Routing Topics at RIPE 88

RIPE 88 was held in May 2024 at Krakow, Poland. Here’s as summary of some of the routing topics that were presented at that meeting that I found to be of interest. Bgpipe – A BGP Reverse Proxy Observing and measuring the dynamic behaviour of BGP has used a small…


DNS Topics at RIPE 88

RIPE 88 was held in May 2024 at Krakow, Poland. Here’s as summary of some of the the DNS topics that were presented at that meeting that I found to be of interest. DNSSEC Bootstrapping How can you start up a DNSSEC relationship between the parent zone and the delegated…


Calling Time on DNSSEC?

There have been quite a few Internet technologies which have not been enthusiastically adopted from the outset. In many cases the technology has been quietly discarded in favour of the next innovation, but in some cases the technology just refuses to go away and sits in a protracted state of…


A Transport Protocol’s View of Starlink

Digital communications systems always represent a collection of design trade-offs. Maximising one characteristic of a system may impair others, and various communications services may chose to optimise different performance parameters based on the intersection these design decisions with the physical characteristics of the communications medium. In this article I’ll look…


IPv6 Prefix Lengths

The topic of address plans for IPv6 has had a rich and varied history. From the very early concepts of “it’s just like IPv4, only with a 128-bit address field”, through the models of “Aggregation Identifiers” and the hierarchy of “Top-Level,” “Next-Level” and “Site-Level” defined in RFC 2373 from July…


DNSSEC and .nz

I had the opportunity to participate in the New Zealand Network Operators Group meeting (NZNOG) in Nelson earlier this month. This article was prompted by a presentation from Josh Simpson on an .nz service outage incident in May 2023. I guess we’ve become used to reading evasive and vague outage…


Coherent Optical Transceivers

I had the opportunity to participate in the New Zealand Network Operators Group meeting (NZNOG) in Nelson earlier this month. This article was prompted by a presentation from Thomas Weible of Flexoptix at NZNOG on the topic of Coherent Optical Transcievers. The first generation of optical transmission systems used simple…


DNS Topics at IETF 119

The Internet has changed quite radically in recent years. The proliferation of service and content delivery platforms at the edge of the network, fed by privately operated feeder networks has reamed out the transit core of the Internet. Most of the traffic and the overwhelming of value within the Internet…


Adding IPv6-only to DNS and Truncation in UDP

In February I looked at the behaviour of the DNS when processing responses in UDP which set the Truncated flag in the DNS response. In particular, I was looking for the incidence of DNS resolvers which used the Answer section in truncated responses (despite the admonition in DNS standards not…


KeyTrap!

The National Research Center for Applied Cybersecurity ATHENE has uncovered a critical flaw in the design of DNSSEC, the Security Extensions of DNS (Domain Name System). DNS is one of the fundamental building blocks of the Internet. The design flaw has devastating consequences for essentially all DNSSEC-validating DNS implementations and…