They are claiming to prevent harmful abuse of power, when in reality their actions create fresh harm. A central issue is one of technical competence to comment. If your beliefs are disconnected from how the world works, you cannot evaluate whether you are espousing something sensible or silly. more
A recent malware attack on the control systems of an industrial plant has renewed concerns about the threat hacking poses to critical infrastructure. more
ARCchart is selling a new report entitled Mobile Broadband Performance of Carrier Networks. I can't personally justify the purchase, but I notice this wonderful graph in their sample. ARCchart gave mobile users free speed test applications... more
I've often joked that I don't play computer games because I'm holding out for a holodeck. While that may sound ridiculously far-future, we're on the verge of seeing the web-based virtual reality that will be a major step towards a holodeck. There is already some awesome virtual reality software and games where a person can get immersed in another world using a headset. more
I've been covering Cuban streetnets (local area networks with independent users that are not connected to the Internet) for some time. Reader Doug Madory told me about Gaspar Social, a new streetnet in Gaspar, a small town in central Cuba. Gaspar Social opened to the public last October and has grown quickly -- about 500 of Gaspar's 7,500 residents are now users. Streetnets are illegal in Cuba and the government has ignored some and cracked down on others... more
A World-Renowned Source for Internet Developments. Serving Since 2002.