Cogent (AS174) has established a direct connection to the America Online Transit Data Network (ATDN) (AS1668). This long-awaited connection completes Cogent's effort to directly connect with every transit-free network in the world and qualifies them, for the first time, as being transit-free.

In one sense, this is an unsurprising event. ATDN has been shrinking its transit network for some time in order to focus on their revenue-producing ad business. AOL/Time Warner has been selling off their European access networks since 2006. At the same time, Cogent has been adding customers and growing and peering. So that these two networks would eventually connect (re-connect) is unsurprising.

But the history between these two organizations is textured and murky. This connection is particularly interesting in part because of this history. It's also interesting because of how different these two networks are, in almost every respect: history, revenues, business model, culture, brand. I'll take a look at where Cogent is, the history between Cogent and AOL, and what this all might mean for the Internet.

Continue reading "Cogent Becomes Transit-Free " »

When we wrote about the issues surrounding the management of the L root, four questions came to mind immediately, which we will review here as way of a concluding blog on this topic. We also presented this work and our questions at NANOG 43 and OARC 2008 DNS-Operators Workshop. Unfortunately, we don't have many answers and welcome clarification from anyone in the know. The questions are

• Why wasn't ICANN using their own IP space?
• Why the change after 10 years?
• Why wasn't the old space simply given to ICANN?
• Why all the bogus L root servers?

We will summarize what we know about these issues.

Continue reading "Root Reprise: More Questions than Answers" »

Our blog on the L root server received quite a few comments, both at our site and others (e.g, Slashdot, CircleID, CircleID, and various DNS newsgroups). Negative responses tended to follow a "no harm, no foul" line of reasoning, which sadly completely misses the point. So we'll restate the central issue here again and talk about safeguards you can take today if you operate a DNS server or BGP-enabled router.

Continue reading "Securing the Root" »

There have been a number of attacks on the root name servers over the years, and much written on the topic. (A few references are here, here and here.) Even if you don't know exactly what these servers do, you can't help but figure they're important when the US government says it is prepared to launch a military counterattack in response to cyber-attacks on them.

This posting is about an attack on one such root name server. Actually, "attack" isn't really an appropriate term. It was not really an attack or a hijack or even identity theft. For one thing, these terms imply the existence of both a victim and a villain. In this story, the villains are not obvious and there might not have been any victims. And as we will see, you can't really steal something you own. All we can say for certain is that many of you, if not most, probably used an unauthorized root name server over the past few months and were blissfully unaware of it. These bogus servers may have acted just like a normal root server, providing the correct answers to your queries without logging your requests. But since these servers are now shut down, we can no longer investigate what they were doing. And we can only guess at the motivations of those who set them up.

Continue reading "Identity Theft Hits the Root Name Servers" »

Here at Renesys, we've almost come to expect that natural disasters will be immediately reflected in changes to Internet routing. We've certainly seen that in events such as Hurricane Katrina and the Taiwanese earthquakes. So it was with some surprise that neither the earthquakes in Sichuan province in central China or the Myanmar cyclone registered so much as a blip on our Internet radar.

We currently geo-locate 3 networks (prefixes) to Myanmar and over 2000 to Sichuan province. Over the course of these unfortunate tragedies, we have seen only a normal level of network instability or outages. In the case of China, since the large providers into the country tend to do a good job aggregating prefixes, visibility into the behavior of smaller prefixes only comes from having in-country sources of data. But even our Chinese peers show nothing abnormal with respect to Sichuan networks. Hopefully the apparent lack of damage to the communications infrastructure in these areas will help speed relief efforts.

Randy Epstein of Host.net and WVFiber graciously (or perhaps maliciously, given the quality of the performance) filmed and did the post-production on the recent performance at the Global Peering Forum. If I had a virtual tip jar, I would set it out. Enjoy:

At the recent Global Peering Forum I performed a spoof song based on the recent YouTube hijacking. (I'm told that video will eventually be available, at which point I'm sure I'll have to go into hiding at an undisclosed location.)

American Pie was previously parodied at a RIPE meeting and now is practically a tradition, much to Mike Hughes's chagrin, as he thinks it's overdone already. The great thing about the original song is that it's choc full of references in the music industry. I tried to pepper several more into my version (and I have a few additional verses in progress that I just didn't finish).

What links would you provide to these references? What additional references do you think are important and missing (given the history of the Internet theme)?

The Day the YouTube Died

A long long time ago
I can still remember how the videos used to make me smile.
And I knew if I had my chance,
I'd watch the prison thriller dance
and maybe I'd be happy for a while.
But February made me shiver with every packet I'd deliver
bad routes in the tables, the paths they were not stable.
I can't remember if I cried when I saw my request was denied
but boredom welled up deep inside
the day the YouTube died.

Continue reading "The Day the YouTube Died" »

On March 28th at 17:52 UTC, we saw the peering link between Telia and Cogent come back up. Recently, peering disputes, especially with Cogent, tend to be all about traffic ratios: as long as both parties send roughly the same amount of traffic to each other, life is good. But when the ratios get out of whack, someone's feelings get hurt (more specifically someone's business model is threatened). Before the de-peering, we would typically see Cogent using Telia to reach around 2700 networks (prefixes). Now that count has dropped to just about 1450 networks. On the other hand, Telia used to reach approximately 7000 networks via Cogent and that number has now increased to almost 8600. So was Cogent sending too much traffic to Telia before? Did Telia then do something to provoke Cogent to turn them off (like send a bill)? We'll never know definitively, but someone blinked and the Internet is now whole again.

While this is good for the Internet, Cogent claimed that this dispute was about capacity issues and no one orders and installs new high capacity circuits in a week, especially during a contract dispute. So if there was a capacity issue, there is still a capacity issue. As a result, the situation is bound to be very fluid for the next few weeks. We'll update this blog as we analyze the resulting shifts in routing.

As in most lovers' quarrels, it is difficult to objectively evaluate the claims of the combatants. Naturally, we tend to side with the person we know best, as it's their viewpoint we hear most often and are inclined to be sympathetic towards. Both Cogent and Telia are claiming to be the aggrieved party in their peering dispute and are now making their case in the court of public opinion. We will almost certainly never know the details of their private business relationship, but we can make a few more inferences from the data. Let me state up front that, like many major ISPs, Telia and Cogent are customers of Renesys and we love them both equally. Everything we report in our blogs is based on objective analysis of our global data, independent of our own business relationships.

Continue reading "He said, she said: Cogent vs. Telia" »

Cogent and Telia are having a lover's quarrel and, as a result, the Internet is partitioned. That means customers of Cogent and Telia cannot necessarily reach one another. This was not due to a configuration error or a physical cable break. This is the way the Internet works and sometimes doesn't work. If the businesses that run the show don't play nice with one another, their customers can pay the price of being cut off from parts of the 'net. At least when Pakistan mistakenly hijacked YouTube, the matter was sorted out in hours and did not require the cooperation of Pakistan. The Cogent/Telia tiff has been going on for 4 days now and only they can resolve their differences. The rest of the world can only hope for full connectivity to be restored.

Continue reading "You can't get there from here" »