Wired vs Wireless

August 2010

I never thought I'd see the day when the difference in capability between a wireless and a wireline Internet would become a core policy differentiator in a national election, but this has now happened in Australia. Perhaps it's a timely indicator of just how important the Internet is in our daily lives these days, and how much we've managed to associate keeping in touch with family and friends with tools such as Jabber and Skype, and just how much of our daily working life is now mediated by email. It seems that everyone has an interest in a ubiquitous, fast and cheap internet. Now that interest has been taken up as a major policy differentiator by both sides of the political spectrum in the recent Australian election. What was this all about? more...

Background Radiation in IPv6

July 2010

It's clear that these days the IPv4 Internet is now heavily polluted with various scanners and probes that attempt to detect the presence of vulnerable systems. This traffic is "dark" traffic in that it exists irrespective of whether it solicits a response from a remote system or not. Background levels of traffic associated with scanning, backscatter, misconfiguration and leakage from private use contexts all contribute to this traffic volume. If IPv4 is so polluted, then what about IPv6? more...

DNSSEC - A Review

June 2010

After many years, the root of the DNS is evidently going to be signed in the coming weeks using DNSSEC. Given that this is an event that has taken more than fifteen years to come to fruition, I thought it might to useful to have another look at DNSSEC to mark this long anticipated milestone. more...

Two Simple Hints for Dual Stack Servers

May 2010

It seems that the imminent prospect of IPv4 address exhaustion has managed to generate a renewed interest in IPv6. A number of the conversations I have had lately have been about setting up dual stack servers, and there is a widespread concern that if you convert a server from single stack IPv4 to dual stack then some clients will have problems in accessing your site. The same concern has been voiced with converting a mail server from single stack to dual stack. Here are two very simple hints may be of assistance to you. more...

Measuring More IPv6

April 2010

Further studies on the amount of end-to-end IPv6 capability in today's Internet reveals that the extent of full end-to-end IPv6 capability in today's Internet is now at a level of 5% of all end systems, at least within the scope of the systems studied here. This number is now at a level where the level of IPv6 deployment is now passing from mere statistical interest to mainstream commercial importance. This month's column takes a more detailed look at measurement of end-to-end IPv6 support in today's Internet. more...

Traffic in Network 1.0.0.0/8

March 2010

It is clear that there is a significant amount of traffic that is being directed to addresses in 1.0.0.0/8, and it is well in excess of 10Mbps of sustained load. This traffic is likely to be a combination of leakage of traffic from private use domains, potential leakage from mis-configured equipment and a certain amount of scanning activity that passes across 1.0.0.0/8 as part of a walk across the entire network address range. The primary objective of this work was to quantify the extent to which all networks in 1.0.0.0/8 attract "pollution" or "unwanted" traffic. more...

Roll Over and Die?

February 2010

It is considered good security practice to treat cryptographic keys with a healthy level of respect. RFC4641 states: "the longer a key is in use, the greater the probability that it will have been compromised through carelessness, accident, espionage, or cryptanalysis." Even though the risk is considered slight if you have chosen to use a decent key length, RFC 4641 recommends, as good operational practice, that you should "roll" your key at regular intervals. What could possibly go wrong? more...

Addressing 2009

January 2010

It's January again, and being the start of another year, it's as good a time as any to look at the last 12 months and see what the Internet has up to in 2009. The Internet's continuing growth can be viewed using many forms of metrics, including number of connected customers, the count of web pages, or selected measures of network traffic. One perspective comes from an examination of the records of address allocations that were made by the five Regional Internet Registries (RIRs). more...

NXDOMAIN?

December 2009

Who would buy non-existent DNS names? Well, it should come as no surprise that in a world where there is already a large and valuable market for selling DNS names that are not Internet-visible as service endpoints, there is also a valuable market in identifying yet more names that users are using in their applications that are not even visible to the DNS. There is value in catching the NXDOMAIN responses from a DNS resolver and substituting a page impression. There is value in the so-called practice of "typosquatting". more...

Stateless and DNSperate!

November 2009

I've often heard it said that the world is full of bad ideas. But no matter how many bad ideas there may be, the good news is that there is always room for one more! So in the spirit of "more is better" I'd like to offer the following as yet another Bad Idea (http://bert.secret-wg.org/BIF/index.html). There is also the intriguing possibility that this flawed concept could be made to work, making this a thoroughly Useless Tool (http://bert.secret-wg.org/Tools/index.html) at the same time! more...

RIPE at 59!

October 2009

RIPE, or Réseaux IP Européens, is a collaborative forum open to all parties interested in wide area IP networks in Europe and beyond. The objective of RIPE is to ensure the administrative and technical coordination necessary to enable the operation of a pan-European IP network. RIPE has been a feature of the European Internet landscape for some twenty years now, and it continues to be a progressive and engaged forum. These days RIPE meets twice a year, and the most recent meeting was held at Lisbon, Portugal, from the 5th to the 9th of October 2009. In this column I'd like to share some of my impressions of this meeting. more...

Is the Transition to IPv6 a "Market Failure?"

September 2009

Many views of the transition to IPv6 assume that the combination of the factors of the imminent exhaustion of the unallocated pool of IPv4 addresses and the conventional dynamics of an open competitive marketplace in the ISP sector will be sufficient to propel the transition to IPv6. The question I would like to pose here is: Is this an appropriate view of the transition to IPv6? An alternative view is that this transition to IPv6 has already stalled over the past decade, and we should be prepared to view the current situation as an instance of a "market failure" in economic terms, where the transition will require the impetus of some form of response associated with the distribution of a "public good", and that conventional market dynamics are in and of themselves incapable of sustaining such a transition. more...

Welcome to the personal site of Geoff Huston.

Geoff is an Adjunct Research Fellow at the Centre for Advanced Internet Architectures

Site Links:
   Columns
   Papers
   Books
   Presentations
   Tools
   Drafts In Progress

   CIDR Report
   BGP Report

   IEPG
   IETF Docs

This site is generously supported by APNIC. The material published here does not necessarily represent APNIC's views or policies.