Rocketfuel vs. topology (was Re: Risk of Internet collapse grows)

[Sean M . Doran]

On Monday, Dec 2, 2002, at 11:07 Europe/London, 
[EMAIL PROTECTED] wrote:

I had a look at your map of Ebone Europe through the browse button on 
your
website. This displayed a messy meshy network that connected all the 
major
cities of Europe. However, in fact, Ebone's network was a nice clean
ringed network connecting all the major cities of Europe.

"subtended ring architecture" is the expression you are looking for -:)

The graph displayed on the rocketfuel page is extremely plausible
given their methodology.  One key thing to note is: "we find roughly
seven times more routers and links in our area of focus than Skitter",
which is symptomatic of the true problem of this kind of topology 
discovery:
the Internet is fundamentally anisotropic.

*NO* set of measurements short of brute-force any-to-any will ever
discover all the possible paths even in a 100% static Internet, simply
because of the natures of aggregation (hides information), and 
hop-by-hop
forwarding (conceals 2ndary paths).   The two combine in surprising 
ways.

Dynamic routing change also will reveal false paths
(thanks to ttl processing during transient loop/blackhole behaviours
which are UNAVOIDABLE with vector-based routing protocols like BGP).
In other words, more measurements can mean more paths, which
seems good, except that some of those paths may be the result of
chronic route flutter, which happens (just ask yer box about flapping).

Hash-based load-balancing can further obscure connectivity,
although the Rocketfuel people embrace the reduction of
fully-equivalent paths, anyway.  However, there are "equal-cost"
L3 paths which are widely separated at lower layers.

However, far from naively expecting isotropy and a full discovery
of information, their very first footnote admits traceroute's 
shortcomings,
and their methodology somewhat resembles X-Ray crystallography,
which has developed some techniques for analysing complex anisotropic
structures (like proteins).

While this is a clever approach, they did miss a chance to
try to eliminate spurious links apparently introduced by
path asymmetry (which I believe is extremely commonplace,
particularly around ring-shaped structures
with traffic-direction bias (e.g., U.S.->Europe is much larger
than Europe->U.S. by bps and pps), at least to the extent
that the LSRR IP header option is allowed across networks
and handled by hops between their measurement vantage points
at the edge.

A larger set of observation points in Central/Eastern/Southern
Europe might also have revealed some of these biases, and heuristics
at least could weed out spurious links.

Clearly, though, their approach to reducing the set of observations
among a group of vantage points is novel, and they did deliberately
seek out a much larger group of vantage points than other studies;
they admit that they are "scratching the surface" of automated
map construction, and they do not claim to have produced the most 
accurate automatically-generated map possible. What they have done, 
however, is much better than their well-known predecessors, at least 
when I compare their
results with what I know about the L0/L1 constructions of a couple
of their targets.   This is good science.


I just don't see how an outside probe can determine the true topology 
of a network.


What *is* the true topology of a IP network?

If you accept that the topology is a graph comprising vertices (routers)
at which a packet is forwarded to other vertices (with a line drawn 
between
any pair of vertices where the forwarding is possible), then it is 
possible
to describe a close match with observations taken from beyond the edges
of such a network.   Rocketfuel is a neat approach, but finds too many
false paths, again probably because of transient routing changes
and asymmetries of varying duration and severity.

Attempting to filter out the dynamic noise is probably possible; Vern 
Paxson's
massive traceroute work some years ago illustrated its existence, and 
if you
can see it, maybe you filter it out. :-)

However, if your target for "topology" requires line parts of the graph
as a complete set of viable L2 links, or even worse, as lower-layer
components across which some networks build single L2 paths (POS, PPP)
and some networks build large numbers of them (FR, ATM, MPLS), then the 
work
gets much harder, mostly because there is in some routers no practical
way of filtering out internal delay at the responding hop from the RTT 
measurement
using traceroute.   (NTP synchronization with the routers in the path 
might help in correlating very stable  (L3 path, delay) tuples to the 
correct L0 path.)

In other words, MPLSD lets you hallucinate lots of direct 
router-to-router
links which are phantoms.  The packets still transit routers (sorry, 
"LSRs"),
but detecting them seems hard.

If a researcher wants to do analysis of real network topologies they
either need to get the real maps from the ISPs in question or else they
need to ally themselve

Re: dontaing bgp config files [Re: Risk of Internet collapse grows]

[Ratul Mahajan]

>   It is not clear if you mean that tools (e.g. BGP) are
>   primitive, languages to express policy in BGP are
>   primitive, or application of what we have (BGP + whatever
>   language you use) is primitive.  Which is it (or which
>   subset)?

i would argue all of them; they are so tied to each other that its hard
for me to distinguish. bgp does not let you do everything you want, and at
times lets you do things you don't want. moreover, to my knowledge, the
way most people configure it is also primitive.

but our immediate goal is more modest - trying to understand whats going
on and what the impact of it is. the more challenging task of fixing
things will come later, when we know the current world better.

-- ratul


On Mon, 2 Dec 2002, David Meyer wrote:

>   Ratul,
> 
> >> understanding of routing (especially inter-domain) in the research
> >> community is really primitive. this precludes us from having realistic
> >> routing models. we recently started working on understanding prevalent
> >> inter-domain routing policies. the ultimate goal is to improve the
> >> efficiency, robustness and expressiveness of routing protocols.
> >> http://www.cs.washington.edu/research/networking/policy-inference/
> 
>   It is not clear if you mean that tools (e.g. BGP) are
>   primitive, languages to express policy in BGP are
>   primitive, or application of what we have (BGP + whatever
>   language you use) is primitive.  Which is it (or which
>   subset)?
> 
>   Thanks,
> 
>   Dave
> 
> 
> 
>   
> 

Re: Risk of Internet collapse grows

[Randy Bush]

> I just don't see how an outside probe can determine the true topology of a 
> network.

you may want to  *read* the paper

Re: dontaing bgp config files [Re: Risk of Internet collapse grows]

[John Kristoff]

On Sun, 1 Dec 2002 23:03:22 -0800 (PST)
Ratul Mahajan <[EMAIL PROTECTED]> wrote:

> speaking neighbor), you can help us by donating your bgp config files.
>  abstracted
> or anonymized versions are ok.

Of possible general interest to the list, I had begun work over a year
ago in 'mapping' out peering arrangements at various exchanges using
simple packet probing techniques (traceroutes mostly from behind various
providers nets) and gathering available public data.  If anyone wants to
see the data or more info, let me know and I'll make it available.  Its
only mildly interesting, but would be a useful method in developing maps
ala the Lumeta method.  It takes a significant amount of time (very
difficult to automate) and energy to do this work, so its not all that
reliable, practical or timely in many cases.

John

Re: dontaing bgp config files [Re: Risk of Internet collapse grows]

[Neil J. McRae]

> 
> not sure why a config will help you any more than RR info which is much easier
> to get and maintain.. ultimately if you want more detailed data you need a
> complete view from each border router your interested in..
> 

Well if you have something like Opnet you can produce quite detailed
network models...

Re: dontaing bgp config files [Re: Risk of Internet collapse grows]

[Stephen J. Wilcox]

not sure why a config will help you any more than RR info which is much easier
to get and maintain.. ultimately if you want more detailed data you need a
complete view from each border router your interested in..


On Mon, 2 Dec 2002, Mark Radabaugh wrote:

> 
> 
> > if you run a network that has choices to make (more than one BGP speaking
> > neighbor), you can help us by donating your bgp config files.  abstracted
> > or anonymized versions are ok.
> >
> http://www.cs.washington.edu/research/networking/policy-inference/donation.h
> tml
> 
> I'm not sure if you want the bgp tables or the configuration itself.  In any
> case http://www.renesys.com/ currently has a project to collect bgp views -
> you may wish to talk to them.   There are also many public route-servers
> that can give you a good view of the routing tables.
> 
> http://www.caida.org has done a lot of work on analysis of BGP
> 
> Mark Radabaugh
> Amplex
> (419) 720-3635
> 
> 
> 

Re: dontaing bgp config files [Re: Risk of Internet collapse grows]

[Mark Radabaugh]

> if you run a network that has choices to make (more than one BGP speaking
> neighbor), you can help us by donating your bgp config files.  abstracted
> or anonymized versions are ok.
>
http://www.cs.washington.edu/research/networking/policy-inference/donation.h
tml

I'm not sure if you want the bgp tables or the configuration itself.  In any
case http://www.renesys.com/ currently has a project to collect bgp views -
you may wish to talk to them.   There are also many public route-servers
that can give you a good view of the routing tables.

http://www.caida.org has done a lot of work on analysis of BGP

Mark Radabaugh
Amplex
(419) 720-3635

Re: dontaing bgp config files [Re: Risk of Internet collapse grows]

[David Meyer]

Ratul,

>> understanding of routing (especially inter-domain) in the research
>> community is really primitive. this precludes us from having realistic
>> routing models. we recently started working on understanding prevalent
>> inter-domain routing policies. the ultimate goal is to improve the
>> efficiency, robustness and expressiveness of routing protocols.
>> http://www.cs.washington.edu/research/networking/policy-inference/

It is not clear if you mean that tools (e.g. BGP) are
primitive, languages to express policy in BGP are
primitive, or application of what we have (BGP + whatever
language you use) is primitive.  Which is it (or which
subset)?

Thanks,

Dave

Re: Risk of Internet collapse grows

[Petri Helenius]

> I had a look at your map of Ebone Europe through the browse button on your
> website. This displayed a messy meshy network that connected all the major
> cities of Europe. However, in fact, Ebone's network was a nice clean
> ringed network connecting all the major cities of Europe. It's true that
> Ebone's marketing map had some innacuracies but it still more or less
> showed the same network of sub-rings hanging off of a core ring.

Maybe you´re referring to the physical topology. Rocketfuel measured
the IP topology.
>
> I just don't see how an outside probe can determine the true topology of a
> network.
>
Maybe not to 100% but definetly more than most ISP´s are handing out.

Pete

Re: Risk of Internet collapse grows

[Alex Bligh]

--On 02 December 2002 11:07 + [EMAIL PROTECTED] wrote:


I just don't see how an outside probe can determine the true topology of
a  network.


You did *read* the paper?

Alex

Re: Risk of Internet collapse grows

[Michael . Dillon]

> > How much of this research is based on marketing maps on the ISPs' web 
sites,
> > versus actual maps of the networks in question?  Most "tier 1" ISPs 
won't
> > even let their vendors see the latter.

> last year we *measured* isp maps as part of a research project called
> rocketfuel and found that the marketing maps can differ significantly 
from
> the real ones quite a bit because of lack-of-detail, outdated-ness, or
> optimistic-projections. a paper describing the methodology and the maps
> themselves can be found off: 
> http://www.cs.washington.edu/research/networking/rocketfuel/


Something is wrong here...
You are claiming that your maps are *MORE* correct than the ISP maps!? I 
don't think so.

I had a look at your map of Ebone Europe through the browse button on your 
website. This displayed a messy meshy network that connected all the major 
cities of Europe. However, in fact, Ebone's network was a nice clean 
ringed network connecting all the major cities of Europe. It's true that 
Ebone's marketing map had some innacuracies but it still more or less 
showed the same network of sub-rings hanging off of a core ring.

I just don't see how an outside probe can determine the true topology of a 
network.

If a researcher wants to do analysis of real network topologies they 
either need to get the real maps from the ISPs in question or else they 
need to ally themselves with someone like Telegeography who have this 
information for at least some ISPs.

--Michael Dillon

dontaing bgp config files [Re: Risk of Internet collapse grows]

[Ratul Mahajan]

since we are on the subject of availability of good data, i'd like to ask
the list what i have been contemplating for some time now.

understanding of routing (especially inter-domain) in the research
community is really primitive. this precludes us from having realistic
routing models. we recently started working on understanding prevalent
inter-domain routing policies. the ultimate goal is to improve the
efficiency, robustness and expressiveness of routing protocols.
http://www.cs.washington.edu/research/networking/policy-inference/

if you run a network that has choices to make (more than one BGP speaking
neighbor), you can help us by donating your bgp config files.  abstracted
or anonymized versions are ok.
http://www.cs.washington.edu/research/networking/policy-inference/donation.html

further down the road, we'll need your help to better understand our
findings. if you are willing to answer our (possibly naive) questions,
please respond off-list; i am compiling a list of folks whom i can pester 
for answers.

thanks,
-- ratul

Re: Risk of Internet collapse grows

[Ratul Mahajan]

> Any chance the Rocketfuel project had a chance to map out UUNET/Worldcom
> since the first run?

not yet. but we intend to get to it soon; a lot of people have asked the 
same question.

-- ratul

On Sun, 1 Dec 2002 [EMAIL PROTECTED] wrote:

> There was also some interesting work done on the geographic location of
> Internet resources done at Boston University:
> 
> http://www.cs.bu.edu/techreports/pdf/2002-015-internet-geography.pdf
> 
> Any chance the Rocketfuel project had a chance to map out UUNET/Worldcom
> since the first run?
> 
> 
> - Original Message -
> From: Randy Bush <[EMAIL PROTECTED]>
> Date: Friday, November 29, 2002 8:39 pm
> Subject: Re: Risk of Internet collapse grows
> 
> > 
> > > last year we *measured* isp maps as part of a research project 
> > called> rocketfuel and found that the marketing maps can differ 
> > significantly from
> > > the real ones quite a bit because of lack-of-detail, outdated-
> > ness, or
> > > optimistic-projections. a paper describing the methodology and 
> > the maps
> > > themselves can be found off:  
> > > http://www.cs.washington.edu/research/networking/rocketfuel/
> > 
> > and, aside from reversing the meaning of a comment you attribute
> > to me, i heartily recommend this paper.
> > 
> > randy
> > 
> > 
> > 
> 

Re: Risk of Internet collapse grows

[sgorman1]

There was also some interesting work done on the geographic location of
Internet resources done at Boston University:

http://www.cs.bu.edu/techreports/pdf/2002-015-internet-geography.pdf

Any chance the Rocketfuel project had a chance to map out UUNET/Worldcom
since the first run?


- Original Message -
From: Randy Bush <[EMAIL PROTECTED]>
Date: Friday, November 29, 2002 8:39 pm
Subject: Re: Risk of Internet collapse grows

> 
> > last year we *measured* isp maps as part of a research project 
> called> rocketfuel and found that the marketing maps can differ 
> significantly from
> > the real ones quite a bit because of lack-of-detail, outdated-
> ness, or
> > optimistic-projections. a paper describing the methodology and 
> the maps
> > themselves can be found off:  
> > http://www.cs.washington.edu/research/networking/rocketfuel/
> 
> and, aside from reversing the meaning of a comment you attribute
> to me, i heartily recommend this paper.
> 
> randy
> 
> 
> 

Re: Risk of Internet collapse grows

[Susan Harris]

> with helping with from my experience.  I was curious if we put some 
> recent research online if folks would be interested in providing 
> feedback.  

Sure - and think about doing it in person, too, at the February NANOG.
We're trying a new presentation format, where researchers will have
10-minute slots to present their work for operator feedback.  More here:

http://www.nanog.org/mtg-0302/call27.html

Re: Risk of Internet collapse grows

[Randy Bush]

> last year we *measured* isp maps as part of a research project called
> rocketfuel and found that the marketing maps can differ significantly from
> the real ones quite a bit because of lack-of-detail, outdated-ness, or
> optimistic-projections. a paper describing the methodology and the maps
> themselves can be found off:  
> http://www.cs.washington.edu/research/networking/rocketfuel/

and, aside from reversing the meaning of a comment you attribute
to me, i heartily recommend this paper.

randy

Re: Risk of Internet collapse grows

[Ratul Mahajan]

On Fri, 29 Nov 2002, Stephen Sprunk wrote:

> How much of this research is based on marketing maps on the ISPs' web sites,
> versus actual maps of the networks in question?  Most "tier 1" ISPs won't
> even let their vendors see the latter.

last year we *measured* isp maps as part of a research project called
rocketfuel and found that the marketing maps can differ significantly from
the real ones quite a bit because of lack-of-detail, outdated-ness, or
optimistic-projections. a paper describing the methodology and the maps
themselves can be found off:  
http://www.cs.washington.edu/research/networking/rocketfuel/

-- ratul

Re: Risk of Internet collapse grows

[Stephen Sprunk]

Thus spake"Irwin Lazar" <[EMAIL PROTECTED]>
> Thought this might be worth passing on:
> http://news.bbc.co.uk/2/hi/technology/2514651.stm
> 
>
> There is a recent book out called "Linked: The New Science of Networks"
> which details the potential for causing widespread Internet damage by
> targeting a few hubs instead of random or widespread attacks against large
> numbers of hosts.  This simulation seems to backup the author's concerns.

How much of this research is based on marketing maps on the ISPs' web sites,
versus actual maps of the networks in question?  Most "tier 1" ISPs won't
even let their vendors see the latter.

S

Re: Risk of Internet collapse grows

[Daniel Golding]

The problem isn't so much the latency - although that is a problem.

Any researcher approaching this problem must understand that their result
are only as good as their data. In this case, assuming that Boardwatch
network maps are correct or, in fact, anything other than a marketing
fantasy, is a big problem.

Use of theses sort of data sources are extremely attractive to researchers
because they are straight-forward and lack the "well, but"'s of the
operational community. Trying to model real-life networks is much more
difficult because of the plethora of designs and exceptions involved -
very messy.

Richer industry/researcher partnerships could help with this. I suspect
the research community will have to become more aggresive in this area to
succeed.

- Dan

On Thu, 28 Nov 2002 [EMAIL PROTECTED] wrote:

>
> Sean makes a good point about the importance of the quality of data,
> but the question is how can good data be made available for research.
> We've covered this ground before, that firms are not going to make
> data available.  There are better data sets that have become recently
> available from a few sources, and hopefully improved analysis will
> result.
>
> That said a few things should be kept in mind with academic work.  The
> time from when work is done until it appears in publication is quite
> legthy, especially when peer reviewed (the Grubesic et al article was
> peer reviewed).  I saw his paper presented in the Fall of 2001, which
> means he probably did the research in the spring of 2001, and the
> latest data available was Boardwatch 2000.  so, you end with a lag in
> Internet time that seems horrendous.  One of the problems with
> academia.  I do think it is important to think about the best
> contributions from academia providing tools (algorithm's etc.) to
> analyze data and view issues from a different perspective.  We will
> never have the quality of data the operations community has.
>
> That said I think it is vital to get good feedback from the operations
> communtiy on our assumptiopns and something this forum has been great
> with helping with from my experience.  I was curious if we put some
> recent research online if folks would be interested in providing
> feedback.
>
> Happy holidays,
>
> sean
>
>
> - Original Message -
> From: Sean Donelan <[EMAIL PROTECTED]>
> Date: Wednesday, November 27, 2002 3:49 pm
> Subject: Re: Risk of Internet collapse grows
>
> >
> > On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
> > > The full paper is available at:
> > >
> > > http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf
> > >
> > > password: grubesic
> > >
> > > It was posted on the www.cybergeography.org website with the
> > password,> plus I'm sure Tony would like the feedback.
> >
> > Was this paper peer reviewed ?
> >
> > I'm interested in the problem, but this is not the paper.
> >
> > AT&T's network is the most vulnerable? While Onyx is among the least
> > vulnerable?  Onyx is bankrupt, and their network is no longer in
> > operation. I guess you could argue Onyx not vulnerable any more.
> This
> > paper starts out with some bad assumptions, such as there is one
> > NAP in a
> > city, one path between cities or the marketing maps in Boardwatch are
> > meaningful.
> >
> > Until we figure out how to collect some meaningful starting data, we
> > can't draw these types of conclusions.
> >
> >
> >
> >
>
>

Re: Federal Reserve Risks Collapse Re: Risk of Internet collapse grows

[Stephen Stuart]

> So catastrophic failure doesn't appear to actually interest folks much,
> even when it does happen.

It's like stocks: up on the rumor, down on the news.

Stephen

Federal Reserve Risks Collapse Re: Risk of Internet collapse grows

[Sean Donelan]

On Thu, 28 Nov 2002 [EMAIL PROTECTED] wrote:
> That said a few things should be kept in mind with academic work.  The
> time from when work is done until it appears in publication is quite
> legthy, especially when peer reviewed (the Grubesic et al article was
> peer reviewed).  I saw his paper presented in the Fall of 2001, which
> means he probably did the research in the spring of 2001, and the
> latest data available was Boardwatch 2000.  so, you end with a lag in
> Internet time that seems horrendous.  One of the problems with

The paper would have the same problems in 2000.  It starts with bad
assumptions.  Age doesn't improve bad assumptions.

Suppose I wrote an academic paper about the design of the Federal
Reserve Banking System.  After carefull analysis of the map at
http://www.federalreserve.gov/otherfrb.htm (street addresses available
at http://www.federalreserve.gov/fraddress.htm) I write a fully footnoted
paper that the Federal Reserve system is vulnerable to the destruction
of the board in Washington DC and twelve banks in Boston, New York,
Philadelphia, Cleveland, Richmond, Atlanta, Chicago, St. Louis,
Minneapolis, Kansas City, Dallas and San Francisco.  The US banking
system would collapse, ATMs would stop, paychecks wouldn't get cashed,
checks couldn't be cleared, etc.  I would miss Alan Greenspan, but that's
not how the US banking system works.

The Federal Reserve system does have vulnerabilities.  So does the
Internet (and the post office, and the telephone network, and ...)
But misunderstanding the risks and vulnerabilities is worse because
it diverts resources away from the real ones.

Re: Risk of Internet collapse grows

[sgorman1]

Sean makes a good point about the importance of the quality of data, 
but the question is how can good data be made available for research.  
We've covered this ground before, that firms are not going to make 
data available.  There are better data sets that have become recently 
available from a few sources, and hopefully improved analysis will 
result.

That said a few things should be kept in mind with academic work.  The 
time from when work is done until it appears in publication is quite 
legthy, especially when peer reviewed (the Grubesic et al article was 
peer reviewed).  I saw his paper presented in the Fall of 2001, which 
means he probably did the research in the spring of 2001, and the 
latest data available was Boardwatch 2000.  so, you end with a lag in 
Internet time that seems horrendous.  One of the problems with 
academia.  I do think it is important to think about the best 
contributions from academia providing tools (algorithm's etc.) to 
analyze data and view issues from a different perspective.  We will 
never have the quality of data the operations community has.

That said I think it is vital to get good feedback from the operations 
communtiy on our assumptiopns and something this forum has been great 
with helping with from my experience.  I was curious if we put some 
recent research online if folks would be interested in providing 
feedback.  

Happy holidays,

sean


- Original Message -
From: Sean Donelan <[EMAIL PROTECTED]>
Date: Wednesday, November 27, 2002 3:49 pm
Subject: Re: Risk of Internet collapse grows

> 
> On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
> > The full paper is available at:
> >
> > http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf
> >
> > password: grubesic
> >
> > It was posted on the www.cybergeography.org website with the 
> password,> plus I'm sure Tony would like the feedback.
> 
> Was this paper peer reviewed ?
> 
> I'm interested in the problem, but this is not the paper.
> 
> AT&T's network is the most vulnerable? While Onyx is among the least
> vulnerable?  Onyx is bankrupt, and their network is no longer in
> operation. I guess you could argue Onyx not vulnerable any more.  
This
> paper starts out with some bad assumptions, such as there is one 
> NAP in a
> city, one path between cities or the marketing maps in Boardwatch are
> meaningful.
> 
> Until we figure out how to collect some meaningful starting data, we
> can't draw these types of conclusions.
> 
> 
> 
> 

Re: Risk of Internet collapse grows

[Stephen J. Wilcox]

Maybe, but to be fair the Internet is vulnerable in certain areas (particularly
within individual networks) and is not built to its original intentions (well
meshed).. and thats not "our fault", thats the fault of it going commercial and
the need to keep costs down.

This returns to a different point that with providers offering ever crazier
deals to get business they have to cut back somewhere and that somewhere is in
their infrastructure costs and reduced redundancy.

Steve

On Thu, 28 Nov 2002, David Diaz wrote:

> 
> Well, it seems the national news medias picked up on this story.  How 
> us "geniuses" re-engineered the internet into a few points that could 
> be knocked out, killing the internet.  The explanation used a bad 
> analogy to explain it to the public.
> 
> As already mentioned a lot of bad assumptions were made, and now we 
> will be questioned based on those assumptions.
> 
> There has to be a better way for us to play devil's advocate without 
> media feedback.
> 
> Happy Thanksgiving.
> 
> Dave
> 
> At 0:17 + 11/28/02, Stephen J. Wilcox wrote:
> >On Wed, 27 Nov 2002, Sean Donelan wrote:
> >
> >>  On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
> >>  > The full paper is available at:
> >>  >
> >>  > http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf
> >>  >
> >>  > password: grubesic
> >>  >
> >>  > It was posted on the www.cybergeography.org website with the password,
> >>  > plus I'm sure Tony would like the feedback.
> >>
> >>  Was this paper peer reviewed ?
> >>
> >>  I'm interested in the problem, but this is not the paper.
> >
> >Not -the- answer but a part of perhaps. I think the paper helps in 
> >appreciation
> >of the maths and processes behind the concept
> >
> >>  AT&T's network is the most vulnerable? While Onyx is among the least
> >>  vulnerable?  Onyx is bankrupt, and their network is no longer in
> >>  operation. I guess you could argue Onyx not vulnerable any more.  This
> >>  paper starts out with some bad assumptions, such as there is one NAP in a
> >>  city, one path between cities or the marketing maps in Boardwatch are
> >>  meaningful.
> >
> >It does mention there being more than one NAP...
> >
> >Its also highlighting a point about increased resiliency through 
> >mesh redundancy
> >and it does acknowledge differences of scale.
> >
> >>  Until we figure out how to collect some meaningful starting data, we
> >>  can't draw these types of conclusions.
> >
> >And therein lies the problem! Plenty of room for theorising tho!
> >
> >Steve
> 
> 

Re: Risk of Internet collapse grows

[David Diaz]

Well, it seems the national news medias picked up on this story.  How 
us "geniuses" re-engineered the internet into a few points that could 
be knocked out, killing the internet.  The explanation used a bad 
analogy to explain it to the public.

As already mentioned a lot of bad assumptions were made, and now we 
will be questioned based on those assumptions.

There has to be a better way for us to play devil's advocate without 
media feedback.

Happy Thanksgiving.

Dave

At 0:17 + 11/28/02, Stephen J. Wilcox wrote:
On Wed, 27 Nov 2002, Sean Donelan wrote:


 On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
 > The full paper is available at:
 >
 > http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf
 >
 > password: grubesic
 >
 > It was posted on the www.cybergeography.org website with the password,
 > plus I'm sure Tony would like the feedback.

 Was this paper peer reviewed ?

 I'm interested in the problem, but this is not the paper.


Not -the- answer but a part of perhaps. I think the paper helps in 
appreciation
of the maths and processes behind the concept

 AT&T's network is the most vulnerable? While Onyx is among the least
 vulnerable?  Onyx is bankrupt, and their network is no longer in
 operation. I guess you could argue Onyx not vulnerable any more.  This
 paper starts out with some bad assumptions, such as there is one NAP in a
 city, one path between cities or the marketing maps in Boardwatch are
 meaningful.


It does mention there being more than one NAP...

Its also highlighting a point about increased resiliency through 
mesh redundancy
and it does acknowledge differences of scale.

 Until we figure out how to collect some meaningful starting data, we
 can't draw these types of conclusions.


And therein lies the problem! Plenty of room for theorising tho!

Steve


--

David Diaz
[EMAIL PROTECTED] [Email]
[EMAIL PROTECTED] [Pager]
www.smoton.net [Peering Site under development]
Smotons (Smart Photons) trump dumb photons

Re: Risk of Internet collapse grows

[Stephen J. Wilcox]

On Wed, 27 Nov 2002, Sean Donelan wrote:

> On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
> > The full paper is available at:
> >
> > http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf
> >
> > password: grubesic
> >
> > It was posted on the www.cybergeography.org website with the password,
> > plus I'm sure Tony would like the feedback.
> 
> Was this paper peer reviewed ?
> 
> I'm interested in the problem, but this is not the paper.

Not -the- answer but a part of perhaps. I think the paper helps in appreciation
of the maths and processes behind the concept

> AT&T's network is the most vulnerable? While Onyx is among the least
> vulnerable?  Onyx is bankrupt, and their network is no longer in
> operation. I guess you could argue Onyx not vulnerable any more.  This
> paper starts out with some bad assumptions, such as there is one NAP in a
> city, one path between cities or the marketing maps in Boardwatch are
> meaningful.

It does mention there being more than one NAP...

Its also highlighting a point about increased resiliency through mesh redundancy
and it does acknowledge differences of scale.

> Until we figure out how to collect some meaningful starting data, we
> can't draw these types of conclusions.

And therein lies the problem! Plenty of room for theorising tho!

Steve

Re: Risk of Internet collapse grows

[Mike (meuon) Harrison]

Sean: 
> the marketing maps in Boardwatch are meaningful.

ROFLMAO!!  - I needed a good laugh (I'm the NOC babysitter for this round 
 of Holidays.. looking at a  boring 4 days. )

On the semi-productive almost on-topic side: 

Are there any GOOD maps out there? I don't have a cool research
project, just lots of curiosity. 



meuon---
Music playing:   Stevie Wonder - Boogie On Reggae Woman.mp3

Re: Risk of Internet collapse grows

[Sean Donelan]

On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
> The full paper is available at:
>
> http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf
>
> password: grubesic
>
> It was posted on the www.cybergeography.org website with the password,
> plus I'm sure Tony would like the feedback.

Was this paper peer reviewed ?

I'm interested in the problem, but this is not the paper.

AT&T's network is the most vulnerable? While Onyx is among the least
vulnerable?  Onyx is bankrupt, and their network is no longer in
operation. I guess you could argue Onyx not vulnerable any more.  This
paper starts out with some bad assumptions, such as there is one NAP in a
city, one path between cities or the marketing maps in Boardwatch are
meaningful.

Until we figure out how to collect some meaningful starting data, we
can't draw these types of conclusions.

Re: Risk of Internet collapse grows

[Richard Irving]

I thought we agreed, no politics
or, =functional= public disruption strategies!

  :D

.Richard.

==
A historic moment, the very first head of "homeland security",
makes a patriotic speech at a GOP convention:

 http://www.webcorp.com/video/mcarth2a.avi

(Click Twice, QID ;)
Vadim Antonov wrote:
> 
> On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:
> 
> > It depends which exchange point is hit.  There are a couple of buildings
> > in London which if hit would have a disasterous affect on UK and European
> > peering.
> 
> Why hit buildings when removing relatively small number of people will
> render Internet pretty much defunct.  It does not fly itself (courtesy to
> the acute case of featuritis developed by top vendors).
> 
> Feeling safer?
> 
> --vadim

Re: Risk of Internet collapse grows

[Vadim Antonov]

On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:

> It depends which exchange point is hit.  There are a couple of buildings 
> in London which if hit would have a disasterous affect on UK and European 
> peering.

Why hit buildings when removing relatively small number of people will 
render Internet pretty much defunct.  It does not fly itself (courtesy to 
the acute case of featuritis developed by top vendors).

Feeling safer?

--vadim

Re: Risk of Internet collapse grows

[sgorman1]

The full paper is available at:

http://whopper.sbs.ohio-state.edu/grads/tgrubesi/survive.pdf

password: grubesic

It was posted on the www.cybergeography.org website with the password,
plus I'm sure Tony would like the feedback.  

Re: Risk of Internet collapse grows

[David Diaz]

Actually, I think we should all be more concerned that in most metro 
cities, there is always 1 major mega CO.  In the CO, not only do the 
RBOCs have tremendous critical technology aggregated there, but 
almost every telcom provider also locates key technology and network 
there.  Knocking out that facility would critically damage both voice 
and data in that region.  It is also a critical interconnect point 
btw operators since they all happen to be there.

Does anyone still remember that event in Atlanta where worldcom lost 
power in one of their facilities after a storm knocked out power, and 
the generator had contaminated fuel (circa 1997).  That had a major 
affect on communications and we are not even talking RBOC CO.



At 5:46 -0800 11/27/02, Eliot Lear wrote:
Yah, the abstract indicates what most of us already know.  Good 
coverage and redundancy options in urban areas; less so for rural 
areas.  Why should this shock anyone?  Imminent death of the 'net is 
*not predicted ;-)

Eliot

--

David Diaz
[EMAIL PROTECTED] [Email]
[EMAIL PROTECTED] [Pager]
www.smoton.net [Peering Site under development]
Smotons (Smart Photons) trump dumb photons

Re: Risk of Internet collapse grows

[David Diaz]

Exactly my thought.  I didnt mention it for fear of rambling.  But 
there are areas of limited redundancy, and those are larger targets. 
I used to receive "interesting" messages from rebels in S. America 
because at the time we were working with some of the larger companies 
down there by hosting their sites, and running IP connections.  An 
attack at key sites like landing centers etc could cut off a lot of 
S. America.

It was also a selling point pushed by people like PanAmSat that would 
claim it was hard to knock out a bird, and they were going direct to 
each customer.

It does seem that most hostile groups out there are more interested 
in something more gory then saying "ha we have denied the infidels 
their spam this week..."


At 13:28 + 11/27/02, [EMAIL PROTECTED] wrote:
On Wed, 27 Nov 2002, David Diaz wrote:


 I think this is old news.  There was a cover story back in 1996 time
 frame on  Mae_east.  We have to ask how likely is this with many of
 the top backbones doing private peering over local loops, how much
 damage would occur if an exchange point where hit?


It depends which exchange point is hit.  There are a couple of buildings
in London which if hit would have a disasterous affect on UK and European
peering.

What about fibre landing stations?  Are these diverse enough?  Again, most
of the transatlantic fibre (for the UK) appears to come in near Lands End.

Rich


--

David Diaz
[EMAIL PROTECTED] [Email]
[EMAIL PROTECTED] [Pager]
www.smoton.net [Peering Site under development]
Smotons (Smart Photons) trump dumb photons

Re: Risk of Internet collapse grows

[E.B. Dreger]

DRD> Date: Wed, 27 Nov 2002 07:46:26 -0500 (EST)
DRD> From: David R. Dick


DRD> Doesn't that argue for a more mesh-like architecture?

>From a resiliency standpoint, yes.  Economics, and to a certain
indirect sense capacity concerns, favor aggregation over route
diversity.  N! is not your friend.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~
Date: Mon, 21 May 2001 11:23:58 + (GMT)
From: A Trap <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <[EMAIL PROTECTED]>, or you are likely to
be blocked.

Re: Risk of Internet collapse grows

[Eliot Lear]

Yah, the abstract indicates what most of us already know.  Good coverage 
and redundancy options in urban areas; less so for rural areas.  Why 
should this shock anyone?  Imminent death of the 'net is *not predicted ;-)

Eliot

Re: Risk of Internet collapse grows

[Andrew Odlyzko]

  > On Wed, 27 Nov 2002, [EMAIL PROTECTED] wrote:

  On Wed, 27 Nov 2002, David Diaz wrote:

  > I think this is old news.  There was a cover story back in 1996 time 
  > frame on  Mae_east.  We have to ask how likely is this with many of 
  > the top backbones doing private peering over local loops, how much 
  > damage would occur if an exchange point where hit?

  It depends which exchange point is hit.  There are a couple of buildings 
  in London which if hit would have a disasterous affect on UK and European 
  peering.
   
  What about fibre landing stations?  Are these diverse enough?  Again, most
  of the transatlantic fibre (for the UK) appears to come in near Lands End.

  Rich



There is not all that much diversity in many aspects of the
telecommunications infrastructure.  There are some interesting
pages prepared by John Young at Cryptome .
It is a nice combination of public source maps and aerial photographs.

Eyeballing Telephone Switching Hubs in Downtown Manhattan (10th July 2002)
http://cryptome.org/nytel-eyeball.htm

Eyeballing US Transpacific Cable Landings (July 2002)
http://cryptome.org/cablew-eyeball.htm

Eyeballing US Transatlantic Cable Landings (7th July 2002)

Full list of Eyeballing projects
http://cryptome.org/eyeball.htm

Andrew 

Re: Risk of Internet collapse grows

[Stephen J. Wilcox]

On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote:

> 
> On Wed, 27 Nov 2002, David Diaz wrote:
> 
> > I think this is old news.  There was a cover story back in 1996 time 
> > frame on  Mae_east.  We have to ask how likely is this with many of 
> > the top backbones doing private peering over local loops, how much 
> > damage would occur if an exchange point where hit?

well recent issues have suggested an exchange can cause short term issues at
least, for a longer outage i dont think we have an example.. in the short term
flap dampening causes unreachability and circuits hitting capacity prior to a
reroute by the noc are big problems but these may be solvable (or worsened) if
an outage were to persist..

> It depends which exchange point is hit.  There are a couple of buildings 
> in London which if hit would have a disasterous affect on UK and European 
> peering.

Europe would reroute, UK would suffer.. but this comes back to the regional
effect

> What about fibre landing stations?  Are these diverse enough?  Again, most
> of the transatlantic fibre (for the UK) appears to come in near Lands End.

Hmm, I know of multiple landings including lands end... so it is diverse, but
the sheer bandwidth down one cable is very large, an outage would be noticable.

Steve

Re: Risk of Internet collapse grows

[variable]

On Wed, 27 Nov 2002, David Diaz wrote:

> I think this is old news.  There was a cover story back in 1996 time 
> frame on  Mae_east.  We have to ask how likely is this with many of 
> the top backbones doing private peering over local loops, how much 
> damage would occur if an exchange point where hit?

It depends which exchange point is hit.  There are a couple of buildings 
in London which if hit would have a disasterous affect on UK and European 
peering.
 
What about fibre landing stations?  Are these diverse enough?  Again, most
of the transatlantic fibre (for the UK) appears to come in near Lands End.

Rich

Re: Risk of Internet collapse grows

[David Diaz]

Title: Re: Risk of Internet collapse
grows


I think this is old news.  There was a cover story back in
1996 time frame on  Mae_east.  We have to ask how likely is
this with many of the top backbones doing private peering over local
loops, how much damage would occur if an exchange point where
hit?

I have 2 different questions.  1) In the current
environment, are peering circuits running fuller then in previous
years.  I ask after there has been questions on UUNET/L3 Capacity
in europe etc.  If the case is so, then an attack in one peering
location/region might cause major problems as other peering sessions
become overloaded.

2)  Wouldnt an attach on particular servers that are NOT
redundant have a more significant affect?  Are microsoft's
servers mirrored?

Just posing a scenario.

Thought this might be worth passing
on:
http://news.bbc.co.uk/2/hi/technology/2514651.stm
 
There is a recent book out called
"Linked: The New Science of Networks" which details the
potential for causing widespread Internet damage by targeting a few
hubs instead of random or widespread attacks against large numbers of
hosts.  This simulation seems to backup the author's
concerns.
 
Irwin


-- 


David Diaz
[EMAIL PROTECTED] [Email]
[EMAIL PROTECTED] [Pager]
www.smoton.net [Peering Site under development]
Smotons (Smart Photons) trump dumb photons

Re: Risk of Internet collapse grows

[David R. Dick]

Doesn't that argue for a more mesh-like architecture?

> 
> Thought this might be worth passing on:
> http://news.bbc.co.uk/2/hi/technology/2514651.stm
>  
>  
> There is a recent book out called "Linked: The New Science of Networks"
> which details the potential for causing widespread Internet damage by
> targeting a few hubs instead of random or widespread attacks against large
> numbers of hosts.  This simulation seems to backup the author's concerns.
>  
> Irwin
> 

Re: Risk of Internet collapse grows

[Sharif Torpis]

http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6V1H-461XHCP
-1&_user=10&_coverDate=02%2F28%2F2003&_rdoc=4&_fmt=summary&_orig=brows
e&_srch=%23toc%235675%232003%2399978%23346577!&_cdi=5675&_sort=d&_
docanchor=&wchp=dGLbVzb-lSzBA&_acct=C50221&_version=1&_urlVersion=
0&_userid=10&md5=07d46c9a1f4d02e61db9a1aaff89514e

---
"Whenever I'm caught between two evils, I take the one I've never
tried." - Mae West

On Wed, 27 Nov 2002 03:06:30 -0500 (EST), Sean Donelan wrote:
>
>On Tue, 26 Nov 2002, Irwin Lazar wrote:
>>Thought this might be worth passing on:
>>http://news.bbc.co.uk/2/hi/technology/2514651.stm
>>
>
>Its difficult to tell what the authors have discovered since the
>paper
>won't be published for four months.  From the press release I notice
>some language which would indicate it may have the same issues other
>Internet models have predicting the impact of physical disruptions.
>
>Q: What's the difference between airline traffic and highway traffic
>during a snow storm in Chicago?
>
>A: A snowstorm in Chicago doesn't have much of an impact on highway
>traffic through Dallas.  But a snowstorm in Chicago does impact air
>traffic in Dallas.
>
>Air traffic in the US is a tightly coupled system. Air traffic is
>coordinated nationally, and passengers must make connections at
fixed
>points which are difficult to change.  Its difficult to get on a
>different
>plane heading in the general direction of your destination.
>Automotive
>traffic is loosly coupled.  Auto traffic is locally controlled and
>cars
>may be individually re-routed towards its destination at many
>different
>points.
>
>Which analogy is closer to what happens to the Internet?  Air
>traffic or
>highway traffic?  Or maybe Internet traffic is like Internet
traffic.

Re: Risk of Internet collapse grows

[Sean Donelan]

On Tue, 26 Nov 2002, Irwin Lazar wrote:
> Thought this might be worth passing on:
> http://news.bbc.co.uk/2/hi/technology/2514651.stm
> 

Its difficult to tell what the authors have discovered since the paper
won't be published for four months.  From the press release I notice
some language which would indicate it may have the same issues other
Internet models have predicting the impact of physical disruptions.

Q: What's the difference between airline traffic and highway traffic
during a snow storm in Chicago?

A: A snowstorm in Chicago doesn't have much of an impact on highway
traffic through Dallas.  But a snowstorm in Chicago does impact air
traffic in Dallas.

Air traffic in the US is a tightly coupled system. Air traffic is
coordinated nationally, and passengers must make connections at fixed
points which are difficult to change.  Its difficult to get on a different
plane heading in the general direction of your destination. Automotive
traffic is loosly coupled.  Auto traffic is locally controlled and cars
may be individually re-routed towards its destination at many different
points.

Which analogy is closer to what happens to the Internet?  Air traffic or
highway traffic?  Or maybe Internet traffic is like Internet traffic.

Risk of Internet collapse grows

[Irwin Lazar]

Thought this might 
be worth passing on:
http://news.bbc.co.uk/2/hi/technology/2514651.stm
 
There is a recent book out called "Linked: The New 
Science of Networks" which details the 
potential for causing widespread Internet damage by targeting a few hubs 
instead of random or widespread attacks against large numbers of hosts.  
This simulation seems to backup the author's concerns.
 
Irwin