►
Een klein dorpje landje blijft dapper weerstand bieden tegen de oprukkende nieuwe versie van het Internet Protocol:
Twee weken geleden scoorde Nederland 14% en inmiddels is dit afgenomen tot 9%. Maar kan dat wel kloppen?
Volledig artikel / permalink - geplaatst 2022-12-01
▼
Al heel wat jaren kijk ik af en toe naar deze grafiek waar we kunnen zien hoeveel Google-gebruikers de beschikking hebben over IPv6:
Langzaam maar zeker gaat het wereldgemiddelde richting de 50%. In Europa bereikte België die mijlpaal al een aantal jaren geleden, en ook bijvoorbeeld Duitsland en Frankrijk zijn over de helft. Maar een klein dorpje landje blijft dapper weerstand bieden tegen de oprukkende nieuwe versie van het Internet Protocol:
Twee weken geleden scoorde Nederland 14% en inmiddels is dit afgenomen tot 9%. Maar kan dat wel kloppen? Uit de statistieken voor IPv6-gebruik in Nederland van Facebook, Akamai en APNIC komt toch een heel ander beeld naar voren. Ik heb ze hier gecombineerd:
Met zo'n 37% doet Nederland het nog steeds aanmerkelijk slechter dan de buurlanden. De grafieken laten wel duidelijk verschillen zien, maar het verschil met Google is wel van een andere orde. Het lijkt erop dat er toch iets bijzonders aan de hand is met Google's IPv6-metingen in Nederland.
En wat zou kunnen verklaren dat Nederland het qua IPv6 slechter doet dan de buurlanden? Ik begrijp dat zowel Ziggo/Vodafone als KPN, de twee grote consumenten-ISPs in het land, IPv6 nu wel standaard aan zetten op hun laatste generatie modems, maar niet op de oudere modems die veel klanten nog gebruiken. Het is goed mogelijk dat in onze buurlanden de breedband-revolutie wat later op gang kwam zodat gebruikers daar gemiddeld nieuwere modems hebben. En waarschijnlijk voelen ISPs in Nederland de druk minder omdat Nederland relatief veel IPv4-adressen heeft. Een kleine vergelijking:
US: 1617.10 M = 4.85 IPv4-adressen per inwoner
DE: 123.73 M = 1.47 IPv4-adressen per inwoner
FR: 82.34 M = 1.21 IPv4-adressen per inwoner
NL: 49.96 M = 2.81 IPv4-adressen per inwoner
BE: 12.36 M = 1.06 IPv4-adressen per inwoner
Ik ben benieuwd hoe dit zich de komende tijd gaat ontwikkelen.
Permalink - posted 2022-12-01
Recently, a few podcasts that I listen to talked about smart home technology. We also got the release of new smart home standards Thread and Matter. So I want to look at what smart home options have worked for me, and see if it's possible to draw any conclusions about what could work for most people. (As in: who don't enjoy tinkering with tech for its own sake.)
Lees het artikel - geplaatst 2022-11-27
Interesting blog post on the APNIC blog by Doug Madory:
On 17 August 2022, an attacker was able to steal approximately USD 235,000 in cryptocurrency by employing a BGP hijack against the Celer Bridge, a service that allows users to convert between cryptocurrencies.
In this blog post, I discuss this and previous infrastructure attacks against cryptocurrency services. While these episodes revolve around the theft of cryptocurrency, the underlying attacks hold lessons for securing the BGP routing of any organization that conducts business on the Internet.
Using BGP to steal cryptocurrency is happening with some regularity now...
The important lesson comes at the end: Amazon shouldn't have RPKI ROAs for a /10 and a /11 with a maximum prefix limit of /24.
This way, the attacker, thanks to an ISP that didn't properly filter its customer's BGP announcements, was able to advertise a /24 out of Amazon's address space and have that announcement be labeled "valid" by RPKI route origin validation.
Amazon advertises a /11, and if the maximum prefix length in the ROA for that /11 had been just /11, the attacker wouldn't have been able to "shoplift" just that /24, but they'd have to go head-to-head against Amazon for that entire /11. That would have had a much lower chance of success and much higher chance of being noticed quickly.
(Shameless plug: if all that RPKI and ROA talk is gibberish to you, my new BGP e-book has a section on what RPKI is and how it works.)
Permalink - posted 2022-11-24
I did it again... I wrote another book.
20 years ago O'Reilly published my first book, titled simply “BGP”. My goal with that book was to write the book that I would have liked to have read when I started my journey with the Border Gateway Protocol, the internet's routing protocol.
Although amazingly, we still use the same version 4 of the BGP protocol as in 1994, a lot has changed. As updating my previous book was not in the cards, I decided to write a completely new book about BGP. It's called “Internet Routing with BGP” and it's now available as an e-book. See the end of the article for details and links.
Lees het artikel - geplaatst 2022-11-18
▼
The book is now available through Amazon in Kindle format, Apple Books in EPUB format and the Google Play Store in PDF and EPUB formats. The price is US$ 9.99 or € 9.99 (or similar in other currencies).
The PDF version has the best formatting, so I recommend that version if you're reading on a computer with a relatively big screen. The EPUB version is also good, but you may have to change the font size and/or sometimes rotate your reader to landscape for the router output examples to show properly. With the Kindle version, that output looks a bit different.
Book description:
The internet is “a network of networks”. It's made up of tens of thousands of largely independent networks, but somehow the users of one network can communicate with the users of any of the other networks. The Border Gateway Protocol (BGP) is the glue that binds these disparate networks together.
BGP is a routing protocol: its main job is to allow each network to learn which ranges of IP addresses are used where, so packets can flow along the correct route.
However, BGP has a more difficult job to do than other routing protocols. Yes, it has to make the packets reach their destination, but BGP also has to pay attention to the business side: those packets only get to flow over a network link if either the sender or the receiver pays for the privilege.
This book covers the fundamentals of the technical side of BGP, and also looks at the intersection between the technical and business aspects of internet routing.
The book contains 40 configuration examples that readers can try out on their own computer in a “BGP minilab”.
You can read several sample chapters
in PDF format or
as an EPUB e-book.
The book is also available directly from me as a site license.
Full details at the book description page.
Permalink - posted 2022-11-18
When I wrote my first BGP book
I painstakingly made the config examples on actual Cisco routers. In my opinion, it's crucial
to make sure that configuration examples that go in a book actually work.
So when I started writing my new BGP book, I did the same. But
this time, I used open source routing software (FRRouting)
running in Docker containers.
Basically, those containers
are very light-weight virtual machines.
This makes it possible to run a dozen virtual routers that start up and shut down in just a few seconds.
So it's very easy to run different examples by starting the required virtual routers with the
configuration for that example.
This was super useful when I was writing the book.
So I thought it would also be very useful for people reading the book.
So I'm making the "BGP minilab" with all the config examples from the book available to my readers.
Download version 2022-11 of the minilab that goes with the first version of the book here.
You can also run the examples in the minilab if you don't have the book.
And you can create your own labs based on these scripts.
The minilab consist of four scripts:
- start: to start an example or lab
- connectrouter: connect to an already running virtual router
- stoprouters: to stop all running routers
- run-gortr: runs the GoRTR RPKI cache
There are Mac/Linux shell script and Windows Powershell versions of each script.
Permalink - posted 2022-11-11
oudere posts
- nieuwere posts
