Renesys Blog

The Geopolitics of Iranian Connectivity

Thu, 11 Feb 2010 07:59:18 -0500

As Iran celebrates the anniversary of the 1979 Islamic Revolution, it seems like an opportune time to look in on the evolving state of their Internet connectivity. When we last looked, after the disputed elections in June 2009, the picture was one of uneasy stability: logically diverse but physically constrained transit via the United Arab Emirates, backup transit via Turkey. Today, a third way out of the bottle is visible in the routing table: substantial amounts of Internet transit have materialized through a Russian provider. And there, in those obscure entries in the global Internet routing table, may lie echoes of Iran's larger geopolitical strategy.

Much Ado About Baidu

Wed, 13 Jan 2010 05:58:00 -0500

As our faithful readers know, Renesys monitors routing on the global Internet in real time and uses that information in a variety of ways. For example, we can instantly let you know which networks a hurricane has disabled or even tell you when a war has left things pretty much as they were. In short, we keep an eye on the Internet, the entire Internet, but this is all done at the level of IP addresses and the paths they follow.

The recent attack on Twitter got us thinking. Maybe we should be keeping an eye on a few more things? While your IP addresses and routes to them might be completely stable, the average user doesn't know about those. In other words, when was the last time you typed ...
http://216.239.59.104
instead of ...
http://www.google.com
into your browser?

What if someone manages to point your domain name to some other IP addresses? You would still be operational as far as the Internet routers were concerned, but no humans would probably be reaching you. And that's the problem we'll briefly consider in this blog.

A Baker's Dozen in 2009

Thu, 31 Dec 2009 23:59:59 -0500

As our regular readers know, Renesys collects a lot of Internet routing data, using it to create reports and products based on hard facts and objective analysis. Perhaps the only controversial thing we do with our data is to rank all the service providers in the world: globally, by geography, and by market segment. The rankings are a rather crude measure of size, as they are based entirely on the quantity of IP space ultimately transited by each provider. However, it's the ranking trends that are more revealing than any absolute number. Who is adding customers? Who is losing them or just standing still? Changes in IP transit answer these questions and more. Although there are obvious shortcomings in this approach, it is certainly objective and the process is fully automated. All of our rankings are updated daily and available via our Market Intelligence offering. In this posting, we will take a look at the top 13 providers in the world for 2009 and how they have jockeyed for position throughout the year, similar in spirit to our December 2008 blog, which provides more details about our methodology. We will see what a difference a year has made and highlight some of the more interesting changes.

Bonjour, Y'all! ASN Split Personalities

Tue, 08 Dec 2009 20:59:42 -0500

Remember when the telephone company came to your house to hook up your phone and gave you a new phone number? This new number was how your friends and family were going to contact you. You counted on the telephone company to ensure that someone hadn't already been issued that number, because if they had, various problems would ensue. What would happen when your mom tried to call your number if it was also assigned to someone else? Could you directly call the other party to work out the problem? Well, in the BGP realm, something similar has been happening with autonomous system numbers (ASNs).

Organizations need an ASN to run BGP and route on the Internet. They are each assigned globally unique ASN(s) by their local Regional Internet Registry (RIR), who get them from IANA. A few weeks ago, the NANOG folks noticed that AS1712 had been registered by two different organizations (in France and Texas) that were both using the number to announce their separate network prefixes. ARIN issued a statement conveying that they were aware of the problem and were working to resolve it. We took a look at the data and found that AS1712 isn't the only dually-assigned ASN out there. In fact, even a root server didn't escape unscathed.

IP Backbone: Hard sell, not so much

Fri, 20 Nov 2009 15:14:55 -0500

Think you're too busy to blog? Think again. Or just ask your boss. After more than 100,000 miles in coach class this year (so far), my backbone may be aching, but the IP backbone market is as agile and dynamic as ever. Sales opportunities abound, but to take advantage, you'd better be savvy, and just a little cagey.

So, as our gleaming 777 departs Kuala Lumpur, I'll just relax in my fully-reclined, ultra-deluxe coach seat and tell you what this globetrotting sales guy has seen, heard and figured out.

Two new trends
As if the global financial crisis weren't enough, beleaguered NSPs have to rejigger their business plans (yet again) to accommodate encroachment from brazen usurpers and ever more competitive pricing:

Large eyeball networks (5 million+ subscribers) are selling paid peering to the largest content providers.
There are big price reductions in IP transit all over eastern Europe - now close to parity with western Europe.

Lights Out in Rio

Wed, 11 Nov 2009 01:43:25 -0500

When the power goes out to a large part of Brazil, as happened last night shortly after 10pm, it's going to have an impact on telecommunications.

Staring Into The Gorge: Router Exploits

Wed, 19 Aug 2009 05:32:31 -0500

I'm writing this blog entry from the campground at Vermont's beautiful Quechee Gorge, where I took the kids after work. Yes, Renesys is located smack in the middle of some of the nicest hiking, camping, and climbing on earth. No, you shouldn't move here, Northern New England has enough out-of-staters already, thanks. Unless, that is, you are an unusually talented web developer, have worked as a peering coordinator, or know the Internet transit industry inside-out, in which case you should send me your CV, posthaste. thanks, --jim

Here We Go Again.

Imagine an innocent BGP message, sent from a random small network service provider's border router somewhere in the world. It contains a payload that is unusual, but strictly speaking, conformant to protocol. Most of the routers in the world, when faced with such a message, pass it along. But a few have a bug that makes them drop sessions abruptly and reopen them, flooding their neighbors with full-table session resets every time they hear the offending message. The miracle of global BGP ensures that every vulnerable router on earth gets a peek at the offending message in under 30 seconds. The global routing infrastructure rings like a bell, as BGP update rates spike by orders of magnitude in the blink of an eye. Links congest. Small routing hardware falls over and dies. It takes hours for things to return to normal.

Routing Redundancy: How much is enough?

Sat, 15 Aug 2009 12:17:30 -0500

Internet connectivity is a good thing. Many of us depend on it for everything from our livelihoods to our entertainment. However, the Internet is very fragile and even the The New York Times is worried about it. But they're primarily concerned with overloads that can occur when everyone on the planet does the same thing at roughly the same time, such as surfing for news about Michael Jackson. Unfortunately, we will never avoid all such scenarios. Physical systems are designed around average and typical peak loads, not around extremely high loads associated with very unlikely events. Who would pay for that?

And this applies to other complex systems besides the Internet. I was in India during 9/11 and, for two days, I could not make a traditional phone call to the US. Why? Everyone in India knows someone in NYC, and they all picked up the phone at the same time to check in on them. The circuits were so overloaded, I couldn't even get the friendly "Your call cannot be completed as dialed" message.

No system is ever going to be engineered for insanely high loads. If everyone in your town decides to take a shortcut through your neighborhood to avoid an accident on the highway, you are going to have trouble getting out of your driveway. But rather than give up and wait it out, there is something you can do in advance and at reasonable cost: build a second driveway to a different street on the other side of your house, one that isn't fed by the same access roads from the highway. This blog is about building such redundancy into your Internet connectivity, so you aren't disconnected by a single failure. And while it's good that the New York Times and various governments are watching the problem, if your business depends on the Internet, you're largely on your own to audit and verify that you are buying a sufficient level of redundancy for your budget. A lot of fragility problems could be solved by more informed consumers performing the necessary due diligence.

The Proxy Fight for Iranian Democracy

Mon, 22 Jun 2009 06:30:00 -0500

If you put 65 million people in a locked room, they're going to find all the exits pretty quickly, and maybe make a few of their own. In the case of Iran's crippled-but-still-connected Internet, that means finding a continuous supply of proxy servers that allow continued access to unfiltered international web content like Twitter, Gmail, and the BBC.

Iran and the Internet: Uneasy Standoff

Tue, 16 Jun 2009 16:21:25 -0500

We've received enough interest about our previous notes on Iranian Internet connectivity that I wanted to give a brief update, and some reflections.

Strange Changes in Iranian Transit

Sun, 14 Jun 2009 07:33:22 -0500

Many media sources have reported outages in Iranian mobile networks and Internet services in the wake of Friday's controversial elections. We took a look at the state of Iranian Internet transit, as seen in the aggregated global routing tables, and found that the story is not as clear-cut as has been reported.

How a Resilient Society Defends Cyberspace

Fri, 29 May 2009 21:45:48 -0500

Seventy-five years ago today, on May 29th, 1934, Egyptian private radio stations fell silent, as the government shut them down in favor of a state monopoly on broadcast communication. Egyptian radio "hackers" (as we would style them today) had, over the course of about fifteen years, developed a burgeoning network of unofficial radio stations. They offered listeners an unfiltered, continuous mix of news, gossip, and live entertainment from low-powered transmitters located in private houses and businesses throughout Cairo.

It couldn't last. After two days of official radio silence, on May 31st, official state-sponsored radio stations (run by the Marconi company under special contract) began transmitting a clean slate of government-sanctioned programming, and the brief era of grass-roots Egyptian radio was over.

Reaching Google via Asia?

Thu, 14 May 2009 20:42:17 -0500

Across the Internet, yesterday, Google users twittered, blogged and emailed that Google search and mail were not usable. And, yesterday afternoon, on Google's official blog, Urs Hoelzle reported that Google "direct[ed] some [...] web traffic through Asia".

AfNOG Takes Byte Out of Internet

Tue, 05 May 2009 15:47:11 -0500

A couple of months ago, we discussed how a small Czech provider ended up causing global Internet mayhem by tickling a Cisco bug via a rather ridiculous routing announcement. While it's easy to fault the instigator of this meltdown, ultimate responsibility belongs with the vendors of poorly tested code. If we've learned anything in decades of software engineering, it is that you can't assume anything about user input. If you don't check that input for validity, you are not just being careless, you are creating a time bomb that will eventually go off. Another such bomb went off on Sunday, 3 May 2009, taking out a large swath of the Internet. We recount the sorry tale here.

The Blind Routing the Blind

Mon, 04 May 2009 06:00:00 -0500

In our last blog entry, we talked about measuring the state of routing anarchy that exists on the Internet on a per-country basis. We looked at every routed network (prefix) by country of origin and tried to answer the question: do folks do what they say and say what they do, as articulated via routing registries? Although many manage to administer their routes with care, the overall results are quite varied. And without some way of verifying routes via some authoritative source, we are left only with the current system of believing everything we're told and hoping for the best. The dangers of such a system are demonstrated dramatically from time to time.

Although they certainly could, countries typically don't exercise any control over the routing hygiene of the companies operating within their borders. Countries might tax those companies, filter their traffic for objectionable content, mandate the types of software or equipment they can use and even spy on them, but if a company wants to screw up routing on the global Internet, well that's their business. As we've noted in the past, no driver's license is required on the Information Superhighway, as there are essentially no rules, regulations or enforcement. So in this blog entry, we'll apply our scoring idea to those who can easily effect change, namely, those organizations who are ultimately responsible for how traffic flows on the Internet.