Renesys Blog

Satellite Service Sets in Lebanon

Wed, 16 Nov 2011 15:16:28 -0500

Early last month, my blog "Pinning Down Latency" included this prediction:

In the coming weeks we expect to see a dramatic shift in transit as Lebanese providers move away from expensive and high-latency satellite service to IMEWE-based service.

Well, it didn't take long for this to play out.

Cyber Attack in Palestine?

Tue, 01 Nov 2011 18:08:52 -0500

We can confirm reports of significant but sporadic Internet outages in the Palestinian Territories today. As many as half of the routed networks of the Palestinian Territories were unreachable (withdrawn from the global routing table), possibly as a result of reported cyber attacks. These outages are the largest we have observed all year for this country, which normally has a fairly stable Internet. Impacted networks are located in both the West Bank and Gaza Strip.

Large Outage in Pakistan

Wed, 26 Oct 2011 19:02:07 -0500

For about 3.5 hours today, almost half of the Internet in Pakistan was down. Renesys observed 46% of the routed networks of Pakistan withdrawn from the global routing table between 19:37 and 23:02 UTC making this the largest Internet outage we have observed in the country in recent years.

Asia on My Mind and on the Move

Thu, 20 Oct 2011 11:39:17 -0500

Undersea cables are expensive to install. But if you're an Asian Internet hub trying to connect to other Asian Internet hubs across un-cabled waters, what else can you do?

Well, one alternative we see is Internet Providers heading to California, as many Asian providers opt for Internet paths out of Asia to the west coast of the US, and then back to Asia. These tortuous routes, aptly called hair-pinning (observe their supple shapes), may be cost-effective initially, but generate latency, which can be a problem for some businesses (and their end users).

Pinning Down Latency

Fri, 07 Oct 2011 12:35:13 -0500

Packet latency is a big issue in Internet-based applications (i.e. the stuff in the cloud). In conducting analysis on Internet infrastructure over the years, we have seen many patterns of connectivity. One such pattern that can wreak havoc on latency is "hair-pinning", a phenomenon where traffic takes an unnecessarily long physical path between two points on the Internet due to suboptimal routing. The increased distance results in increased latency, and the "lag" or "sluggishness" that users experience as a result can hinder latency-sensitive online applications whether they are financial trading applications or MS SharePoint.

Irene Wallops US Internet

Tue, 30 Aug 2011 11:49:23 -0500

Hurricane Irene knocked out power to millions of homes and businesses as it travelled up the US East Coast this weekend. Even as the winds subsided, torrential rains triggered savage flooding throughout Eastern New York state and Vermont, tearing up roads and exposing the telecommunications infrastructure to further risks. The storm's impacts were clearly visible in the Internet's global routing table, as tens of thousands of networks were cut off from the rest of the world.

Here are a couple screenshots from our Internet Health Portal, which we provide to the US Computer Emergency Readiness Team (US-CERT). During an emergency like Hurricane Irene, this tool provides the US-CERT with critical information about the availability of Internet services across America. Working from lists of impacted customers in each state and county, and lists of correlated outage events, we can supply a lot of useful information about the problems being experienced by enterprises in the affected area. That information can be passed along to state and local governments to aid in prioritization of disaster relief.

The Battle for Tripoli's Internet

Sun, 21 Aug 2011 07:15:00 -0500

As dawn broke in Libya on the morning of Sunday 21 August, it appeared that the battle for control of Tripoli was underway. Throughout the night, a steady stream of tweets and retweets emerged from Libyan sources, painting a confusing, often contradictory picture of the evolving situation.

We're still piecing together the data that can confirm or deny much of what's been reported overnight, but one thing is clear: something very strange was going on with Tripoli residents' Internet access. Service was restored suddenly in Tripoli, flickered on and off for a couple of hours, and then died, with the majority of the country's international BGP routes withdrawn from service for good measure. Today the routes are back in Tripoli, but ADSL service isn't. This morning we're looking back at this curious overnight episode, and speculate about what might have happened.

Libyan Internet Instability

Fri, 12 Aug 2011 10:10:01 -0500

There hasn't been much to say about the Internet in Libya this summer, as their patterns of connectivity have been fairly stable. It was interesting, therefore, to observe that much of the country's Internet routing has started to show evidence of sporadic failures this week, which have gone unreported in the media.

The following plot shows the number of Libyan networks (blocks of Libyan IP addresses) that appear in the global routing table. There are typically 16 of these, all routed by Libyan Telecom and Technology (LTT) via Telecom Italia. This week they have suffered some impairment, in groups of 6 or 10, in episodes that typically last no more than a few hours.

There didn't seem to be any pattern to these outages, which took place at all times of the day and night. It seems to suggest power outages, rather than permanent facilities damage, or deliberate action by the government (for suppressing communications, say).

Is it possible that LTT is suffering power outages, and having trouble finding fuel for their generators due to NATO's unofficial fuel blockade of Tripoli?

One reason why the world at large may not have noticed much in the way of Internet impairment: the affected networks don't seem to be the same ones used to access the majority of Internet content from inside Libya. Looking at Google's plots of inbound traffic from Libya, these substantial network outages seem to have had very little impact on the daily traffic curves:

In other words, the handful of Libyan networks that aren't affected by these outages seem to be the same ones that are consistently generating the Google traffic. If you're lucky enough to be an LTT customer in one of these Internet neighborhoods (presumably in Tripoli), your connectivity stays up. Everyone else, well, you're on your own. Time for Internet in a suitcase?.

Tracing the Syrian Blackout

Fri, 10 Jun 2011 18:00:23 -0500

Updated Monday morning to include detailed Syrian network map, and include one-second BGP plots during the day of outage. --jim

Thanks to everyone who's stopped by this week to read about the Internet blackout that affected Syria last Friday. We're always glad to hear your comments, especially when you fill in some of the missing parts of the story that aren't obvious from the data.

A lot of the questions we've received about Syria this week have speculated about a repeat performance of last week's Internet blackout. Would the Syrian Internet get shut off again this Friday, as it was last Friday? Would it be visible in the BGP routing table? Would this become a recurring tactic, just another mechanism for crowd control?

Initial data from Google's transparency report suggest that total traffic was down, even compared to a normally quiet Friday.

But looking at the broader picture, a couple things are clear. First, there was no repeat of last week's event, in which two-thirds of all Syrian networks became flatly unreachable from around the world, an Egyptian-style disconnection at a very fundamental level. This week, while traffic levels were reduced (perhaps throttled or rate-limited, as in Iran), the routes themselves remained intact.

If you wanted to reach a Syrian website Friday, or if a Syrian browser wanted to reach a European website, the paths were known and the lines were open. Whether you could actually get enough bandwidth to upload videos, or make a Skype call, was another story. We've heard some anecdotal evidence that there were connectivity problems. But anecdotes aren't data.

Speaking of data, that's another question we get all the time. How do we examine a market like the Syrian Internet, and make our call about the structural availability of routes to its networks? Let me take a moment and describe some of the technology behind these reports.

World IPv6 Day

Wed, 08 Jun 2011 15:01:01 -0500

Today is World IPv6 Day, a day when major content providers have agreed to furnish service over IPv6 for a 24-hour test period. Hopefully, you didn't notice anything different about your Internet experience today, but providers will have gained valuable experience with the technology and any technical hurdles that remain to be overcome. In this blog, we'll report on how far into the IPv4-to-IPv6 transition we actually are and, more importantly, just how far we have to go. There is no denying that there has been a tremendous amount of progress in the last decade or so, but much remains to be done and we are only at the very beginning of a long process.

Syrian Internet Shutdown

Fri, 03 Jun 2011 09:09:26 -0500

(Updates on the restoration of Syria's internet at the bottom of this page. --jim)

Starting at 3:35 UTC today (6:35am local time), approximately two-thirds of all Syrian networks became unreachable from the global Internet. Over the course of roughly half an hour, the routes to 40 of 59 networks were withdrawn from the global routing table.

This image shows the current state (green: reachable, red: unreachable) of each network prefix in the Middle East this morning, visualized as a packed Hilbert-curve representation. The size of the colored area is proportional to each country's Internet presence, so you can see that Syria's Internet (red block near the top center) is a little smaller than that of Kuwait.

Qwavvis: The Battle for Second

Fri, 29 Apr 2011 11:56:48 -0500

About two weeks ago, Level 3 announced plans to acquire Global Crossing and we blogged on the enormous size and scope of the new entity, which we called Level Crossing. This week, CenturyLink, a regional US phone company, agreed to acquire Savvis. Since CenturyLink also owns Qwest, we are seeing another merger of two Tier-1 Internet providers, a pairing which we'll label Qwavvis. In what follows, we examine the possible business considerations behind the move, as well as the impact on Internet transit customers and Renesys Market Intelligence rankings.

Level Crossing

Thu, 14 Apr 2011 14:53:53 -0500

On Monday, 11 April 2011, Level 3 announced they had entered a definitive agreement to acquire Global Crossing. According to the Renesys Market Intelligence rankings, this merger would bring together the world's #1 and #2 global providers, with over half the Internet market on earth dependent on the combined entity. If the deal gained regulatory approval in the US and elsewhere today, how would the Internet provider landscape change? We'll answer that question in this blog, giving the proposed union a fictional name of Level Crossing for the purposes of our discussion.

Japan Quake

Fri, 11 Mar 2011 19:20:43 -0500

Today's 8.9 magnitude earthquake in Japan has had surprisingly limited impacts on the structure and routing dynamics of the regional Internet. Of roughly 6,000 Japanese network prefixes in the global routing table, only about 100 were temporarily withdrawn from service — and that number has actually decreased in the hours since the event. Other carriers around the region have reported congestion and drops in traffic due to follow-on effects of the quake, but most websites are up and operational, and the Internet is available to support critical communications.

What Libya Learned from Egypt

Sat, 05 Mar 2011 05:58:04 -0500

Libya's nationwide Internet blackout is entering its second full day. From a technical standpoint, it's clear that this is a very different strategy than the one used by Egypt in the last days of the Mubarak regime. The ultimate outcome is probably going to be the same. Let's take a few minutes to compare the two, and think about the implications for future Internet engagements in the Jasmine Revolution.