Re: is this like a peering war somehow?
On Thu, 19 Jan 2006 23:44:59 +, Paul Vixie [EMAIL PROTECTED] said: proving once again that peering ratios only matter if the other guy's customers can live without your assymetric content, here are two articles i saw today via slashdot. what's interesting to me is whether bellsouth will be sued some time later by some other content provider for de-peering them without also having applied the same rules to google. note, this isn't a bellsouth-specific rant, they just happen to be mentioned in today's story. Carriers trying to charge content-providers for access to their network/customers is just part of a greater picture. The telco industry is fighting to re-establish their dominant position. Traditionally they've been able to pocket (extort) a large portion of the revenue for 3rd-party PSTN services (content services) themselves. Over the last decade they've gained control of the ISP-industry and noe they want to achieve the same level of control of the internet. The most conservative are even suggesting to remove internet-governance from the public domain. The European telecoms industry is openly urging the UN to take control of ICANN's role. In the process they are trying to place the functions of IANA and IETF in their belowed ITU. Their ultimate goal is to eliminate IP as a product, to be able to sell access to sub-protocols as individual services. //per -- Per Heldal http://heldal.eml.cc/
Re: The Backhoe: A Real Cyberthreat?
Imagine if 60 Hudson and 111 8th were to go down at the same time? Finding means to mitigate this threat is not frivolously spending the taxpayer's money, IMO; although perhaps removing fiber maps is not the best way to address this. No, removing fiber maps will not address this problem now that you have pinpointed the addresses that they should attack. Separacy is the key to addressing this problem. Separate circuits along separate routes connecting separate routers in separate PoPs. Separacy should be the mantra, not obscurity. End-to-end separation of circuits is how SFTI and other financial industry networks deal with the issue of continuity in the face of terrorism and other disasters. In fact, now that trading is mediated by networked computers, the physical location of the exchange is less vulnerable to terrorists because the real action takes place in redundant data centers connected by diverse separate networks. Since 9-11 was a direct attack on the financial services industry, people within the industry worldwide, have been applying the lessons learned in New York. Another 9-11 is simply not possible today. --Michael Dillon
The Cidr Report
This report has been generated at Fri Jan 20 21:46:42 2006 AEST. The report analyses the BGP Routing Table of an AS4637 (Reach) router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org/as4637 for a current version of this report. Recent Table History Date PrefixesCIDR Agg 13-01-06175331 116944 14-01-06176919 116794 15-01-06175363 116841 16-01-06175331 116943 17-01-06175450 116905 18-01-06175507 116948 19-01-06175709 117045 20-01-06176004 117172 AS Summary 21264 Number of ASes in routing system 8807 Number of ASes announcing only one prefix 1463 Largest number of prefixes announced by an AS AS7018 : ATT-INTERNET4 - ATT WorldNet Services 91246848 Largest address span announced by an AS (/32s) AS721 : DLA-ASNBLOCK-AS - DoD Network Information Center Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 20Jan06 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 176028 1171485888033.4% All ASes AS4323 1198 237 96180.2% TWTC - Time Warner Telecom AS18566 8919 88299.0% COVAD - Covad Communications Co. AS721 1030 309 72170.0% DLA-ASNBLOCK-AS - DoD Network Information Center AS4134 974 254 72073.9% CHINANET-BACKBONE No.31,Jin-rong Street AS22773 608 39 56993.6% CCINET-2 - Cox Communications Inc. AS855571 65 50688.6% CANET-ASN-4 - Canadian Research Network AS7018 1463 957 50634.6% ATT-INTERNET4 - ATT WorldNet Services AS19916 563 65 49888.5% ASTRUM-0001 - OLM LLC AS3602 520 107 41379.4% SPRINT-CA-AS - Sprint Canada Inc. AS812438 28 41093.6% ROGERS-CABLE - Rogers Cable Inc. AS6197 969 570 39941.2% BATI-ATL - BellSouth Network Solutions, Inc AS11492 644 249 39561.3% CABLEONE - CABLE ONE AS9498 507 128 37974.8% BBIL-AP BHARTI BT INTERNET LTD. AS4766 678 303 37555.3% KIXS-AS-KR Korea Telecom AS17676 477 102 37578.6% JPNIC-JP-ASN-BLOCK Japan Network Information Center AS17488 436 81 35581.4% HATHWAY-NET-AP Hathway IP Over Cable Internet AS6467 389 52 33786.6% ESPIRECOMM - e.spire Communications, Inc. AS4755 633 306 32751.7% VSNL-AS Videsh Sanchar Nigam Ltd. Autonomous System AS9583 838 545 29335.0% SIFY-AS-IN Sify Limited AS22047 379 89 29076.5% VTR BANDA ANCHA S.A. AS18101 326 37 28988.7% RIL-IDC Reliance Infocom Ltd Internet Data Centre, AS15270 356 75 28178.9% AS-PAETEC-NET - PaeTec.net -a division of PaeTecCommunications, Inc. AS14654 292 13 27995.5% WAYPORT - Wayport AS5668 515 243 27252.8% AS-5668 - CenturyTel Internet Holdings, Inc. AS3352 302 34 26888.7% TELEFONICA-DATA-ESPANA Internet Access Network of TDE AS6167 332 65 26780.4% CELLCO-PART - Cellco Partnership AS9929 322 57 26582.3% CNCNET-CN China Netcom Corp. AS16814 295 42 25385.8% NSS S.A. AS1239 848 605 24328.7% SPRINTLINK - Sprint AS6517 369 128 24165.3% YIPESCOM - Yipes Communications, Inc. Total 18163 57941236968.1% Top 30 total Possible Bogus Routes
Re: is this like a peering war somehow?
Whatever. No-one's actually trying to do some packets are more equal than others here in Europe, except for the mobile people with IMS and such. BT just transferred its access network into a new division with a specific remit to provide open access to all ISPs and alt- tels who want it. It's in the US that the RBOCs and cablesters are actually doing this. On 1/20/06, Per Heldal [EMAIL PROTECTED] wrote: On Thu, 19 Jan 2006 23:44:59 +, Paul Vixie [EMAIL PROTECTED] said: proving once again that peering ratios only matter if the other guy's customers can live without your assymetric content, here are two articles i saw today via slashdot. what's interesting to me is whether bellsouth will be sued some time later by some other content provider for de-peering them without also having applied the same rules to google. note, this isn't a bellsouth-specific rant, they just happen to be mentioned in today's story. Carriers trying to charge content-providers for access to their network/customers is just part of a greater picture. The telco industry is fighting to re-establish their dominant position. Traditionally they've been able to pocket (extort) a large portion of the revenue for 3rd-party PSTN services (content services) themselves. Over the last decade they've gained control of the ISP-industry and noe they want to achieve the same level of control of the internet. The most conservative are even suggesting to remove internet-governance from the public domain. The European telecoms industry is openly urging the UN to take control of ICANN's role. In the process they are trying to place the functions of IANA and IETF in their belowed ITU. Their ultimate goal is to eliminate IP as a product, to be able to sell access to sub-protocols as individual services. //per -- Per Heldal http://heldal.eml.cc/
Re: is this like a peering war somehow?
On Fri, 20 Jan 2006, Alexander Harrowell wrote: Whatever. No-one's actually trying to do some packets are more equal than others here in Europe, except for the mobile people with IMS and such. BT just transferred its access network into a new division with a specific remit to provide open access to all ISPs and alt- tels who want it. My guess would be that basically everybody doing triple play will prioritize the IPTV and VoIP packets in their network including the access. Considering that streaming UDP IPTV requires very very low packet loss, much better than Best Effort, this is needed to provide a good quality service. If you do LLQ you want to make sure you can control what goes into that class, that can be done several ways, including disallowing anything you don't know about (transit/ix) to go there. This is preferential treatment for some packets and it makes perfect technological sense. -- Mikael Abrahamssonemail: [EMAIL PROTECTED]
Re: is this like a peering war somehow?
My guess would be that basically everybody doing triple play will prioritize the IPTV and VoIP packets in their network including the access. Considering that streaming UDP IPTV requires very very low packet loss, much better than Best Effort, this is needed to provide a good quality service. This is preferential treatment for some packets and it makes perfect technological sense. But it's no magic bullet. Streaming live media also requires low jitter, especially if you are selling it as TV because viewers will join and leave channels often, as they change channels on their remote controls. This means you can't have big local buffers to hide jitter, therefore you have to build a network with enough capacity so that packets are all cut-through switched. It's possible to hide packet loss from IPTV by throwing away some other application's packets but you can't hide jitter on your network. And if you have built such a good network that you don't have jitter, there is not going to be any packet loss either so QoS does nothing at all. Preferential treatment can degrade service, but it cannot improve service. If you prefer an IPTV service then you are degrading all other services. If a 3rd party measures the true quality of your service without using IPTV, then they will see a network with much worse performance than on a network which does not do preferential treatment. No magic bullets. And if you are spending the extra money to implement preferential treatment, can you be sure that there is a market willing to pay extra for this? --Michael Dillon
Re: The Backhoe: A Real Cyberthreat?
As you mentioned before this is largely because the customer (SIAC) was savvy enough to set the reuirements and had the money to do it. A lot of that saviness came from lessons learned from 9/11 and fund transfer. Similar measures were taken with DoD's GIG-BE, again because the customer was knowlegable and had the financial clout to enforce the requirements and demand the information. My argument simply is if this kind of awareness can be made more broadly available you end up with a more resilient infrastructure overall. An anonymous data pool is just one suggestion of a market based mechanism to do it. - Original Message - From: [EMAIL PROTECTED] Date: Friday, January 20, 2006 5:37 am Subject: Re: The Backhoe: A Real Cyberthreat? Imagine if 60 Hudson and 111 8th were to go down at the same time? Finding means to mitigate this threat is not frivolously spending the taxpayer's money, IMO; although perhaps removing fiber maps is not the best way to address this. No, removing fiber maps will not address this problem now that you have pinpointed the addresses that they should attack. Separacy is the key to addressing this problem. Separate circuits along separate routes connecting separate routers in separate PoPs. Separacy should be the mantra, not obscurity. End-to-end separation of circuits is how SFTI and other financial industry networks deal with the issue of continuity in the face of terrorism and other disasters. In fact, now that trading is mediated by networked computers, the physical location of the exchange is less vulnerable to terrorists because the real action takes place in redundant data centers connected by diverse separate networks. Since 9-11 was a direct attack on the financial services industry, people within the industry worldwide, have been applying the lessons learned in New York. Another 9-11 is simply not possible today. --Michael Dillon
Re: is this like a peering war somehow?
[EMAIL PROTECTED] wrote: [...] But it's no magic bullet. Streaming live media also requires low jitter, especially if you are selling it as TV because viewers will join and leave channels often, as they change channels on their remote controls. This means you can't have big local buffers to hide jitter, therefore you have to build a network with enough capacity so that packets are all cut-through switched. I observe about 3-4 seconds of latency on the UK DVB-T and DAB broadcasts anyway compared to analogue. Cost-cutting on CPU grunt in decoder boxes can mean it takes up to ten seconds to change channel. In contrast, streaming video and audio from iTMS starts to play a lot quicker. It sounds like the problems with jitter and latency over private IP networks is overstated if it still works fine over the Internet. (FWIW, this is on 1Mb/s ADSL that is 170ms from www.apple.com.) -- My mother protected me from the world and my father threatened me with it. - Quentin Crisp
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
Imagine if 60 Hudson and 111 8th were to go down at the same time? Finding means to mitigate this threat is not frivolously spending the taxpayer's money, This is not only a fair question, it's the very dilemma that some of us faced during and immediately following September 11, 2001 when laying down routes into NJ and north to midtown from the Wall Street area of NY City held new challenges. The attacks on that grim date and its after effects revealed that sites no longer had necessarily to be taken down in the traditional sense, per se, to be inaccessible. It was no longer only the physical integrity of building property and underground infrastructure that was vulnerable, but the very access to those facilities from a broader geographic footprint perspective, as well, was seen as something new that had to be dealt with. To answer Sean Donelan's question, yes, enterprise customers and/or their agents _do _need to have specific information on the routes in which their leased facilities (and even dark fiber builds) are placed, ephemeral as those data might be at times due to SP outside plant churn. They need this data in order to ensure that they're not only getting the diversity/redundancy/separacy that they're paying for, but because of the more fundamental reason being that it is the only way they have to provide maximal assurances to stakeholders of the organization's survivability. All of that having been said, up-to-date information on physical routes and common spaces and the cables that reside within them remains among the most problematic and opaque issues that enterprise network builders and SPs alike have to deal with today in their quest to design and manage survivable networks. NDAs aren't going away, and the anal nature of carriers isn't about to change anytime soon. The best information gathering approach to double check any information that is provided is very often knowing the right people to ask on an official level, and being patient enough to wait for the right moment to ask. Frank
Re: is this like a peering war somehow?
Mike, can I make: Preferential treatment can degrade service, but it cannot improve service. my motto?
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
What I meant to state in my closing sentence of my last post, but didn't catch myself in time, was: ... to ask on an official or unofficial level, whatever works. -- Frank A. Coluccio DTI Consulting Inc. 212-587-8150 Office 347-526-6788 Mobile
Re: is this like a peering war somehow?
On Fri, 20 Jan 2006 13:54:34 +0100 (CET), Mikael Abrahamsson [EMAIL PROTECTED] said: On Fri, 20 Jan 2006, Alexander Harrowell wrote: Whatever. No-one's actually trying to do some packets are more equal than others here in Europe, except for the mobile people with IMS and such. BT just transferred its access network into a new division with a specific remit to provide open access to all ISPs and alt- tels who want it. I'm sorry if I made the impression that it is already happening. Now it's a game on the political arena, and it's important to support the RIR-communities' efforts to provide balanced information to decision-makers. My guess would be that basically everybody doing triple play will prioritize the IPTV and VoIP packets in their network including the access. Considering that streaming UDP IPTV requires very very low packet loss, much better than Best Effort, this is needed to provide a good quality service. If you do LLQ you want to make sure you can control what goes into that class, that can be done several ways, including disallowing anything you don't know about (transit/ix) to go there. This is preferential treatment for some packets and it makes perfect technological sense. Preferential treatment of value-added services in the providers own network is just fine. It's down-prioritizing competing services that may become a problem. Like blocking all VoIP traffic not using the providers' own gateway-service. //per -- Per Heldal http://heldal.eml.cc/
Re: is this like a peering war somehow?
On Jan 20, 2006, at 9:29 AM, Peter Corlett wrote: [EMAIL PROTECTED] wrote: [...] But it's no magic bullet. Streaming live media also requires low jitter, especially if you are selling it as TV because viewers will join and leave channels often, as they change channels on their remote controls. This means you can't have big local buffers to hide jitter, therefore you have to build a network with enough capacity so that packets are all cut-through switched. I observe about 3-4 seconds of latency on the UK DVB-T and DAB broadcasts anyway compared to analogue. Cost-cutting on CPU grunt in decoder boxes can mean it takes up to ten seconds to change channel. AOL Here in the US, Comcast's digital cable service takes seconds to show a picture after you change channels. I don't know if that's buffering or CPU or what, but consumers are clearly OK with it. /AOL So you _can_ have a large client-side buffer and ignore jitter. That means packet loss is important, not jitter. (A 2 second buffer would be orders of magnitude more than your typical jitter.) Which means queue size is only relevant if you drop things off the back end of the queue. Which means you can build an intentionally congested network and sell the front-end of the queue to services which will pay you more. The rest will just risk being dropped off the end of the queue. Will consumers care? Hell, they're already used to the Internet not really working right, rebooting their computers every day, and sites being taken down 'cause the next box over is infected and DDoS'ing someone (or their domain has been removed for spamming :). In fact, most consumers probably can't use the speed they have since their computer is using all the available bandwidth CPU spewing crap onto the 'Net from the 1389 viruses installed. So, yeah, I think the end user will put up with the fact some sites are slower on their DSL line and not look to change providers. And they will slowly migrate to the faster sites - i.e. the ones who pay for the front of the queue. Also, no one has talked about the ideas proposed in Vixie's second link: That the big content providers are willing to pay a 'little' to raise the bar of entry. A few million bux a year to each of the RBOCs in the US would be a rounding error in Google's bottom line, but it would make it nearly impossible for a 'start-up' to make it. Doesn't that scare anyone? In contrast, streaming video and audio from iTMS starts to play a lot quicker. It sounds like the problems with jitter and latency over private IP networks is overstated if it still works fine over the Internet. (FWIW, this is on 1Mb/s ADSL that is 170ms from www.apple.com.) Yeah, but you don't get iTMS stuff from www.apple.com. I'm betting you are a LOT closer to iTMS. :-) -- TTFN, patrick
Re: is this like a peering war somehow?
On 20-Jan-2006, at 07:54, Mikael Abrahamsson wrote: On Fri, 20 Jan 2006, Alexander Harrowell wrote: Whatever. No-one's actually trying to do some packets are more equal than others here in Europe, except for the mobile people with IMS and such. BT just transferred its access network into a new division with a specific remit to provide open access to all ISPs and alt- tels who want it. My guess would be that basically everybody doing triple play will prioritize the IPTV and VoIP packets in their network including the access. Considering that streaming UDP IPTV requires very very low packet loss, much better than Best Effort, this is needed to provide a good quality service. Perhaps this additional networking complexity (and hence cost, at some level, presumably) will allow peoples' eyes to be opened to the fact that the majority of television being viewed over the Internet today is done asynchronously, through peer-to-peer, file-sharing networks. It amuses me to think of early-adopting consumers receiving all their expensive, network-optimised television shows in real-time on their TiVOs, only to have them recorded to disk and watched days later. (Recorded onto hard disks with no DRM, no less, ready to be encoded and uploaded to eDonkey :-) If content distribution companies would accept this as the final outcome, then sticking a torrent client on the set-top-box and feeding it from an RSS feed starts to seem a lot cheaper than encumbering every access network with traffic shaping. Joe
Re: is this like a peering war somehow?
On Jan 20, 2006, at 11:16 AM, Joe Abley wrote: Perhaps this additional networking complexity (and hence cost, at some level, presumably) will allow peoples' eyes to be opened to the fact that the majority of television being viewed over the Internet today is done asynchronously, through peer-to-peer, file- sharing networks. It amuses me to think of early-adopting consumers receiving all their expensive, network-optimised television shows in real-time on their TiVOs, only to have them recorded to disk and watched days later. (Recorded onto hard disks with no DRM, no less, ready to be encoded and uploaded to eDonkey :-) If content distribution companies would accept this as the final outcome, then sticking a torrent client on the set-top-box and feeding it from an RSS feed starts to seem a lot cheaper than encumbering every access network with traffic shaping. Agreed - mostly. Things like sports events will still require real-time feeds, and people will pay for them. But satellite seems like a perfectly reasonable and cost-efficient means of distribution without going through anyone's right-of-way. I mean, seriously, do you think anyone is going to WAIT to see Victoria's Secret Fashion Show? :-) -- TTFN, patrick
Re: is this like a peering war somehow?
On 20-Jan-2006, at 11:25, Patrick W. Gilmore wrote: Things like sports events will still require real-time feeds, and people will pay for them. That and breaking news seem like reasonable exceptions to point out in contrast to my rampant generalisations. For news, however, stories seem to break on the web long before they usually reach the television. Anybody who really wants to hear about things as they happen are probably best to avoid the traditional news networks anyway. As far as sports go, there is no timely coverage of rugby in North America anyway, I can't imagine why anybody would waste their time watching inferior games like football, hockey, baseball or basketball at all, never mind in real time. Joe (running away quickly now)
Re: is this like a peering war somehow?
On Jan 20, 2006, at 11:41 AM, Joe Abley wrote: On 20-Jan-2006, at 11:25, Patrick W. Gilmore wrote: Things like sports events will still require real-time feeds, and people will pay for them. That and breaking news seem like reasonable exceptions to point out in contrast to my rampant generalisations. I think we are in very close agreement here. Although you bring up a good point. At least here in the US, there is the emergency broadcast system, a way to break into the TV feed in real time in case of emergency. It was designed because, well, us dumb americans are glued to the boob tube 24/7, so what better way to say GET THE HELL OUT NOW!? :-) Things like breaking in to TV feeds are not really useful if everything is pre-recorded and stored locally. For news, however, stories seem to break on the web long before they usually reach the television. Anybody who really wants to hear about things as they happen are probably best to avoid the traditional news networks anyway. As far as sports go, there is no timely coverage of rugby in North America anyway, I can't imagine why anybody would waste their time watching inferior games like football, hockey, baseball or basketball at all, never mind in real time. I didn't say they were BRIGHT or TASTEFUL, just that people would pay for it. Hell, people use Pay-Per-View for WWE, even after they admitted it was staged. No one has ever gone broke underestimating the US public Then again, I like US football. :-) Joe (running away quickly now) As you should. We might not be smart, but we can kick Canada's ass! -- TTFN, patrick
RE: is this like a peering war somehow?
If something like the slingbox catches on www.slingmedia.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Patrick W. Gilmore Sent: Friday, January 20, 2006 8:26 AM To: nanog@merit.edu Cc: Patrick W. Gilmore Subject: Re: is this like a peering war somehow? On Jan 20, 2006, at 11:16 AM, Joe Abley wrote: Perhaps this additional networking complexity (and hence cost, at some level, presumably) will allow peoples' eyes to be opened to the fact that the majority of television being viewed over the Internet today is done asynchronously, through peer-to-peer, file- sharing networks. It amuses me to think of early-adopting consumers receiving all their expensive, network-optimised television shows in real-time on their TiVOs, only to have them recorded to disk and watched days later. (Recorded onto hard disks with no DRM, no less, ready to be encoded and uploaded to eDonkey :-) If content distribution companies would accept this as the final outcome, then sticking a torrent client on the set-top-box and feeding it from an RSS feed starts to seem a lot cheaper than encumbering every access network with traffic shaping. Agreed - mostly. Things like sports events will still require real-time feeds, and people will pay for them. But satellite seems like a perfectly reasonable and cost-efficient means of distribution without going through anyone's right-of-way. I mean, seriously, do you think anyone is going to WAIT to see Victoria's Secret Fashion Show? :-) -- TTFN, patrick
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. Daily listings are sent to [EMAIL PROTECTED] If you have any comments please contact Philip Smith [EMAIL PROTECTED]. Routing Table Report 04:00 +10GMT Sat 21 Jan, 2006 Analysis Summary BGP routing table entries examined: 178949 Prefixes after maximum aggregation: 100271 Unique aggregates announced to Internet: 87108 Total ASes present in the Internet Routing Table: 21341 Origin-only ASes present in the Internet Routing Table: 18557 Origin ASes announcing only one prefix:8782 Transit ASes present in the Internet Routing Table:2784 Transit-only ASes present in the Internet Routing Table: 72 Average AS path length visible in the Internet Routing Table: 4.5 Max AS path length visible: 25 Prefixes from unregistered ASNs in the Routing Table: 7 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space: 12 Number of addresses announced to Internet: 1481701664 Equivalent to 88 /8s, 80 /16s and 249 /24s Percentage of available address space announced: 40.0 Percentage of allocated address space announced: 59.0 Percentage of available address space allocated: 67.8 Total number of prefixes smaller than registry allocations: 86492 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:37594 Total APNIC prefixes after maximum aggregation: 15880 Prefixes being announced from the APNIC address blocks: 35380 Unique aggregates announced from the APNIC address blocks:17327 APNIC Region origin ASes present in the Internet Routing Table:2461 APNIC Region origin ASes announcing only one prefix:694 APNIC Region transit ASes present in the Internet Routing Table:381 Average APNIC Region AS path length visible:4.4 Max APNIC Region AS path length visible: 21 Number of APNIC addresses announced to Internet: 210786016 Equivalent to 12 /8s, 144 /16s and 86 /24s Percentage of available APNIC address space announced: 65.9 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911 APNIC Address Blocks 58/7, 60/7, 121/8, 122/7, 124/7, 126/8, 202/7 210/7, 218/7, 220/7 and 222/8 ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes: 94137 Total ARIN prefixes after maximum aggregation:56355 Prefixes being announced from the ARIN address blocks:73444 Unique aggregates announced from the ARIN address blocks: 28140 ARIN Region origin ASes present in the Internet Routing Table:10457 ARIN Region origin ASes announcing only one prefix:3882 ARIN Region transit ASes present in the Internet Routing Table: 966 Average ARIN Region AS path length visible: 4.3 Max ARIN Region AS path length visible: 17 Number of ARIN addresses announced to Internet: 282709248 Equivalent to 16 /8s, 217 /16s and 205 /24s Percentage of available ARIN address space announced: 70.2 ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106 (pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153 3354-4607, 4865-5119, 5632-6655, 6912-7466 7723-8191, 10240-12287, 13312-15359, 16384-17407 18432-20479, 21504-23551, 25600-26591, 26624-27647, 29696-30719, 31744-33791 35840-36863 ARIN Address Blocks24/8, 63/8, 64/6, 68/7, 70/6, 74/7, 76/8, 198/7, 204/6, 208/7 and 216/8 RIPE Region Analysis Summary Prefixes being announced by RIPE Region ASes: 35157 Total RIPE prefixes after maximum aggregation:23723 Prefixes being announced from the RIPE address blocks:32187 Unique aggregates announced from the RIPE address blocks: 21567 RIPE Region origin ASes present in the Internet Routing Table: 7540 RIPE Region origin ASes announcing only one prefix:3945 RIPE Region transit ASes present in the Internet Routing Table:1249 Average RIPE Region AS path length visible: 5.0 Max RIPE Region AS path length visible: 25 Number of RIPE addresses
Re: The Backhoe: A Real Cyberthreat?
My argument simply is if this kind of awareness can be made more broadly available you end up with a more resilient infrastructure overall. Sean, would you care to list the route, facility, ownership and customer attributes of the data base that you'd make public, and briefly explain the access controls you would impose on same? If this is not what you originally intended, then please show me the way ... thanks. Frank On Fri Jan 20 9:19 , [EMAIL PROTECTED] sent: As you mentioned before this is largely because the customer (SIAC) was savvy enough to set the reuirements and had the money to do it. A lot of that saviness came from lessons learned from 9/11 and fund transfer. Similar measures were taken with DoD's GIG-BE, again because the customer was knowlegable and had the financial clout to enforce the requirements and demand the information. An anonymous data pool is just one suggestion of a market based mechanism to do it. - Original Message - From: [EMAIL PROTECTED] Date: Friday, January 20, 2006 5:37 am Subject: Imagine if 60 Hudson and 111 8th were to go down at the same time? Finding means to mitigate this threat is not frivolously spending the taxpayer's money, IMO; although perhaps removing fiber maps is not the best way to address this. No, removing fiber maps will not address this problem now that you have pinpointed the addresses that they should attack. Separacy is the key to addressing this problem. Separate circuits along separate routes connecting separate routers in separate PoPs. Separacy should be the mantra, not obscurity. End-to-end separation of circuits is how SFTI and other financial industry networks deal with the issue of continuity in the face of terrorism and other disasters. In fact, now that trading is mediated by networked computers, the physical location of the exchange is less vulnerable to terrorists because the real action takes place in redundant data centers connected by diverse separate networks. Since 9-11 was a direct attack on the financial services industry, people within the industry worldwide, have been applying the lessons learned in New York. Another 9-11 is simply not possible today. --Michael Dillon
Re: is this like a peering war somehow?
From: Doug Marschke [EMAIL PROTECTED] Subject: RE: is this like a peering war somehow? If something like the slingbox catches on www.slingmedia.com From the sling community forum: Hello before yall get to excited about verizon it looks like they are cancelling users who use too much bandwith. Unlimited NationalAccess/BroadbandAccess services cannot be used (1) for uploading, downloading or streaming of movies, music or games, (2) with server devices or with host computer applications, including, but not limited to, Web camera posts or broadcasts, automatic data feeds, Voice over IP (VoIP), automated machine-to-machine connections, or peer-to-peer (P2P) file sharing, or (3) as a substitute or backup for private lines or dedicated data connections.
Re: is this like a peering war somehow?
On Fri, 20 Jan 2006 09:06:39 -1000, Michael Painter said: Hello before yall get to excited about verizon it looks like they are cancelling users who use too much bandwith. Unlimited NationalAccess/BroadbandAccess services cannot be used (1) for uploading, downloading or streaming of movies, music or games, (2) with server devices or with host computer applications, including, but not limited to, Web camera posts or broadcasts, automatic data feeds, Voice over IP (VoIP), automated machine-to-machine connections, or peer-to-peer (P2P) file sharing, or (3) as a substitute or backup for private lines or dedicated data connections. Might as well stick with 56K dialup at that point pgp10ycevZjQH.pgp Description: PGP signature
Re: is this like a peering war somehow?
On Fri, Jan 20, 2006 at 11:41:20AM -0500, Joe Abley wrote: ... As far as sports go, there is no timely coverage of rugby in North America anyway, I can't imagine why anybody would waste their time watching inferior games like football, hockey, baseball or basketball at all, never mind in real time. ... Joe, I must take issue with the above. You omitted a comma after baseball. Correct communications are essential, eh? ;-) -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: The Backhoe: A Real Cyberthreat?
What data went into the system would depend on what questions you were looking to answer. I spend most of my time looking at the geographic diversity of fiber routes, so I'll use that as a very simple example. To answer that particular set of questions you would need the fiber routes for each provider, and they would need to be georeferenced. Other useful data would be the buildings lit by those fiber routes and lease costs. Users would then enter the buildings they want connectivity for. The system would find all the providers that could service that combination of buildings then calculate what the diversity of each provider is for that set of buildings, or what the diversity was if the user wanted to use more than one provider. Each provider would be given a score for that particular connectivity combination and a price, or the scores for each combination of providers. The user would then have a market indicator for diversity. You could have a vairety of metrics - the total distance between network paths, average distance, the variance, the number of times paths come with 100 feet of each other, the number of routes that are colocated etc. The providers do not give up any proprietary data and the customers have a set of indicators to make a more informed choice. Not the ideal solution, but the game was to come up with something that would be palatable to the providers. Companies like Last Mile Connections already keep provider supplied databases of lit buildings and prices to run auctions. This would just be another indicator for customers that also value diversity and resiliency. Protecting the master database would be important, but there are lots of mechanisms to do that effectively. The metrics are the key, and that of course is my angle on the game. - Original Message - From: Frank Coluccio [EMAIL PROTECTED] Date: Friday, January 20, 2006 1:53 pm Subject: Re: The Backhoe: A Real Cyberthreat? My argument simply is if this kind of awareness can be made more broadly available you end up with a more resilient infrastructure overall. Sean, would you care to list the route, facility, ownership and customer attributes of the data base that you'd make public, and briefly explain the access controls you would impose on same? If this is not what you originally intended, then please show me the way ... thanks. Frank On Fri Jan 20 9:19 , [EMAIL PROTECTED] sent: As you mentioned before this is largely because the customer (SIAC) was savvy enough to set the reuirements and had the money to do it. A lot of that saviness came from lessons learned from 9/11 and fund transfer. Similar measures were taken with DoD's GIG-BE, again because the customer was knowlegable and had the financial clout to enforce the requirements and demand the information. An anonymous data pool is just one suggestion of a market based mechanism to do it. - Original Message - From: [EMAIL PROTECTED] Date: Friday, January 20, 2006 5:37 am Subject: Imagine if 60 Hudson and 111 8th were to go down at the same time? Finding means to mitigate this threat is not frivolously spending the taxpayer's money, IMO; although perhaps removing fiber maps is not the best way to address this. No, removing fiber maps will not address this problem now that you have pinpointed the addresses that they should attack. Separacy is the key to addressing this problem. Separate circuits along separate routes connecting separate routers in separate PoPs. Separacy should be the mantra, not obscurity. End-to-end separation of circuits is how SFTI and other financial industry networks deal with the issue of continuity in the face of terrorism and other disasters. In fact, now that trading is mediated by networked computers, the physical location of the exchange is less vulnerable to terrorists because the real action takes place in redundant data centers connected by diverse separate networks. Since 9-11 was a direct attack on the financial services industry, people within the industry worldwide, have been applying the lessons learned in New York. Another 9-11 is simply not possible today. --Michael Dillon
Re: is this like a peering war somehow?
Michael Painter wrote: From: Doug Marschke [EMAIL PROTECTED] Subject: RE: is this like a peering war somehow? If something like the slingbox catches on www.slingmedia.com From the sling community forum: Hello before yall get to excited about verizon it looks like they are cancelling users who use too much bandwith. Unlimited NationalAccess/BroadbandAccess services cannot be used (1) for uploading, downloading or streaming of movies, music or games, (2) with server devices or with host computer applications, including, but not limited to, Web camera posts or broadcasts, automatic data feeds, Voice over IP (VoIP), automated machine-to-machine connections, or peer-to-peer (P2P) file sharing, or (3) as a substitute or backup for private lines or dedicated data connections. I believe those are the rules for Verizon Wireless and not for Verizon DSL etc. Verizon Wireless and Verizon are actually separate. Roy
Re: is this like a peering war somehow?
DG Date: Fri, 20 Jan 2006 00:49:12 -0500 DG From: Daniel Golding DG The RBOCs need to get over this - they are floundering around to try and DG find a way to recoup network costs. This is one front. IMS is another. I It's not just RBOCs. Approximately five years back I approached a cableco about peering. They wanted to charge more for peering than what they did for transit. Justification? It's priority access to our customers. Note that it was NOT due to transit costs. They still wanted the higher fee if one ran a private line directly to their POP. This was for a mostly-content network. So much for content/eyeball synergy. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
On Fri, 20 Jan 2006, Frank Coluccio wrote: To answer Sean Donelan's question, yes, enterprise customers and/or their agents _do _need to have specific information on the routes in which their leased facilities (and even dark fiber builds) are placed, ephemeral as those data might be at times due to SP outside plant churn. They need this data in order to ensure that they're not only getting the diversity/redundancy/separacy that they're paying for, but because of the more fundamental reason being that it is the only way they have to provide maximal assurances to stakeholders of the organization's survivability. Is the same thing also true for customers of financial institutions? Why are financial institutions so reluctant to give details about the locations of their data centers, processing offices, money transport routes and security procedures to their customers? Don't customers of financial institutions have the same concerns about the survivability of the financial institutions as the financial institutions have about their suppliers? Doesn't this just turn into Y2K all over again with every organization demanding guarantees and copies of data from every other organization?
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
The difference being the financial system can use the knowledge to make themselves more resilient. How does the bank customer use the information you listed to make themselves more resilient? Further, the banks are a fairly trusted and well regulated group. There are a good number of bank customers that are not good guys. Is there a fear the banks will use provider information for malicious ends? Is that the reason the providers will not give the information? Could it be they do not want customers to know most of their SONET rings are collapsed? - Original Message - From: Sean Donelan [EMAIL PROTECTED] Date: Friday, January 20, 2006 4:44 pm Subject: Re: The Backhoe: A Real Cyberthreat? [Re: cyber-redundancy ] On Fri, 20 Jan 2006, Frank Coluccio wrote: To answer Sean Donelan's question, yes, enterprise customers and/or their agents _do _need to have specific information on the routes in which their leased facilities (and even dark fiber builds) are placed, ephemeral as those data might be at times due to SP outside plant churn. They need this data in order to ensure that they're not only getting the diversity/redundancy/separacy that they're paying for, but because of the more fundamental reason being that it is the only way they have to provide maximal assurances to stakeholders of the organization's survivability. Is the same thing also true for customers of financial institutions? Why are financial institutions so reluctant to give details about the locations of their data centers, processing offices, money transport routes and security procedures to their customers? Don't customers of financial institutions have the same concerns about the survivability of the financial institutions as the financial institutions have about their suppliers? Doesn't this just turn into Y2K all over again with every organization demanding guarantees and copies of data from every other organization?
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
Responding to both Sean Gorman's and Sean Donelan's posts: --- Sean Gorman, In your earlier reply you stated that Verizon will tell me that a cable is diversely placed, when in reality it is only 2mm away from the original path. Then you proceed to describe the considerations and the makeup of a data base that Verizon (using them as an example here) should use to document cable placements in order to give me the information that would be what? Which is it? I'm either naive to ask for a route statement, so I shouldn't bother. OR, I trust that they're going to be straightforward and wind up getting whacked with bogus information in the end, anyway? We've written numerous asset-tracking systems that list dozens of attributes, starting with geo-referenced path information at Layer Zero (spaces, pathways, roads, etc.) that is integrated parametrically with CAD software, and ending with the fire ratings of the sleeves and innerducts entering buildings, and everything, including all media attributes, in between. This is not a trivial undertaking when done to the demands of the craft (in addition to those that might be of interest to someone flying at 30,000 ft), but every cable pulling service provider/carrier/entity worth its salt has or should have one. Whether they are kept up to date or not is another story, entirely. To this point, some systems I've seen possess information that is so out of date and in such disarray that they actual represent a primary reason (shame) why an SP would not want to make them vieaable to end customers for viewing. But that's another story all its own. --- Sean Donelan., you make a good point by comparing financial institutions with carriers with respect to holding back information from one another, and sometimes to the customer, as well. You'll note in my earlier post I made allowances for a third party (or agents) for this very reason, although I didn't elaborate on that point at the time. I've seen instances when trusted third parties, usually a then- big six CPA firm, would be mutually agreed to as the party of choice to hold and confirm route information for a client. Iâve seen this done for tower righs of way and for fiber optic paths, but nothing like this that I am aware of ever became widely available as a broking service to the general public, although I think it should. Have you come across this sort of arrangement in the past? Anyone? I've also been blessed with having to work through both of these industry groups on a single project. For example, I once orchestrated the client-side design and buildout of two IRU facilities (called optical fiber services, of OFS) back in 1987 for a financial institution across the street and down the block from the NYSE to the Teleport on Staten Island. Since Teleport (and TCG) was partially owned by Merrill Lynch back then, along with WU, NYCity and the Port Authority of NJ/NY, and the entrance point to the site was in Merrill's own building, I had to arrange for alternate penetration points and trenching from the perimeter of the park to a new building that was designed and constructed simply to circumvent the sharing of space and duct facilities with the client's chief competitor. To make this story more interesting, the two routes on the NJ side (which the routes traversed in order to get back to the Holland and PATH Tunnels on their way to 60 Hudson and the WTC, respectively) had a single cross-over point (single point of failure) in a large PSEG vault in Journal Sq., which I refused to sign off on. I never would have detected this fault, except for my personal inspections of the physical route constructions against the design documents I was given by all parties concerned. It wound up costing seven digits to trench a path to an agreed upon distance from the vault before an order to commence pulling cable through those sections received a final go ahead. And so it went ... Frank = On Fri Jan 20 18:11 , [EMAIL PROTECTED] sent: The difference being the financial system can use the knowledge to make themselves more resilient. How does the bank customer use the information you listed to make themselves more resilient? Further, the banks are a fairly trusted and well regulated group. There are a good number of bank customers that are not good guys. Is there a fear the banks will use provider information for malicious ends? Is that the reason the providers will not give the information? Could it be they do not want customers to know most of their SONET rings are collapsed? - Original Message - From: Sean Donelan [EMAIL PROTECTED] Date: Friday, January 20, 2006 4:44 pm Subject: Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ] On Fri, 20 Jan 2006, Frank Coluccio wrote: To answer Sean Donelan's question, yes, enterprise customers
The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
Trust is a very nebulous concept. And mistrust is a far less nebulous concept, obviously. It seems to me that you will dispel just about anything I present in this regard. Do you trust banks that hold your escrow funds during home purchasing? How does Iron Mountain gain the trust of its enterprise customers who archive their IP, tapes, sofware and family jewels with them? The following is very interesting to me: There is a working group involving several carriers, financial institutions and the government to create something for customers with these types of requirements. Which standards body are you referring to that has such a working group? Sean Donelan [EMAIL PROTECTED]: Sent: Fri Jan 20 19:51: If CPA's were trusted, why aren't there big six CPA firms anymore? Who was the CPA for ENRON? If you trusted them to audit ENRON's financial books, would you also trust them to audit their route information? Why do you think CPA firms would do a better job doing at auditing ENRON's routes than they did their financial books? Trust is a very nebulous concept. Every industry opposes more rules and regulations. Do we really want ordering an ordinary telephone line to require as much paperwork as getting a mortgage? On the other hand, as you know, when you actually read all that paperwork, tariffs, standards, technical practices, etc; carriers don't promise very much. And they usually deliver on that promise. Banks refuse to promise they will never be robbed, and carriers refuse to promise their circuits will never go down. There is a working group involving several carriers, financial institutions and the government to create something for customers with these types of requirements. The challenge is for everyone is deciding what it actually means, how to implement it, and what will it cost. And even after all that, circuits will still go down. Frank A. Coluccio DTI Consulting Inc. 212-587-8150 Office 347-526-6788 Mobile
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
I still believe in Jon Postel's maxim -- Be conservative in what you send, and liberal in what you recieve. And before the wolves jump into the fray, one should underatnd the context. - ferg -- Frank Coluccio [EMAIL PROTECTED] wrote: Trust is a very nebulous concept. And mistrust is a far less nebulous concept, obviously. It seems to me that you will dispel just about anything I present in this regard. Do you trust banks that hold your escrow funds during home purchasing? How does Iron Mountain gain the trust of its enterprise customers who archive their IP, tapes, sofware and family jewels with them? The following is very interesting to me: There is a working group involving several carriers, financial institutions and the government to create something for customers with these types of requirements. Which standards body are you referring to that has such a working group? Sean Donelan [EMAIL PROTECTED]: Sent: Fri Jan 20 19:51: If CPA's were trusted, why aren't there big six CPA firms anymore? Who was the CPA for ENRON? If you trusted them to audit ENRON's financial books, would you also trust them to audit their route information? Why do you think CPA firms would do a better job doing at auditing ENRON's routes than they did their financial books? Trust is a very nebulous concept. Every industry opposes more rules and regulations. Do we really want ordering an ordinary telephone line to require as much paperwork as getting a mortgage? On the other hand, as you know, when you actually read all that paperwork, tariffs, standards, technical practices, etc; carriers don't promise very much. And they usually deliver on that promise. Banks refuse to promise they will never be robbed, and carriers refuse to promise their circuits will never go down. There is a working group involving several carriers, financial institutions and the government to create something for customers with these types of requirements. The challenge is for everyone is deciding what it actually means, how to implement it, and what will it cost. And even after all that, circuits will still go down. Frank A. Coluccio DTI Consulting Inc. 212-587-8150 Office 347-526-6788 Mobile -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
On Fri, 20 Jan 2006, Frank Coluccio wrote: Which standards body are you referring to that has such a working group? I guess forwarding private messages to public lists should be expected. In any case, you can look at the National Security Telecommunications Advisory Committee (NSTAC) which includes members from several industries. http://www.ncs.gov/nstac/nstac.html. Together the Alliance for Telecommunication Industry Solutions (ATIS) http://www.atis.org and the Federal Reserve System http://www.federalreserve.gov created the National Diversity Assurance Initiative.
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
On January 21, 2006 at 01:35 [EMAIL PROTECTED] (Fergie) wrote: I still believe in Jon Postel's maxim -- Be conservative in what you send, and liberal in what you recieve. And one can sum up spammers' and similar miscreants' behavior as being precisely the opposite of that. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo*
Re: The Backhoe: A Real Cyberthreat? [ Re: cyber-redundancy ]
Sucks, don;t it? Context, indeed. :-) It is a maxim that is almost intolerable these days, no? No. The more people are inclined to shut-down services which make the Internet 'the Internet', the less usable it is. This whole situation needs a new approach -- the traditional approach has failed, and I believe that Jon's maxim is just as valid today as it was 2o years ago. We need to think differently. Otherwise, this thing we love so much, and sustains our libelyhoods, will cease to exist as we know it. Speaking for myself, of course. - ferg -- Barry Shein [EMAIL PROTECTED] wrote: On January 21, 2006 at 01:35 [EMAIL PROTECTED] (Fergie) wrote: I still believe in Jon Postel's maxim -- Be conservative in what you send, and liberal in what you recieve. And one can sum up spammers' and similar miscreants' behavior as being precisely the opposite of that. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo* -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
Sean: Accept my Mea Culpa
List, In a demonstration of irony in its purest form, given the fact that the attribute of 'trust' was discussed in this thread upstream, it would appear to the unknowing that I betrayed the trust of Sean Donelan by copying an offlist message he sent to me and pasting it to this list. Sean noted in a subsequent reply: I guess forwarding private messages to public lists should be expected. I did, in fact, inadvernently copy and paste a private message to the list in one of the contortions I have to go through in order to get a plain editor version of my message to him, but it was unintentional, and certainly not a betrayal of trust. Fortunately, no real harm that I can discern was done, but I apologize to Sean, in any event, for the mishap. Frank
RE: The Backhoe: A Real Cyberthreat?
I for one have spoken in the past in favor of making the FCC Outage Reports public again. If you want to deliberatley destroy fiber infrastructure, you can gain more knowledge quicker by stepping outside your door and gazing upon clearly marked routes, than by reading outage reports. Want to find a bldg where multiple carriers are housed? Read the carrier hotel advertisements on the internet and in print or read NANOG. I have suffered more from trying to figure out (quickly) over the past few years what's going on in a multi carrier fiber outage situation, especially when a given carrier has IRU's on the competitor's fiber which I have also provisioned my redundany on (and they seem to forget that). Many times during outages people in NOCs are spinning in their chairs trying get a grip. The information that is purposely being suppressed from the public by DHS initiatives with the FCC, is also frequently inadvertantly obfuscated within a given orginisation due to turnover, layoffs, mergers and acquisitions, etc. So besides government interference, we are at times our own worst enemy due to lack of adequate knowledge transfer and change mgmt. procedures. Imagine if you will 2 competing carriers, 1 has a cut 22.1 km east of X, the other 3 km west of Y, crews are dispatched, and bingo- collide at the scene.how many times has THAT happened. Neither realizes they share some form of infrastructure until they are having coffee together while looking at the muddy hole in the ground that the contractor for a 3rd company just dug. It IS a less than perfect world within the industry. On a slightly different rant - Forget attacking the glass. Take down DNS and SS7 at the same time...hmmm wonder what one company has a lock on a big piece of THAT. enough said. Hope their infrastructure for those things stays totally diverse (no offense meant). Just another thing that I think about at times... -Keith -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Friday, January 20, 2006 3:05 PM To: [EMAIL PROTECTED] Cc: nanog@merit.edu Subject: Re: The Backhoe: A Real Cyberthreat? What data went into the system would depend on what questions you were looking to answer. I spend most of my time looking at the geographic diversity of fiber routes, so I'll use that as a very simple example. To answer that particular set of questions you would need the fiber routes for each provider, and they would need to be georeferenced. Other useful data would be the buildings lit by those fiber routes and lease costs. Users would then enter the buildings they want connectivity for. The system would find all the providers that could service that combination of buildings then calculate what the diversity of each provider is for that set of buildings, or what the diversity was if the user wanted to use more than one provider. Each provider would be given a score for that particular connectivity combination and a price, or the scores for each combination of providers. The user would then have a market indicator for diversity. You could have a vairety of metrics - the total distance between network paths, average distance, the variance, the number of times paths come with 100 feet of each other, the number of routes that are colocated etc. The providers do not give up any proprietary data and the customers have a set of indicators to make a more informed choice. Not the ideal solution, but the game was to come up with something that would be palatable to the providers. Companies like Last Mile Connections already keep provider supplied databases of lit buildings and prices to run auctions. This would just be another indicator for customers that also value diversity and resiliency. Protecting the master database would be important, but there are lots of mechanisms to do that effectively. The metrics are the key, and that of course is my angle on the game. - Original Message - From: Frank Coluccio [EMAIL PROTECTED] Date: Friday, January 20, 2006 1:53 pm Subject: Re: The Backhoe: A Real Cyberthreat? My argument simply is if this kind of awareness can be made more broadly available you end up with a more resilient infrastructure overall. Sean, would you care to list the route, facility, ownership and customer attributes of the data base that you'd make public, and briefly explain the access controls you would impose on same? If this is not what you originally intended, then please show me the way ... thanks. Frank On Fri Jan 20 9:19 , [EMAIL PROTECTED] sent: As you mentioned before this is largely because the customer (SIAC) was savvy enough to set the reuirements and had the money to do it. A lot of that saviness came from lessons learned from 9/11 and fund transfer. Similar measures were taken with DoD's