Silicon cockroaches, 'dirty' IPv4 addresses and other Internet oddities

At IETF meeting, a peek under the covers of the 'Net's infrastructure reveals hidden quirks, threats

ANAHEIM, CALIF. – The world's leading Internet engineers see many surprising trends occurring under the covers of this complex network environment. Among their findings are the evolution of silicon cockroaches — tiny, mobile, unattended wireless devices — and "dirty" Internet address space that can't be used by network operators. Here are a few eye-openers about what’s really going on in the Internet infrastructure that were discussed at a meeting of the Internet Engineering Task Force (IETF) held in Anaheim last week.

10 fool-proof predictions for the Internet in 2020

Watch out for silicon cockroaches.

Network operators should prepare for an infestation of silicon cockroaches, a term used to describe Internet-connected devices such as mobile sensors, bio-medical systems and RFID-powered asset trackers that operate without human administration.

Aaron Falk, chair of the Internet Research Task Force, listed silicon cockroaches as a key factor in the Internet becoming a network of things, rather than a network of computers, in the future. Falk said 15 billion devices could be hooked up to the Internet by 2015, a figure that will be "orders of magnitude bigger" than the number of Internet-connected people. Silicon cockroaches pose several threats to network operators, including naming, security and management headaches that require additional research, Falk said.

Internet's third-largest carrier is Google.

If you thought Internet traffic was carried by, well, carriers, think again. In 2009, Google became the third largest global transit carrier on the Internet, according to Craig Labovitz, chief scientist at Arbor Networks. Labovitz said Google carries between 6% and 10% of the Internet's traffic, thanks to its acquisition of YouTube and its massive build-out of data centers. Arbor Networks came up with this figure based on a two-year study that involves monitoring more than 110 ISPs and content providers representing 25% of the Internet's inter-domain traffic. Labovitz said Google is helping change the topology of the Internet by creating a flatter, more densely interconnected Internet.

Farewell to peer-to-peer.

The era of BitTorrent, Kazaa, iMesh and other peer-to-peer (P2P) networking services appears to be ending, according to the Arbor Networks study of Internet traffic trends. The study measured P2P traffic as a percentage of overall Internet traffic and found that it declined more than 70% between 2007 and 2009. Now representing less than 1% of Internet traffic, P2P is the fastest-declining application on the Internet. The most popular applications are Web, video and VPN services. As video downloads rise, network operators are seeing more traffic entering their networks via Port 80, Labovitz said.

Warnings of an exaflood were exaggerated.

Internet traffic is growing at the rate of 45% a year, according to the Arbor Networks study. Labovitz calls this growth rate "significant," but says it doesn't approach an exaflood level. Exaflood is a term coined in 2006 to refer to projected growth rates of Internet traffic that would be 50 or 100 times bigger than it is today. The Arbor Networks study estimates the Internet's total inter-domain traffic volume per month was a large-but-manageable 9 exabytes in 2009.

Should Teredo be terminated?

Teredo is a tunneling mechanism that was designed to help transition the Internet from IPv4, the current version of the Internet Protocol, to the long-anticipated upgrade known as IPv6. Teredo encapsulates IPv6 packets inside IPv4 packets for transit over network address translation devices and IPv4 backbone networks.

The latest Internet statistics show only a trickle of Teredo traffic. This is despite the backing of Microsoft, which built Teredo capabilities into Windows XP, Vista and Windows 7, and Hurricane Electric, which operates a Teredo relay service. Geoff Huston, chief scientist at APNIC, estimates that Teredo represents only 5% of IPv6 tunneling traffic, down from as much as 20% in 2008. An alternative tunneling mechanism known as 6to4 is gaining in popularity, with Comcast seeing a 500% increase in 6to4 traffic in the last 30 days.

"The folks doing 6to4 tunneling as a percentage of IPv6 folks is increasingly rapidly, while the number of folks doing Teredo is really low," Huston said. "I'm not sure we need [Teredo.]" Huston estimates that tunneling of IPv6 traffic inside IPv4 packets represents around 10% of IPv6 sessions.

How much remaining IPv4 address space is "dirty?"

One topic that's coming up in the IPv6 community is the prevalence of "dirty" IPv4 address space, which refers to unallocated prefixes that are used by various organizations to number their internal networks. Marc Blanchet, an IPv6 expert with consultancy Viagenie, says that of 24 unallocated prefixes he reviewed, 22 were "dirty" and only two were "clean." The worry is that if a network operator starts broadcasting one of these "dirty" IPv4 prefixes, users will be shut off from sites and networks that use that prefix internally. The issue is important given that the Internet is expected to run out of IPv4 address space by 2012. The regional Internet registries said in January that less than 10% of IPv4 addresses remain unallocated.

Sweden: Not as secure as you think.

Sweden has been considered a leader in DNS security since 2006, when it became the first country to support DNS Security Extensions (DNSSEC) on .se, its country code top-level domain. DNSSEC prevents hackers from redirecting Web traffic from a legitimate Web site to a fake one by adding a layer of encryption to the DNS.

However, the largest domain name registrars in Sweden are not supporting DNSSEC, admits Patrik Faltstrom, a DNSSEC expert and long-time IETF participant.

"The banks in Sweden are not signing their names," Faltstrom says, adding that only 2% of .se domain names are signed. "The pick-up rate in Sweden has been very, very slow….Only governments and regulators are jumping in."

The Czech Republic has the highest number of signed domains with its .cz domain, Faltstrom says. The Czech Republic began supporting DNSSEC in 2009.

Will May bring embarrassment to the EU?

In 2008, the European Union made a splash with its prediction that it would widely deploy IPv6 by 2010. The EU set a goal of having 25% of its Internet users being able to connect to the Internet and access their favorite Web sites via IPv6 by May 2010.

The EU is going to miss that milestone, admits Yanick Pouffary, an IPv6 Forum Fellow and a Hewlett-Packard Distinguished Technologist. The best guess of the IETF community — compiled by Huston — is that 1% of Internet traffic uses IPv6. On the plus side, Pouffary said she is seeing more European carriers, particularly those offering mobile services, running trials of IPv6.


Copyright © 2010 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022