Whatever Happened to Internet Redundancy?

blueforce asks: "At one time, there was this really neat concept built into the internet that said there's all this redundancy like a spider web. If one segment or router would go down the internet would re-route traffic around the faulty segment and keep on chuggin'. So, as I sit here today and can't get to a whole bunch of places on the net, I'm wondering what gives? Where's all the redundancy? I'm not referring to mirrors or co-location. It almost seems like a script-kiddie with some real ambition could bring the world to it's knees. What really happens when routers go down, and what goes on when something like a Cable and Wireless pipe or someone else's OC-something backbone goes down?" Redundancies are nice, but not infinite. Planned DoS attacks can take out dozens or hundreds of routers at once, and as the number of downed nodes increases, the process of rerouting becomes increasingly difficult. What are some of the largest problems with the current systems in use today, and are there ways to improve them?

Re:You can only be redundant to a point

this post is redundant to exactly that point.

first pointed out it was rendundant post!

Re:Hi!

OK, a guy asks what is actually a valid question, and you decide you need to use the opportunity to try boost your poor self-esteem by mocking the guy and trying to show off your (actually seemingly undergraduate level) knowledge of internet routing? You think that knowing the basics about internet routing makes you better than other people? Get over yourself. BGP has problems of its own, like requiring huge fucking routing tables.

Re:The bean counters took over

[Mike+Hicks]

Well, considering that I find my Internet connection more useful than my phone line, as well as the fact that I demand (damn near) 100% reliability from my phone, I think ISPs will eventually realize that they cannot survive if they only provide 80% (or 95% or whatever) connectivity.

Of course, there's that whole other problem of ISPs restricting certain types of traffic (upstream, certain *cough*Napster*cough* ports, etc). I really don't like intentionally degraded service...
--

Connecting nodes

[Mike+Hicks]

I just read about this a week or so ago.. Back before the ARPANet was built, someone did the math and discovered that you only need three or four connections to each node to provide reliability very close to what you'd have if all of the nodes were directly connected to all of the other nodes. In practice, I don't think that even the ARPANet got to that level of connectivity. Certainly, Internet Service Providers of today generally don't have anywhere near that level of connectivity.

There are a number of obvious reasons why high levels of connectivity don't exist. One is cost -- who wants to pay for multiple connections if you usually only need one? That's also a somewhat psychological problem. Obviously, there are advantages to having multiple connections -- lower ping times and throughput to what would otherwise be `distant' networks, for instance.

Another reason is the fact that routing tables would be extremely complex if that many connections existed. There may be algorithms that can reduce the complexity, but it's definitely not something I really want to think about..

Otherwise, I suppose a lot of people just haven't thought about it.
--

Re:Hi!

[Wakko+Warner]

"roww-ting", of course. like "owl". or do some people call those birds "ools"?

--
Forget Napster. Why not really break the law?

Re:The world on its knees

[Chris+Johnson]

Eighty-seven _trillion_ dollars of money was exchanged in international foreign exchange electronic transactions.

That's not last year, or this year- that was back in 1986. Before the 70s, it was like one or two trillion a year, and then it started to snowball. Finance is by far the biggest customer of communications networks.

Taking out the world's financial networks for a second would impede $2 grand worth of transactions. A minute of downtime a year would be $165K- an hour, nine million dollars. And that is from the 1986 figures- more than a decade ago. Any guesses on how much of the world's financial transactions go over the net now?

It's true. Or to be more accurate- the world's finances could be sabotaged in this way quite easily. The weird thing is, it's already taking damage just from stuff like Microsoft's irresponsibility- you don't have to have a malicious geek with a trenchcoat to cause billions of dollars of financial damages. Your software vendor can do you that kind of damage without even thinking, charge you for it, and then go set you up for even more.

Re:interesting timing

[shogun]

Oh you have noticed the improvements in geriatric sex aids like Viagra then?

Re:yes but

[shogun]

I dont think you understand what he's saying. What he's trying to say is that America doesn't produce as much pollution in relation to its energy consumption as other nations do. Not that it justifies their great consumption in the first place.

Detour Project at U of Washington

[three14]

There's a research project called Detour at the University of Washington to look into fixing this kind of thing.

The only working link I can find right now is

http://www.cs.washington.edu/homes/savage/papers /I EEEMicro99.pdf

Redundancy is a thing of the past

[alewando]

The common misconception is that the internet is valuable because it allows multiple viewpoints to reach multiple audiences via multiple pathways--hence the focus on redundant infrastructures and the decentralization of services. The reason why it's a misconception is not because those features no longer exist (though they're fading); it's because there's no longer a need.

The consolidation within the news-service sector of our economies has assured one thing: there is now only one message to get across. Only one message and soon only one audience, as human languages are dying out (thanks in part to the internet but more because of radio). If there is only one message and one audience, then you no longer have to worry about having multiple pathways. Redundancies have been made redundant.

But the corporatization of the internet is only partially to blame. More of the blame falls on the EU: who would've thought that banding the nations of Europe together in one bureaucratic machine could do so much harm to human civilization? Like the internet, sovereignty was once decentralized and redundant across many pathways. Now, a single marching order can come from Brussels and there'll be a third world war.

But redundancy is a very necessary thing. It's not safe to have just one of something: we must have several. If we are to have a third world war, we must have competing manifestations (WW3a and WW3b, for example), or else how can we possibly determine which was the more effective or more desirable? And what if one were to fizzle out? In the old world order, we'd be covered by grand international rivalries. In the new world order, we can only hope that fleeting petty intracultural differences can take up the slack.

The internet is an incredibly important technological phenomenon, but let's not allow it to blind us to the more pressing drives in humanity (such as competition). Looking solely at the internet as an end product may mask the underlying social and political conditions that created our mess in the first place.

Re:Redundancy is a thing of the past

[yesthatguy]

Redundancies have been made redundant.

Well, uh...that IS sort of their purpose in the first place.

Re:Redundancy is a thing of the past

[yesthatguy]

Redundant != bad

Even in writing/language, where it is often criticized and carries a negative connotation, it can be effective. In speaking to a large group, it helps to reiterate one's point a few times. While this is redundant, it helps to emphasize the major purpose of one's argument, and saying one thing a few ways makes it more likely that it has been presented in a fashion that someone will understand.

In most other (not language) senses, redundancy is always a good thing: RAID, redundant networks as mentioned in this article. Redundancy means security and protection against failures of one thing in a chain. Space Shuttles and other risky ventures have redundant mechanisms so that the failure of one does not immediately constitute a mission- or life-threatening emergency.

Re:Redundancy is a thing of the past

[deaddrunk]

But the corporatization of the internet is only partially to blame. More of the blame falls on the EU: who would've thought that banding the nations of Europe together in one bureaucratic machine could do so much harm to human civilization? Like the internet, sovereignty was once decentralized and redundant across many pathways. Now, a single marching order can come from Brussels and there'll be a third world war. What the hell are you talking about? Please explain this statement.

Re:Timely Question

[Tim+Doran]

The Rogers network (ie. Rogers@Home) was partially disrupted a few weeks ago by 'copper thieves' near St. Catharines, Ontario a few weeks back.

Is the outage you were thinking of?

Kinda makes you wonder why a lot of data traffic would be going over copper. I thought copper was mostly restriced to the last mile these days.

Or is there so much copper out there that it won't be phased out for years? Anyone?

Re:You can only be redundant to a point

[CaseyB]

The funniest thing about this is going to be the (-1, Redundant) moderation of this double post on redundancy.

The bean counters took over

[ptomblin]

Back when the Internet was designed and run by techies, the techies would say that they needed three redundant backbones running through different cities and with no common switching points to make sure they had 100% uptime, and they leased the lines to do it. But now the Internet is in the hands of profit seeking companies, and the bean counters say "we don't have to have 100% reliability, 80% is good enough, so stop using three backbones where one will do", and suddenly you have the situation where one backhoe can cut off one part of the country from another.

Re:The bean counters took over

[seichert]

Actually the consumers took over. Specifically the non-techie residential consumers who made the Internet a true innovation and commercial success. They do not demand 100% reliability at this time and thus will not pay for it. Now, if the cable TV goes down for 5 minutes you will hear them scream. Until 100% (or rather 99.999%) reliability is really desired (i.e. they will call and yell when it goes down) you will not see too many companies wasting the money on redundancy.

Right now if you said to the average residential DSL subscriber, "hey you are getting like 90% reliability, for an extra $15/mo I can get that up to 99% reliability" he probably wouldn't care.
Stuart Eichert

Re:The bean counters took over

[RomulusNR]

Two other big points.

One, the major backbones are maintained by a small number of companies. Especially now as CLECs die like mayflies and regional ISPs and ILECs get gobbled up by nats and multinats. (In the ISP arena, from my experience, the bean counters are even willing to risk total pipe saturation than to pay the expense of the expansion they need to meet sales estimates -- never mind ensure backbone redundancy!) But basically, you have a small number of companies who though individually are expanding their pipes, on the whole the expansion is not enough. Not only that, but the complexity (not just technical but administrative and accounting-wise) of multiple pipes from multiple vendors and peers is considered unnecessary, when they can just get bigger/more pipes from the same upstream.

Two, the consumer focus on Internet isn't reliability -- it's speed. The popularity of DSL in the face of its gaping unreliability is a sure sign of this. In order to serve customers, ISPs/ILECs only need bigger pipes, not "better" ones. Customers will complain about a day or two's worth of downtime, but in the end rarely is the information or method of communication important enough for there to be a viable market in reliable connectivity over fast connectivity.

Basically, if you want any of the old Internet traits -- reliability, noncommerciality, technical assurance -- you'd be better off making your own Net. (Honestly I dont know why one hasnt sprung up already.)

--

Re:The bean counters took over

[tech_imp]

You sure ...

The kiddies may have a say in this too. The power that they have at their hands to just about cream a segement of the net with a low tech DoS attack is pretty amazing. I happened to be managing a small site that was hosted by the same folks who do Amazon and we were totaly taken off line as a result of DoS attacks -- it sucked.

Not sure that the bean counters are the ones we need to be worried about ... do you know how safe your border routers are?

Re:The bean counters took over

[JebOfTheForest]

Internet is in the hands of profit seeking companies, and the bean counters say "we don't have to have 100% reliability, 80% is good enough, so stop using three backbones where one will do",

I think that's a rather naive attitude. When these "bean counters" took over, it was so that regular people would be able to afford internet connectivity. The problem with the techies you refer to is sure, they'll design an awesome, redundant system...that only the government, stanford research labs, and BBN can afford to be connected to. The economic principles that shape the behaviour of said profit-seeking companies has made the internet an affordable medium for a lot more people. The trade-off is that we don't have the same reliability any more.

jeb.

Re:The bean counters took over

[XO]

I don't know about anywhere else, but until Commercial ISP's took over the Internet, Internet access to everyone in Michigan was -free- from about 1983 until MichNet finally closed the door on -free- back in.. oh, 1992, I think it was, after slipping an increasing amount of security into their system over the 3-4 years previous to it.

Just no one knew about it.

Of course, there was no WWW then.

All your base belong to ---===*> XO

Re:BGP (adn IPv6)

[Paul+Jakma]

mainly because with IPv6 they have a clean slate to assign the addresses properly to allow for clean and dense aggregation.

also, ipv6 allows for things like having the assigning the last 64bits of your address space statically or dynamically but /without/ having it tied to the first 48 bits (or whatever) that controls how packets are routed to you. IPv6 DNS also supports this division of host id and network. So that you can renumber your network from DNS by just changing one record!

What it means is that, where currently with IPv4 if you want 2 redundant links to the internet from 2 providers you will have to either:

- get a provider independent chunk of addresses from your NIC and have both your ISPs add this (small) subnet to their BGP adverts. PI subnets are increasingly more difficult to get, cause they're running low and cause they are a huge overhead on routing at backbones, and hence discouraged - your ISP isn't even required to add your PI to their BGP adverts.

- or get provider dependent subnet from one and persuade the other ISP to advertise this chunk (not good).

- or get a PD subnet from both and dual-home all your hosts which could be a mighty pain in the arse if you have any significant number of hosts.

Instead, with IPv6, you just get 2 chunks of address space, say dead:beaf:: and f00b:a43d:: from each of your ISPs address space. You assign a unique host id to each machine, and let them figure out that their full ipv6 addr can be either dead:beaf::hostid or f00b:a43d::hostid statically, or even better, dynamically from the peers/dhcp server/ routers around them.

And v6 DNS supports this fully, you look up an A6 record and the answer consists of hostportion and a pointer to which records to look up to find out what the network portion is. You look up the network record, cat the previously found host portion and this network portion together and you have your IPv6 address.

(ie change just that one network record and you've updated network number in DNS for all your hosts, cool).

anyway, sorry i can't be more specific about the ipv6 auto-config stuff, but it is in the specs. they did think about this stuff over the last, what, 8 years or so (???) that they've been working towards ipv6.

If people are interested in playing with IPv6, well play with it at home! Eg, linux with the USAGI patches (www.linux-ipv6.org) works perfectly. Then you can get a tunnel from the 6bone (6bone.net), and after that maybe even a /64 from your tunnel provider. Ie: public IP addresses for all your machines at home - bye bye NAT!!

The destination isn't redundant.

[LetterJ]

I can have 35 ways to get to Minneapolis, but if the city is destroyed, or the place I want to visit inside the city closed down, they don't do much good.

LetterJ
Head Geek

You know, it still is.

[stripes]

It still is. If you go into a UUNET HUB and unplug a GW nothing happens (well after routing converges again). Same if you take out a TR, or XR, I forget the difference. Other big ISPs are similar.

And if you look at the older way it was redundant, take out a long haul link and things route around, well it still works, take out a long haul link and traffic flows along the ones that still exist (even if they are a very different path).

What isn't redundant? Your link to the ISP probably isn't. The router you land on at the ISP's hub probably isn't. With enough money you can buy two links, better yet to two different ISPs. Most ISPs don't have more then two exit routers per hub, so if both go you are screwed. Some hubs only have two exits. I expect some ISPs aren't even that good, but you do get what you pay for. Don't buy connectivity from a cut rate provider and complain that they aren't redundant. What else? Well whoever you want to talk too might not have redundant connections. Sometimes a whole ISP can do something that screws them (load a Cisco or Juniper code release that has a bad bug that didn't show up in their or your testing...or screw up your L2 fabric or...), but the other ISPs are still alive and kicking. They can all talk to each other if while you are dead (unless they don't really have a backbone, but just wholesale for the dead ISP, and only the dead ISP, but again you get what you pay for)

Still, that's not too bad.

Did you expect it to be better?

redundancy is expensive

[spif]

It's really simple: redundancy is expensive. If you want redundancy, you have to pay for it. There are ISPs that have redundant POPs with redundant backup power, redundant telco access providing redundant backbone and local loop paths, redundant switches, redundant routers and redundant peering who will provide redundant tail circuits and redundant routers to their customers. But this all costs money. And of course, the beauty of the internet is that no matter how redundant your connection to it is, the connectivity of your destination may be totally unprotected and unreliable. Or their servers might be hosed. Or their database might be corrupted. Or whatever. For critical services, you need redundancy everywhere, and it can get obscenely expensive. Fortunately, people who rely heavily on such services are typically willing to pay through the nose for them.


fnord.

The 'net & real life

[maggard]

First of all yes it is possible to configure your own little part of the world to continue working in case of a meltdown.

You'll need multiple connections that are all independant. This can be difficult to ensure as lots of times Company A's fiberlink will be in the same trench as Conpany B's & so the same backhoe will take them both out even though you used two services. You'll need to determine the full path your data will take & lots of time the salesfolk won't have or even understand what you want, particularly if you're not a big commercial account.

Then you'll need a way to route your inbound & outbound traffic dynamically. BGP is the method of choice but it's *not* a friendly thing. For the small-time techie Zebra & other tools are under development to help with this sort of thing but it's still tricky tricky stuff full of gotchas.

The same redundancy advice goes for power - you'll need at least two separate services that are well & truly separate, not just the same line coming in the front door as well as the back door. Local generation for backup is also a good idea. You'll need to test everything regularly - systems often fail & a botched hand-off can ruin your whole day.

That said a buddy set his house up to be always-connected. UPS's on key hardware. BSD on dual laptops using BGP connected to cable-modem, ADSL, dial-up, digital-cellphone & a ham packet radio rig. Even has a wireless connection to a friend in another town a few blocks away but on a different part of the grid & central exchange with a similar setup.

Of course it's still possible for something to break in a big way. One EMP over Arlington Virginia-area would take out lots of important services, probably causing major disruption in the confusion & resultant instability. Heck a group with an axe to grind could presumably cut enough critical cables in isolated areas in an hour or two to 'cause significant traffic problems globally.

This is of course no more different then bringing down any number of other services: Water, electricity, sewage, roads, gas pipelines - none are particularly hard to shut down if one is nuts enough to try.

You can only be redundant to a point

[TBone]

Eventually, you will reach a single connection on the path that leads to the machine you are looking for. Many providers have redundant connection to the backbones, but, for example, there is only 1 connection from them to you. And actually, there are many providers who do not have redundant, topologically separate connections to the backbone.

The internet wasdesigned so that if any particular switching point went down, the others could keep up with it. The idea was nice 20 years ago when there were 50 NAP's. There's probably 50 NAPs within 10 miles of me right now. So we're not quite as redundant as intended, but we're still pretty redundant.

Re:You can only be redundant to a point

[kev-san]

(Score:2, Redundant)

That's the most ironic comment rating that I've ever seen.

Re:You can only be redundant to a point

[Spunk]

You can only be redundant to a point (Score:3, Redundant)

Thank you, moderator, you just made my day!

(Sorry, T-Bone)

--

Re:You can only be redundant to a point

[ekrout]

TBone: we are talking about getting better redundancy with Internet connections, not better redundancy with Slashdot posts (#6 #7).

I'm not sure if you hit "Submit" twice, or if you were trying to be witty by posting a comment twice that pertains to redundancy. Well, either way, I'm amused!

Re:You can only be redundant to a point

[srichman]

Eventually, you will reach a single connection on the path that leads to the machine you are looking for. Many providers have redundant connection to the backbones, but, for example, there is only 1 connection from them to you.

Where I work we use two providers. Redundancy in a company's ISPs/backbone connectivity is a reasonable and, depending on your needs, essential.

If you're sitting at home with only one ISP (which is expected), then you should just recognize and accept that having a single point of failure on your end is a fact of life on the consumer end of the commodity Internet. When I'm sitting at home, my power supply and hard drive and network card are all single points of failure as far as my network access is concerned, but I can live with that.

You can only be redundant to a point

[TBone]

Eventually, you will reach a single connection on the path that leads to the machine you are looking for. Many providers have redundant connection to the backbones, but, for example, there is only 1 connection from them to you. And actually, there are many providers who do not have redundant, topologically separate connections to the backbone.

The internet wasdesigned so that if any particular switching point went down, the others could keep up with it. The idea was nice 20 years ago when there were 50 NAP's. There's probably 50 NAPs within 10 miles of me right now. So we're not quite as redundant as intended, but we're still pretty redundant.

Re:ASK YOUR ISP WHO THEIR ISPs (PLURAL) ARE!

[TBone]

If your ISP is linked only to PSInet, you have more problems than a non-redundant connection - PSINet may only have 1 month of $$$ left.

Internal vs. External disruption

[ocie]

I think part of this was due to the lax security of the original Internet design. The routers are all safely locked up and the "bad guys" are not able to log into the network.

If the "bad guys" blow up one of your routers, the network can cope. If they can log in and start downloading pictures of Britney Spears and clog your network, there's not much you can do.

Hyperbole

[FFFish]

"...like a script-kiddie with some real ambition could bring the world to it's knees."

Er, yah. Right. To its knees.

Good god, we're not talking about a nuclear war.

--

Re:BGP

[Cato]

There's some interesting stuff around on faster recovery and convergence - see http://www.nanog.org/, recent presentations, and in particular http://www.packetdesign.com/Docs/isis.pdf which talks about millisecond-level convergence through better algorithms and faster updates on big links, etc.

You can also use layer 2/2.5 type technologies, such as SONET Automatic Protection Switching (APS) or MPLS Fast Recovery, which can recover much faster from certain types of failures. However, this won't address the whole issue.

ISPs that serve the business market are adding extra services such as IP VPNs, competing with Frame Relay and ATM, and are having to improve their availability figures - over time, this technology will filter down to the consumer market.

The Internet is already much more reliable and much faster than it was in 1995 - hopefully this will continue...

Re:I found the problem

[artdodge]

There's a pretty significant body of research into web usage, actually - file sizes and transfer length in particular have been pretty squarely beaten to death.

For example, file/transfer sizes seem to follow what's called a "Heavy-Tailed" distribution (usually modelled as Paretto). This means, roughly, "most of the files are small; most of the bytes are in big files."

The parameters of the distribution depend on where in the network you take the measurements (inside the client, mid-net proxy, server).

• W3C's Web Characterization Activity
• Generating Representative Web Workloads for Network and Server Performance Evaluation - BUCS TR 1997-006 - Crovella and Barford
• Changes in Web Client Access Patterns - BUCS TR 1998-023 - Barford, Bestavros, Bradley, Crovella
• etc etc etc...

There are some old studies of which low-level protocols appear most on the backbone (UDP vs TCP for picking out "streaming" candidates etc); they're harder to get now that the backbones are commercial instead of research-centric.

As for how much is porn and how much is business, well... I've been involved with some studies that have casually looked at that, too; In one trace I checked out, about 13% of requests included some word that would indicate a site with strong sexual content (The 13% number is without trying very hard; it's also worth noting that the percentage of bytes in responses to those requests was a larger percentage, on the order of 20-something IIRC). Unfortunately, it's a little harder to differentiate "business" from "casual/home" with heuristics, so no numbers there.

The point is it is redundant for everyone else...

[BoBG]

Well if that doesn't guarantee some down-moderation...I don't know what does. =P

Anyway, lets all remember that the internet was built to service places that look more like datacenters and colocation gateways, than your living room or mine. That said, we as individual network subscribers an afterthought, not the primary design model. Redundancy is expensive, and $20-$40 a month doesn't quite cut it for that kind of expense.

The other thing to bear in mind with redundancy is that it was meant not to ensure your connection to the network no matter what, remember you don't exist any more because you were vaporized for being at the wrong end of an ICBM's parabola. =P That sort of thing is guaranteed to lower your modem connect speeds if you catch my meaning... The rest of the network, however will do just fine without your participation, and that is the redundancy that IP was designed for. I must say, with all of the posts complaining about service interruptions, my network connection was responsive, and useful through all of them. I expect it will be too....at least until some backhoe/ICBM moves in to complicate things.

Re:Wow..

[M@T]

Telstra a better ISP??? Get real... Telstra are the primary reason we have such shit redundancy in Australia. Just about everything ends up being routed through a Telstra server somewhere, and as with all large monolithic ex-government buearocracies, they do a terrible job of keeping them running.

What redundancy means

[Conor6]

When the net was originally created/designed, it was the child of ARPA. It was during the Cold War, and there was worry that the Russians, knowing we had an information network, could bomb it strategically, destroying the choke points and rendering us weaker.
So it was designed for any point to be physically destroyed, and for the whole to continue functioning. They did not, however, worry about an attack via less tangible means, like huge quantities of packets. So, the redundancy that you say is gone, isn't. The net will still function after a military strike or natural disaster, but a well-done DDoS attack can cripple it, and that's fine by the Day One specs.

~Conor (The Odd One)

not just smaller countries

[jonbrewer]

Any country that sends the majority of their traffic to the outside world through one connection is vunerable. That would be most countries with state-run telcos.

For example, the vast majority of traffic in and out of Poland goes through through one link out of Teleglobe's NY pop. That's a country of 40 million people, at least 10% of whom use the Internet through the state telco. (almost everyone uses the state telco for Internet) Lose a router and 4 million people are disconnected from the net.

(by the way, if anyone wants to enlighten me of any recent changes in this situation, I'd be willing to listen, but still skeptical)

Re:Someone has an adjenda at work

[ethereal]

That's all right, "overrated" is the closest to an accurate negative moderation of one of my posts that I've seen in a while. Usually I end up being "flamebait" or "troll". At least I have posted something in the past which was overrated, so I can consider this to be karmic retribution.

I hope for metamod too (and I like to think I've fixed some things in that phase) but I don't hold out too much hope.

Cost

[Sloppy]

Redundancy is (obviously) inefficient. The DARPA days and a 'Net designed to be able to take nuclear hits is long past. It's commercial now, which means saving a penny here and there makes sense. After all, would you pay twice as much for your ISP to have twice as many connections to the outside? Well, maybe you would if you're a nerd, but most people won't. So the ISP that has twice the connections at twice the cost, is defeated in marketplace by efficient (but less reliable) competitor.
---

It's a convenience feature.

[sharkey]

Removing the redundencies and only needing to shut down a few key routers to shut off the Internet is a feature. By doing this, they are able to cut the Internet Cleaning Time on New Year's by almost 75%, since the Internet can be shut down, and brought back up with fewer network operators working on it, and each having to do less. Therefore, this New Years Eve you only have to make sure you're disconnected from 1:00 AM to 3:00 AM to keep your data from being erased when they clean the Internet.

--

Re:It's a convenience feature.

[altserver]

ROTFLMAO...wish I was moderating today!

Situation in Israel

[DarkToast]

Lately, I've been realizing more and more how the concept of the Internet is going to hell.

For example, here in Israel, the most-used link we have is an optical connection to the US. Nobody cares of connection anywhere else, and even ISPs which have connections to Europe (e.g. Barak ITC which represents Global One in Israel) doesn't offer the European link to the common users. About connections to our neighboring countries, there's very little to talk about, since they're both mostly technically undeveloped and aren't in very friendly diplomatic relationships with us, to say it mildly. So it ends up that we route via the US to reach Turkey or the far east.

In case of a war, which is sadly something more likely in our region, there would be just one point of failure.

Of course, one of the leading ISPs, NetVision, seems to have relatively broadband satellite links which might be the solution.

...and probably never will be.

[B.D.Mills]

In today's Internet, large bandwidth providers connect to backbones and purchase bandwidth. They then sell this bandwidth to smaller customers such as ISP's, who in turn sell to customers. Typically, ISP's and the like only have one bandwidth provider. How many ISP's do YOU use?

A lot of these business transactions mean that the organisation of the Internet, far from being organised like a spiderweb, is organised more like a tree in many places. So if one node fails, everything downstream loses connectivity.

--

Your funny

[trippd6]

The Internet was never truly redundant. If you ever thought it was, you where mistaken..

First off, we're lucky it works at all. The fact that I can get to slashdot every day is supprising.

On the polical front: There is no regulation, there are no rules. Peering is a joke. You can only peer if your one of the top 10 providers. Everyone else is buying from everyone else.

No one has the power to say your packets will always get from point A to point B. If one ISP is mad at the other, it can remove the route through thier network.

On the technical front: Most of the time, your packets will take the same path every time. If that link goes down, normaly, it will reroute (eventualy). But not in real time. And the path it just reroute to, may be sub optimal (IE Your packets take a 30 second round trip over a already overloaded link.)

Another problem is everyone is sharing fiber runs. This saves dollars, but one backhoe can (And has) put a huge black hole on the internet.

Anyway, thats my babble. I haven't looked into this stuff in a while, so my statements may be outdated.

-Tripp

PS I didn't proof read this, so don't insult my bad english.

Re:Wow..

[Caged]

Yes, I remember when the main fiber op got cut to Australia - Most of the USA was unreachable unless you were signed up with an ISP that had its' own private link to the USA and even then it was dog-slow. So unless you were with either the incumbent telco (Telstra) or with another BIG ISP (OzEmail) you were pretty much screwed.

Re:Penalize USA and a free pass to CHINA???

[AsmodeusB]

Yes, bring in the children and other issues that are IN NO WAY RELATED TO THE DEBATE.

Re:BGP

[AsmodeusB]

Urgent updates would just let more flapping links through (which is why the holdown timers are there)

I'd like some redundancy, that's for sure...

[Hadean]

Considering what's happened (twice) to one of Canada's most wired cities, Ottawa, I'd definitely like some redundancy. First, it was an animal that supposedly bit into the only cable connecting all of us 300,000 Rogers@Home users (including businesses), then some thieves cut the wire again stopping all access to the 'Net, and only two weeks after that, the line was cut again (I don't have a link and I can't remember from what)... so, basically, three times a single wire was cut, taking access away from over 300,000 people... another single OC cable would have solved all the problems... ugh.

(or maybe Rogers@Home is just bad... hmmm)

Routing

[Salamander]

I have to agree with all the people who say that much of the problem has to do with the routing protocols in common use on the Internet. IMO part of that problem is that everyone has gone to link-state protocols; protocols in this family have certain desirable properties wrt loop-freedom and optimality, but slow convergence is a known problem with this approach. Personally, I've always been a distance-vector guy.

All of this came back to me recently as I was reading Ad Hoc Networking by Charles Perkins. It's about protocols intended for use in environments where mobile nodes come and go relatively frequently, where the links go up and down as nodes move relative to one another, and where there's no central authority to keep things organized. A lot of this work has been done in a military context - think of a few hundred tanks connected via radio, rolling across a large and bumpy battlefield. It turns out that distance-vector protocols are making a comeback in this environment because of their faster convergence and lower overhead compared to link-state protocols, and researchers have pretty much nailed the loop-formation and other issues. It also turns out that a lot of the techniques that have been developed for this very demanding environment could be useful in the normal statically-wired Internet, not just in terms of robustness but also in terms of giving power over connectivity back to the people instead of centralizing it in huge corporations.

I strongly recommend that people read this book, to see what's happening on the real cutting edge of routing technology. In particular, anyone working or thinking of working on peer-to-peer systems absolutely must read this book, because it describes the state of the art in solving some connectivity/scalability problems that many P2P folks are just stumbling on for the first time. I've seen many of the "solutions" that are being proposed to these problems in the P2P space; I can only say that P2P will not succeed if such stunning and widespread wilful ignorance of a closely related field persists.

Re:BGP (adn IPv6)

[H-Monk]

There are a few hopeful signs on the horizon though. IPv6 should make routing a lot easier and give us a lot more operational "breathing room" which we can use for redundancy and robustness.

After pouring over things like this and this, and keeping in mind the recommendations in other RFC's and discussions, I can't find anything that supports this. We certainly get breathing room as far as more address space, but how does this lead anything but requirements for more routing complexity to keep tabs on it all?

--

It's "an agendum"

[Kwantus]

"agenda" is a plural

Rogers@Home

[GenetixSW]

Last month the whole of the province of Ontario (in Canada, for whoever doesn't know =) lost out on Rogers@Home cable twice, but not due to Internet attacks. It was more along the line of pure stupidity, really.

The first outage was the result of thieves trying to steal copper cabling. They accidentally cut the ONE fibre-optic cable that services our province (located between Toronto and Buffalo). Brilliant, no? Rogers does have redundancy servers and connections in place, but chose at the time not to use them because they were so outdated, the service would slow to a crawl and crash anyway. So much fun!

The second instance of a problem was a server crash in California that brought us down again. Why Ontario servers are located in California is anyone's guess. Very dumb, IMO, but who am I to tell Rogers what to do? (To be fair, they are currently relocating the servers, but far too late).

At least the service is decent for the most part, and Rogers has the cable monopoly here, so I can't do much about it but live it out ;-)

(I did, however, have a *lot* of fun when they sent out a customer satisfaction survey a couple weeks ago!)

Re:Rogers@Home

[checkyoulater]

I remember sending an email to complain about this. ROgers replied with a funny email about posting the problem report on their website.

They seemed quite proud of the fact that the (unreachable) website told me that the website was, in fact, unreachable.

If I had gotten through to tech support, they would probably have told me to reset my modem.

Next time there is a major meltdown somewhere, let me know, becuase I think I have a magic modem...

Re:Rogers@Home

[h0tb0x]

The whole province did not go out because of the fiber cut. I work another @Home MSO in Ontario and we had internet access thanks to the fact that we do not use @Home's ultra crappy network for DHCP anymore. In fact the only problem we had due to that cut was a loss of email and Excite Homepage services (hardly any of our sub's use newsgroups so nobody noticed those). They did also reroute the traffic but anything going to @Home did not route (too bad for Rogers). @Home in itself does not know how to run a network hence the tremendous drop in its stock price over the past year. They have a hard enough time keeping their mail servers running. The only reason Rogers didn't make this move sooner is because AT&T canada owns most of them and they also happen to own @Home. When I first started with the company I'm at they told me the DHCP is in California. I literally laughed out loud in the training room. Even being new out of college I realized that having your true headend 3000 miles away is a huge mistake. Clearly the idea of setting up a network like this was a pipedream thought up by know-nothing marketing people who don't understand the technology. Rogers has only smartened up after they lost a ton of customers to sympatico. The huge outages a year ago were a rather large sign that this was not going to work and the company I work for (even though sometimes they are pretty dumb too) got the hint and dropped @Home as a DHCP server. Personally I think @Home should rot in hell and all the MSO's that are partenered should break off and do their own thing. The @Home name nowadays on the internet is (to be polite) not a good one.

Re:BGP

[DaveBarr]

wait, you're no expert on BGP but you've already determined that much of the blame lies with BGP?

At the last month's IETF in Minneapolis there was a slide during the plenary (which hasn't seem to have made it to the web site yet) that showed the average speed of route convergance. It was on the order of 90% propagation of route changes within 1-2 minutes. That's pretty fuckin fast.

One has to condisider what is the theoretical minimum one expects to see given the depth of the internet and how fast the links and CPUs on the routers are. There's improvements surely that can be made (some not without major protocol changes), but we're pretty darn close I think.

The major improvements that BGP needs to make are not in propagation speed, IMHO, but on general issues of scalability (size of the table as it relates to the memory and CPU avalable in a router).

(OT -- moderation comment)

[e-gold]

What I love about this is that some brilliant moderator has managed to mark it "redundant." Folks, keep in mind, this is comment number 6! I don't know if it's an attempt at humor (I can almost see the thought-process now, "I'll mark the first comments in the redundancy story redundant! That'll show 'em!") or mere /. mod-point induced cluelessness (my money's on that one, of course) but since moderations of "redundant" can't be metamoderated, I felt the need to make this totally-off-topic comment. Seriously, folks, when you have mod points, try to browse at a deliberately-lower level and take some time actually reading/thinking, eh?

(Go ahead, mod me down for spouting off like this, see if I give a rat's ass.)
JMR

Re:(OT -- moderation comment)

[PurpleFloyd]

It's quite simple, really: those crack smokers view newest first, then find the first comments and moderate them down, while moderating up the truly redundant ones (because they came first in their page setup). All the more reason to lock anyone with moderation points into -1 threshold/oldest first/nested. CmdrTaco, you listening?

Re:(OT -- moderation comment)

[srichman]

What I love about this is that some brilliant moderator has managed to mark it "redundant." Folks, keep in mind, this is comment number 6!

Well, it's also comment #7, so redundant seems reasonable...

MAE West

[overshoot]

One good backhoe accident, and you suddenly have a bunch of intranets. In theory all of the Tier-One operators peer at multiple points, but in practice they route their own traffic through the same facilities. Likewise, in theory the Tier-Two operators are multiconnected through multiple Tier-One providers but in practice thanks to volume contract terms they are single-homed.
Below Tier Two, it really doesn't matter.

Re:Dont forget regulators and petty bureaucrats

[anticypher]

Can you say NSA?

Not without spraying my monitor :-)

Its doubtful the NSA needed to ship all traffic to the US. They certainly have unfettered access inside telephone company switching points in every NATO country, and many other US-allied countries. When you work in those buildings, there are always some bits of unidentified kit doing something "important", the bosses let you know not to touch them or else your career will be very short.

crooked politicians

In the commission, that's redundant. Political lobbying by entrenched businesses is becoming positively American in depth and scope.

In Europe, never chalk up to conspiracy that which can best be explained by misguided nationalism and greed.

the AC

Dont forget regulators and petty bureaucrats

[anticypher]

In the U.S., the only problems are of money and a few anti-trust regulations. Interconnects can usually happen wherever someone wants to lay down some cable or fibre, and going from one state to another is no problem. Any start-up with ambition can buy an old telco building and create a NAP, and the customers tend to roll in and don't care about competitors also using the bandwidth.

But in the rest of the world, there quite often are regulations preventing a company from just running a fibre from one place to another. It is starting to improve, but for the longest time, almost 99% of all intra-european traffic passed through the US. Traceroutes from one ISP to another in the same country often went via the US.

This meant that everyone was relying on a few trans-atlantic carriers, and the reliability was pathetic. To get from here in Belgium, all communications to neighboring countries passed by the US. the people in charge of the routers, at the bean-counter, lawyer, politician level, would forbid the engineers to create inter-country routes, in case there was a law somewhere being broken. It doubled the traffic on the trans-atlantic lines, and engineers couldn't do much about it.

Recently a number of peering points and interconnects have sprouted up all over Europe. Economics eventually overrules short-sighted politicians. It feels so good, as an engineer, to be able to route traffic as directly as possible. But there are still problems with NAPs run by telcos, as they have learned two decades of dirty tricks by US telcos, and they have polished up those tricks to hurt competitors. Shit happens.

The greed factor has also raised its head, as some of the more criminally backed peering points *cough*telehouse*cough* have tried to purchase European wide laws giving them 100% of the market. The argument is that all the incumbent telcos all are too greedy and incompetent and biased to run peering points, and all the peering points should be run by a single, greedy, politically aligned non-incumbent non-telco operator. Whoops, maybethose last points were raised by all the other NAP operators.

I feel the internet is coming to the breaking point, where its being pushed to do what it was never originally designed to do. The original design was for reliable communication, not censorship, business operations, or avoiding national laws. The telephone companies of the world worked out many of these issues in back rooms, with no real public insight into the down side to each policy. The result was a communication system which never worked very efficiently, and cost a huge amount more than it should have. Those costs and inefficiencies slowed the growth of telecoms the world over, until the US justice department broke up ma bell, and, unforseen to them, sparked a revolution for cheap telecoms which is now churning around the world. I remember when a short overseas call cost one weeks wages, now I don't even think about chatting for an hour to the US.

The internet has started to make people aware that unlimited communication has its downsides as well, since not all humans are perfect, good creatures. Because of this realisation, we are seeing a large backlash from the unwired masses who never had a need to communicate, and want others to stop communicating freely. The internet was designed to communicate, and there are no easy (or even complicated) engineering fixes to social problems placing limits on communication.

the AC

Cascade failure

[RallyDriver]

One of the problems is, no matter how much redundancy there is, if a significant amount of traffic falls on a backup route, then it can overload. This results in turn in traffic being failed over to a third route, etc. and you have a cascade failure.

Most ISP's backbones are sufficiently saturated that this is hard to avoid. Add in misconfigured routers causing looping, and one link can take you out.

As for the "last mile" issue, any half serious internet service will have full redundancy on this, down to the cable and switch level.

Re:Exactly

[jovlinger]

providers are in business. Nobody in a business wants to be redundant. Hence, the internet model is incompatible with business interests.

Redundancy seems difficult to get

[ikekrull]

One of the things we want to do here where i work is to connect our network to multiple ISPs, so that if one of our ISPs goes down, our customers can still reach our servers.

It seems like there is just not much solid information out there about exactly how to configure such a setup. We have wireless links, ADSL, and a 10Mbps fibre-optic connection, each to a different ISP here, but actually using them in either a simultaneous or failover fashion seems difficult.

Presumably, this would require us to publish routes (BGP?) to our IP address-space to multiple ISPs, but obtaining our 'own' block of IP addresses, that we are truly responsible for - i.e. not allocated by some specific ISP seems horribly expensive, at least here in New Zealand.

Does anyone have any links to good documentation on setting up multipath routing - prefereably on a Linux/BSD-based router?

Re:Redundancy seems difficult to get

[freebase]

you actually don't need your own block of IP addresses, as long as you've got a good set of providers. You'll need to work with them to get the EBGP peering setup, and your filtering straight... you surely don't want ISP A using your paid for bandwidth to pass traffic to ISP B, right?

If your providers can't help you setup your BGP peering, then you probably need to find a different set of providers.

What you will need to do it correctly, though is your own Autonomous System Number... commonly known as an ASN. this is the number that actually identifies who your organization is to the world, and that BGP uses to define "paths".

Re:Redundancy seems difficult to get

[wierdo]

Simple, use NAT for the humans and set up all your servers with IPs from all of your access providers, and use DNS to direct the traffic where-ever you want to go. Keep the TTL on the zone low, and you won't be out for more than a couple of minutes.

-Nathan

Care about freedom?

No longer decentralised

[MikeBabcock]

The Internet, to a large extent, is no longer decentralised. Internet hosts route to their providers then to backbone providers, across those providers' backbone routers to the far ISP and/or destination host. This is done on what looks like a redundant map at the core level, but on the edges, near the clients, where the problems usually happen, there is no redundancy. Does your local cable provider have more than one connection to the backbone? Probably not. Do they add multiple redundant links to the same provider using multiple routers or just one or a few big router(s)? You guess.

Can you even set up your own redundant links anymore? Not really -- you need a /19 or thereabouts in address space to successfully advertise BGP routes to the Internet at large. We've screwed up the redundancy of the Internet because of a lack of shared connections and fast routing protocols (when allowing every individual user multiple egress and ingress points).

Re:Exactly

[Shanep]

There could be full redundancy, but where do you draw the line?

Many ISP's have multiple routers to connect to multiple back bones. Two or more connections to a land backbone and one satelite connection should be pretty redundant! The server you are trying to connect to could actually be more than one physical machine, each possibly with more than one network card, maybe plugged into seperate hubs or switches for redundancy. Perhaps even those switches and hubs have redundant power supplies (along with the servers and routers) and even load sharing/redundant back planes. There could be redundancy even with the routers, with one working and another checking the health of the "live" router periodically, and then assuming it's identity if it dies. And all this, powered by redundant UPS.

The redundancy is there and when it works, you don't know about it. Only when a hosting co, or other site is badly designed that some server cannot be reached and then someone asks, "Whatever Happened to Internet Redundancy?".

Re:Kyoto treaty - 11th hour

[dbrutus]

A team of meteorologists in the UK made the discovery. An article about it is here

Re:Penalize USA and a free pass to CHINA???

[dbrutus]

Actually, I do give away some of my money. What I don't like is being forced to do so and I don't particularly want the violence of the state to be harnessed to force others to give their money away.

Nobody really argues against people giving their own money away. The question is whether we ought to be forced to do so at the point of a gun. What a shabby method of charity, forcing it by government action.

As for Kyoto, it's a sham and a shame.

Re:Exactly

[dbrutus]

Several times over the last few months, I've been bitten by bad router configs that lead to loops inside my provider's network (Telocity). I'm looking for a new provider. I'm glad you have a better provider

Redundancy measurement would be a great dotcom business idea... wait, we're past that, aren't we?

DB

special case

[joenobody]

So for this story, would I get a +1 for Redundant?

Re:Redundancy: Inbound vs. Outbound

[billstewart]

"Redundancy" has two substantially different problems: How do you initiate connections to outside internet sites, and how do they initiate connections to you. It's pretty easy to handle the outbound problem - most users have some kind of proxy firewall that handles their web and email traffic, and depending on what routing protocols your ISPs use, it's easy enough to find one route that works, especially if the main failure mode you're worried about is the access between you and your ISP's router. You don't need BGP for that, though it can be fun, you just need to know what locations you can reach by what paths, and nobody's bothered by the fact that sometimes your address space is from ISP1 and sometimes from ISP2.

The harder part is giving other people multiple paths to reach you. One way is to get yourself a routable address block (your local policies will indicate whether this is /19 or longer), and use BGP to advertise yourself to multiple ISPs, who forward those advertisements to the world. You need to be tolerably large to do this. Another way is to use a fancy DNS version that advertises different routes to you (www.you.co.nz gets advertised as a.a.a.x or b.b.b.x, using some load-balancing that also detects failure.) This isn't perfect, because DNS caches will prevent some outsiders from getting your current address quickly, but it's a good start. Another is to have a server in a hosting center that has multiple highly-reliable internet connections, so not only can you provide your web servers there where the response time and price of bandwidth are better than hosting them in your home office space, without risking backhoe fade, but you can use that to forward email and other services to your real IP addresses, whichever ones are working best this minute.

I can't speak for New Zealand - between physical isolation and occasional entertaining telecom and business regulation laws, there's lots of specialty detail involved. In particular, there may be fewer providers who can get you real paths off the islands, and you have to care a lot more about their service quality, but you still have a lot of flexibility for accessing local sites.

Only if every host is a router

[mikej]

The notion that the internet is fully redundant only applies (as it did in its very early stages) if every host is also capable of routing traffic, and every network has more than one connection. Neither of these (windows PCs and single leased lines are extremely common) true anymore.

This is my understanding, at least.

5% porn? You've got to be kidding.

[willis]

I'd say that number has to be at least 20%, with 20% non-porn media in addition.

interesting timing

[holzp]

considering /. has the uptime of a 80 year old's penis today.

Never has been any...

[Greyfox]

At least not as long as I've been on the net. Lets see... I started adminning a UUCP feed back around '89/'90... 'Course back then it was all store and forward. If something didn't work right now you just tried again later...

TCP/IP networks have never been particularly able to stand having a link drop, though. Even if you KNOW there are more ways to get to where you want to go, you'll never see the packets go to where you want them to go. I'd love to see more dynamic routing on the net. It'd be nice to be able to keep my traffic off Sprintnet and other backbone providers who got their routers in cereal boxes, for instance...

Re:ramifically speaking

[emmons]

Al Gore said in a CNN interview in March of 1999, "During my service in the United States Congress, I took the initiative in creating the Internet."

You can read more about it here: http://www.wired.com/news/politics/0,1283,18390,00 .html

Read a newspaper.

----

You should be careful, though...

[Murmer]

...about where that critical point is. Eventually, sure - most of us only have a single connection. The problems is that sometimes our ISPs only have a single connection, and sometimes those ISPs have hundreds of thousands of clients.

Last month, Rogers@Home, the internet-via-cable provider in Ontario, lost connectivity for a day and a half. Not just locally, but every single client in the province, because of a cut cable in Boston. A cable that's cut in a different country, for crying out loud.

The problem isn't about individual connections. It's about states, provinces and possibly entire countries dropping off the net for days or weeks while the sabotaged hardware is repaired or replaced.

We get really upset when countries insist on being able to do this deliberately - how much more upset should we get if countries aren't preventing from happening inadvertently?

--

Re:You should be careful, though...

[myov]

The cable break was actually around St. Catherines, Ontario. Thieves were looking for copper cable (to sell), and dug up the @home fibre, thinking it was copper. In fact, the fibre doesn't go to Boston - if you do a traceroute, you'll find that the connection goes through Buffalo, then works its way to NYC. @Home wasn't the only company to lose access, as other companies also used a portion of the fibre.

It wasn't a complete loss though. Rogers@Home has a connection to Torix, in addition to the @home backbone. Since my shell ISP (Vex.net) also connects though Torix, I was able to ssh to them, and still get to the web (using Lynx... memories of Toronto FreeNet), and transfer files to my school account.

Re:BGP

[acfoo]

99.9999% uptime is 2.6 seconds in a 30 day month and up to 2.7 seconds in a 31 day month. For 99.999% uptime, you can be down as much as 25.9 seconds.

So, if you even reboot a router, you're probably out of the running for either level. Any external factor kills youre chances of reaching either level by the time you dial the phone to report the problem.

I don't think marketroids even think about this when they say crap like "five nines!" though.

Re: What happened to redundancy?

[nrosier]

There are a couple of items you need to consider:
1. If traffic is re-routed, that new route will get it's normal traffic AND the re-routed traffic which could cause the line to be very slow.
2. The backup-route could be a slower line which will have to handle the same traffic as the normal line.
There are probably some more limitations to the re-routing but I'm no expert.

Re:low key packets

[haystor]

The thing about a DOS attack is that if redundancy isn't working and no rerouting occurs, you're screwed.

Of course if redundancy works properly the DOS attack gets rerouted, you are still getting attacked...

BGP

[cperciva]

I think much of the blame lies with the routing protocols currently in use on the internet. Due to concern over maximizing performance -- and minimizing overhead -- most routing systems are set to react quite slowly to changing conditions. This helps eliminate route flapping, but has the unfortunate consequence of taking several minutes to route around a downed router or link.

We can hope that someday we'll have better protocols to deal with this -- don't ask me, I'm no expert on this stuff -- but until the gurus come up with one I guess we just have to suffer.

Re:BGP

[cperciva]

At the last month's IETF in Minneapolis there was a slide during the plenary (which hasn't seem to have made it to the web site yet) that showed the average speed of route convergance. It was on the order of 90% propagation of route changes within 1-2 minutes. That's pretty fuckin fast.

Two points to respond to here. First, 90% of route changes propagation occurs within 1-2 minutes; that doesn't necessarily help much if the remaining 10% take two hours. Yes, I know they don't, but in any case an average statistic would be more useful than a 90th percentile statistic.

Second, 1-2 minutes is fast when it comes to switching between working routes. Internet routing works pretty well when it comes to the problem of determining *which route is faster*. However, when it comes to routing around faults, 1-2 minutes is a pretty long time: With ISPs advertising "99.9999% uptime" (ie, down for at most a few seconds each month) downtime of 1-2 minutes is a Bad Thing.

What I'd like to see is some mechanism by which updates could be marked as "urgent" if they relate to fault-recovery -- that way, the few updates which are necessary in order for packets to be routed away from downed links could be propagated within a few seconds, while routine "link x is faster/slower than link y" updates could be handled more slowly.

Re:BGP

[NuclearArchaeologist]

Dude, where have you been? The answer is a black rocket or Microsoft Enterprise ASP software.

Re:BGP

[t3mpest]

I work for a company that is doing Voice over IP on our backbone. It has been determined that the maximum acceptable downtime in a VoIP connection is 2 seconds, so if a link goes down, the router has 2 seconds to figure it out and determine another route.

Re:BGP

[ZanshinWedge]

Yup. If I had to sum up the flakiness of the internet in one word it would be "routing". When every link works as it is supposed to internet routing is already strained nearly to the breaking point. Screw up a link here or there, or update a routing table or software and drop a router or two, and poof, major internet cluster fuck. Theoretically your packets are supposed to be routed differently if they can't reach a destination. But in practice that rarely occurs. Most of the time you get the same route sending your packets into the same big brown smelly hole like lemmings. Enjoy! The other major contributor to internet flakiness is the organization of the major links and interlinks. There are few uber-high bandwidth pipes and they are rarely organized to provide superior routing and redundancy.

There are a few hopeful signs on the horizon though. IPv6 should make routing a lot easier and give us a lot more operational "breathing room" which we can use for redundancy and robustness. There will also be a lot more high speed fiber optic links from hither and thither, which should help out quite a bit (especially to fix the "backhoe" vulnerability).

Re:The redundancy never was there

[ralmeida]

If anything had happened to it, the east and west coasts would have been unable to communicate, even though there were several logical paths between mae-east and mae-west.

Of course you can't talk to Mae West, she's been dead for more than 20 years!

--

Redundancy is the BANE of Dictatorships!

[Travoltus]

If you're wondering why redundancy is so lacking nowadays, it might be because, well, imagine this.

The Island of Tonga decides to place any and all circumvention software banned under the US DMCA, on its government's archives. Then they put it on the web. Now, you have "illegal" software hosted on the site of a government no one else can legally touch.

Of course, the US Navy could just pound them from offshore, but what US President would want to face the public outrage over little ol' Tonga??

No, there's a BETTER way to handle this. Pay off an internet backbone to shut off their West Coast link to Tonga. Boom. Problem solved.

Or is it?
Redundancy means you can get to Tonga ANOTHER way, maybe by routing through Canada, or via Mae-East to Europe and through Europe to Asia and Asia to Tonga. Now you have the problem of telling everyone out there to cut off Tonga.

Redundancy is, again, the enemy of dictatorships. They have the greatest motivation of all, in keeping internet redundancy as weak as possible.

On a side note don't be surprised if the backbones leading out of the US, decide to install caching proxies (what's the official term for these, anyways?) that do like Junkbusters and edit out content from "banned" sites at the backbone level.
The other thing they can do to defeat redundancy at its foundation, is wipe it off the internet registry or DNS so that you get no such domain: "freedom.to" errors, or something.

Of course then you can just route to an ANONYMOUS PROXY in Europe or Asia and it'll bypass both problems :-)


========================
63,000 bugs in the code, 63,000 bugs,
ya get 1 whacked with a service pack,

End of pipe

[aitala]

Heck, I'm at the end of the state pipe here in Oxford, MS - there's only one way out of the state, south to Jackson, then east and west. If Anything crap out between here and there, we're down for the count...

Re:End of pipe

[aitala]

we actually have an OC-3 line, not a T3. we share the PO in Tupelo wuth MS State. But we may be getting Internet 2 sometime soon...

Re:End of pipe

[gnuLNX]

He's right. Actually it has happened. Ms. State Universty can use up darn near all the bandwidth and then we get very little. I have reached speeds of 1000K/s and as slow as 3K/s on our schools's T3 line. Granted the 1000K/s was during the summer months on a download from the school library. But is someone brings down the switch in Jackson it is lights out for Ms State and Ole Miss. Pretty well sux

Re:Timely Question

[sherpajohn]

There were two outages, a week apart. The first, we are told, caused by thieves looking for copper, who sliced a fiber cable (on purpose? who knows), the second when they buggered up a week later perma-fixing the first cut. Or so my addled brain recalls the annoying loss of connectivity.

Going on means going far
Going far means returning

Use it or lose it.

[tagish]

The fact that the Internet and associated protocols where designed with redundancy in mind hasn't / won't guarantee that any particular manifestation of the Internet at any particular point in time will actually be redundant. As other posters have commented there is still redundancy, but it's now commercial strength redundancy rather than military strength and falling all the time.

Re:MOD this up!

[nlvp]

There are some extremely weird goings-on in the moderation of this thread. At worst, the post I am replying to was offtopic, in fact it was also informative because it pointed out the extreme stupidity of whoever moderated down the comment it is in reply to.

Guys - read an article, engage brain, hesitate, consider whether you are about to commit a fuck-up, and then, when you're sure you've covered all the bases, moderate.

I pray that when I get my next 5 points fate and self-respect protect me from making stupid moderation mistakes that piss readers off.

Re:Demand will drive Internet reliability

[tech_imp]

Yeah ...

So far all the easy things have been done on the net for reliablity. Throw more hardware at it add more lines -- kind of reminds me of old style management where the powers that be would throw more people at the problem vs working smarter.

Tools like what Asta Networks are building will allow you to work smarter NOT harder.

I don't know about the rest of you but I would rather spend my time playing with new technology vs babysitting and digging throug logs 'cause some script kiddie had decided to just dork around with the segement of the net that I happen to be trying to run a business off of!
- Imp.

The redundancy never was there

[vrmlguy]

I recall seeing a map of the US backbone about ten years ago. Even though there were several MAEs, it was obvious that all the traffic was carried on one transcontinental leased line. If anything had happened to it, the east and west coasts would have been unable to communicate, even though there were several logical paths between mae-east and mae-west.

One should pause before making well-armed paranoids feel foolish, no matter how foolish they seem.

Yes, the internet was built to be redundant.

[SuiteSisterMary]

It was also build to move small chunks of text. As soon as we started wanting it to stream video, audio, and 1337 quake games, we needed high speed backbones. And that introduces SPOFs.

Re:...

[eod]

Well, i guess it's not full (eventhough you can read that the IP numberspace is full too often). But maybe "overpopulated" is the problem? If there are just enough routers to make internet work for the moment (humans are greedy after all, and routers cost cash), there will of course be problems when one goes down.

Re:low key packets

[mauddib~]

Sorry to interupt you there, but I can't really draw the line between: "Resolving hostnames", BIND security problems and network integrity. I hope you realise that a nameserver and the root nameservers don't have anything to do with the lower levels (like IP and ARP). Well, of course they do for a bit, without them, a nameserver will usually not run, but they are on a higher level (TCP to be precise).
Attacking a nameserver only moves the problem away. Other nameservers have caching abilities and there are around 20 main nameservers on the internet to serve us with the toplevel domains.
You might want to read some RFC's on http://www.faqs.org.

Re:low key packets

[mauddib~]

*slams himself on his forehead*
Yes, you're absolutely correct, I should read some more RFC's also *grin*

simple solution

[timbu2]

If everyone starts wiring up to their neighbors via real cable or 802.11 (wi-fi is the new marketing term). Then there would be lots of routes.

I am thinking of doing this in my neighborhood. It doesn't take a lot more than what organizing a block party does. The trick would be then to establish links between neighborhoods.

Re:simple solution

[raju1kabir]

If everyone starts wiring up to their neighbors via real cable or 802.11 (wi-fi is the new marketing term). Then there would be lots of routes.

Yes, and too much routing complexity (assuming you mean to somehow publish these routes so they're actually good for something) to work.

Re:redundancy::reality

[MarkofT]

Ummm...no.

In a true Internet backbone there are no static routes. It is all BGP4. Static routes are used only for customer connections (Leaf nodes). Dynamic routes really are not all that dynamic. They only change when a human adjusts the metrics the routers use to determine the path and or when a circuit goes down. With the current size of the routing table approaching 100,000 routes it take 5 minutes for route convergance when a whole router loses it's mind. A single route is rerouted within a couple seconds.

What the original poster saw was a major anomoly. Someone upstream typo'd a route entry and blackholed the traffic or somewhere upstream a Cisco CEF table got whacked and wouldn't rebuild.

Re:PRL Article Re: Internet Vulnerablity

[nickdog]

I left out the first author - Reuven Cohen. My apologies.

PRL Article Re: Internet Vulnerablity

[nickdog]

A recent contribution on this very topic appeared in Physical Review Letters on April 16 2001.

Breakdown of the Internet under Intentional Attack

Keren Erez,1 Daniel ben-Avraham,2 and Shlomo Havlin1

Volume 86, Issue 16 pp. 3682-3685

Worth checking out. Pretty readable.

Re:Migrating Industry & Pollution

[SlackMeister]

No sane person will ever agree as long as one of the tenets of people promoting these silly treaties is that it should be harsh on the US. We'll fight you first, we'll win and you'll be poorer and have a smaller megaphone. Get rid of the anti-American BS first, then talk to us about cutting pollution.

Re:Who Killed the Internet Redundancy? CIX did!

[leibold]

While I do agree with many of the things that have already been said, I think a major factor that undermined Internet Redundancy is being overlooked. At first CIX (the Commercial Internet Exchange) seemed like a great benefit to the Internet as a whole. It provided a peering location for commercial Internet traffic and allowed to bypass the AUP (Acceptable Use Policy) that applied to the NSF sponsored portion of the Internet (restrictions that required network traffic to be primarily of educational or research nature). However as a direct result of the commercialization routing was changed from pure technical aspects (shortest path, etc.) to policy based routing. This means that only traffic from a paying ISP and one with a mutual peering agreement can pass. It is policy based routing that kills the self-healing properties of the Internet and it was CIX that introduced it into the Internet.

Re:Kyoto treaty - 11th hour

[Ziest]

You mean the third world welfare treaty? Yes, let's punish developed countries and use their money to subsidize third world socialists

Yes! Damn Right! We're Capitalists. Global warming is a myth invented by jewish scientists so they can get more funding for further "study". Rising sea levels is just socialist propaganda. This whole thing was madeup by those damn tree-huggers who want to destroy American busniess. They want us all living in caves, eating roots and berrys.

Oh, and by the way, I hope you don't plan on moving to LA or Miami any time in the future. It's hard to sell a house when it's under water.

P.S. Try looking past the end of your nose for a change.

weakest (nearest) link

[TheGratefulNet]

redundancy is great for a routed network.

but if your entry to that network is down, you're SOL; regardless of how redundant the network itself is.

I've frequently found that my local pacbell router is down (or the dslam at the CO for my dsl line) and that effectively cuts me off the net totally.

also, not every network has peering agreements with all other networks. this is business not pure technology. even if a packet theoretically -could- traverse a router, in many cases it won't due to BGP policy and such.

--

Three little words: "Hot Potato Routing"

[sandgroper]

AFAIK, that means "get those damn packets off of *our* network and onto the network that's getting revenue from them ASAP".

Corrolary: All networks/backbones must have sufficiently redundant internal routes, or traffic touching any one of them may suffer the "constipated router syndrome".

Undoubtedly, the above is vastly oversimplified. However, I think it's correct to zeroth order.

Boardwatch (back issues) is a good place to read about further ramifications...

Some things are very redundant, some less so.

[Fzz]

Large ISPs like UUnet, AT&T, Sprint, etc have networks that contain significant alternate paths, and run internal routing protocols like OSPF that allow pretty good failover in the event of router or link failures. You still get problems when all the links are in the same fiber trunk and someone puts a backhoe through it, but it's really pretty hard to partition large ISPs backbones. That's the good part.

Between ISPs, everyone runs BGP4, and most ISPs impose policies that restrict the transit traffic they're willing to carry. Also because inter-domain traffic spans multiple companies, it's much harder to plan what happens in the event of a failure. So there's less redundancy than you might think from just looking at Internet maps.

Also BGP itself has some convergence problems, so whilst it should only take a minute or two to find a backup path, it can take a lot longer than that in practice.

In addition, it's not really hard to misconfigure BGP and screw up someone elses routing by advertising something you shouldn't. This isn't a lack of redundancy but a lack of robustness.

Finally, many internet problems that users might think are routing problems turn out to be issues with DNS, and whilst the network itself is fine, the hostname just can't be resolved to the IP address of the end system.

So, it depends where you look. There's definitely a lot of room for improvement, but most of the internet has a reasonable amount of redundancy. The trouble is that you often only find out that your redundant backup isn't working when the primary solution fails (this is especially true of DNS, less so of routing).

-Fzz

Timely Question

[vergil]

The current edition of the European "Netzkultur" magazine, Telepolis features an article discussing the vulnerability of the the Dutch Internet infrastructure to a single, well-placed attack, according to a recent report issued by the Dutch Ministry of Traffic and Waterways:

One well-placed bomb could wreck the entire Dutch Internet, the report states.The physical protection of (fiber optic) cables at critical network and ISP junctions is almost none, TNO claims. It is very easy to find out where exactly the cables are located and they can easily be approached. 'For now the chances of a deliberate disruption of the cable network by activists or terrorists are low. But as the importance of the Internet is growing, we fear that criminals, activists or terrorist will see the cable infrastructure or other critical infrastructure as targets in the near future.'

Sincerely,
Vergil
Vergil Bushnell

Re:Timely Question

[Enigma2175]

Actually, I think you may be confusing this outage with the outage affecting Setiathome which was caused by copper thieves. From the website:
Around 11:00 GMT (3:00am PST) on Tuesday, February 27, 2001, network fibers were broken, cutting off the entire Space Sciences Laboratory and Lawrence Berkeley Labs from the internet. It turns out this was the work of vandals who cut the fiber in the process of gathering a bunch of expensive copper wire.


Enigma

Re:Timely Question

[mdahlman]

On a related note: it seems that there was a major problem with all Dutch land telephone lines yesterday.

Mobiles could call other mobiles, but land lines were down all over the country. I haven't found an article explaining it yet.

Re:Timely Question

[Telek]

There was rumours that a internet outage a few weeks ago that affected the @home network was the result of vandals, actually. Unfortunately I have no evidence to confirm or deny this at all, but it's an interesting point. Why would someone want to vandalize an internet line? Then again, why would someone want to vandalize at all? Good thing most criminals are dumb, or we'd be in a whole lotta trouble.

Re:Timely Question

[Telek]

Yes, that was the one I was referring to, and sorry I was too lazy to go searching 'cuz I was on my dialup line at home with a P150 that's slow as molasses...(not to mention paying per minute usage fees, darned europe =P)

I don't believe this... $0.75/pound, say they get what, a ton of it? That's a whopping $1600... If you're going to commit crime, do something worthwhile, geeze. It's like robbing a bank for $1000. Whoopie, lasts you a week until you have to do the same thing again. I always figure that if you're gonna sin, you might as well go for one of the really big ones... ;-P

-- Telek

Re:Timely Question

[No_Weak_Heart]

I don't believe this...$0.75/pound

No.1 Copper Wire

you might as well go for one of the really big ones

Try thinking like a common thief for a minute. The *little ones* pay the bills and are not nearly as risky.

It's a lifestyle - not a movie.

Re:Timely Question

[No_Weak_Heart]

rumours that a internet outage a few weeks ago that affected the @home network was the result of vandals

This was not the work of vandals, it was the work of thieves.

Unfortunately I have no evidence

A report at the time of the incident can be found here.

However the information in the article is not entirely accurate.

So far as I know the cops haven't caught the thieves yet, but their ilk has been seen before and their MO is no mystery.

This is what shakes:

• utilities lay wire/fibre/cable in the rail beds - usually a couple of feet under and in conduits along the railway lines
• for servicing purposes, every few clicks they let the conduit/wire come closer to the surface - sometimes it is laying exposed
• along come the thieves
• they find 2 exposed spots
• cut the wire at both ends
• tie one end to the back of their 4x4
• haul off a large chunk of pipe.

• Good thing most criminals are dumb

  Unfortunately for the thieves in the story above, this proved too true. When they made the first cut they found they were dealing with fibre, which, in the eyes of thieves is useless and they left the scene.

  Why would someone want to vandalize an internet line?

  (It would be redundant to say here that these are not vandals but are in fact thieves). What the theives were after is good old copper wire. Copper wire theft is a problem world wide. In this case the thieves were after 1/4 inch copper cable which they can sell for about a 75 cents a pound at the junkyard. In other parts of the world thievs go after the thin, colourful wires used in telephony, because they are valued as material for weaving.

  - Vandals are annoying; thieves change the way we live

The world on its knees

[tpv]

almost seems like a script-kiddie with some real ambition could bring the world to it's knees

Good thing you said "almost"
Come on, do you guys really believe that taking down a large section of the internet could "bring the world to it's knees" ??

As much as it might disappoint many of the geeks here, the internet does not run the world.
The majority of the world does not use the internet.

The world is brought to it's knees by tryannical regimes, corporate greed, and human apathy - not a network outage.

--

Re:The world on its knees

[tpv]

Heh, you picked the wrong person to use that argument on :)

As it happens, I'm a technical architect for a major investment back.
I can tell you that none of our inter-bank transactions travel over the internet.
The only transactions that do travel over the internet are from clients, and we have contingency plans for when our website is down.

I guess other banks/countries could be different.

But I'll be honest, I don't even think that having a downtime on financial networks is "bringing the world to it's knees"
YMMV

--

stupid ISPs

[bigpat]

When you sign up for an ISP you give them money to use their network. Companies don't want to spend your money on other people's networks. SO they set up peering and BGP rules is such a way as to only use other company's networks rare cases.

This isn't what was envisioned when the DARPA was designing a decentralized network that could withstand nuclear war.

How many years is that in dog years?

[ReidMaynard]

Seriously, 10 yrs is a long time on the internet.

10 yrs ago Steve Case still had AOL running out of his apt !!

But by 1994-5 there were 2 or 3 T3 trans-continental (USA) backbones, plus a few T1 backbones.

scrap copper

[ReidMaynard]

In the mid 80's scrap copper was ~$0.85/lb and I was in a position to take advantage.

I worked for (un-named connector company) who developed & mfg electronic & heavy duty electrical connectors (think skyscraper grounding grid .. a checker board of 2 inch stranded copper cable). We had 3 (tractor) trailers full of testing materials. When the company relocated, they deamed it un-economic to move it. [damn shit's heavy]

About 3 times a week, I'd get to work early and stuff my trunk with 800-1200 lbs of clean scrap copper. At lunch I'd go and pick up a quick $6-900. I did this for about a month or so; then my bills were caught up, so I stopped. I never got caught.

I remember the guys at the scrap yard were very envious of my "copper mine".

Exactly

[Gnight]

There is no such thing as full redundancy in today's internet. In fact there never was, and there probably never will be. Eventually you will get down to a single line (in most situations), and if that goes down, you're screwed.

And personally, I can't ever recall beeing disconnected from a nodes because of a router(s) going down inbetween.

I think the internet sports the best network design to date; and that's a good thing, because if it wasn't, I probably wouldn't be posting this message right now. :)

-Gnight

too easy...

[fjordboy]

Whatever happened to internet redundancy?

At one time, there was this really neat concept built into the internet that said there's all this redundancy like a spider web. If one segment or router would go down the internet would re-route traffic around the faulty segment and keep on chuggin'. So, as I sit here today and can't get to a whole bunch of places on the net, I'm wondering what gives? Where's all the redundancy? I'm not referring to mirrors or co-location. It almost seems like a script-kiddie with some real ambition could bring the world to it's knees. What really happens when routers go down, and what goes on when something like a Cable and Wireless pipe or someone else's OC-something backbone goes down?" Redundancies are nice, but not infinite. Planned DoS attacks can take out dozens or hundreds of routers at once, and as the number of downed nodes increases, the process of rerouting becomes increasingly difficult. What are some of the largest problems with the current systems in use today, and are there ways to improve them?

sorry...it had to be done. :)

Re:MOD this up!

[fjordboy]

there is a certain amount of irony that got added when it got modded down to -1 redundant though...i have enough karma...it won't hurt...it will just give those that browse at -1 a good laugh. :) However...i thought it was worth a 3 or 4...but then again..i am biased. :)

Re:Penalize USA and a free pass to CHINA???

[tankrshr77]

However, not one of you have replied to the point that this will benifit communist china, yes the china that promotes infantcide, let's it's workers live in prison camps, and destroy their own environment with projects such as the 3 gourges dam and other industrial activity. My point is made!

Migrating Industry & Pollution

[tankrshr77]

AsmodeusB: "Yes, bring in the children and other issues that are IN NO WAY RELATED TO THE DEBATE."

No they aren't, but technically, they are. The chinese have a "communist" government, where industry, commerce, and trade, etc. benefit the government as a whole, the one responsible for all the human rights violations that are not debated. In the scenario where the U.S. government would use a "carbon tax" to help curb our pollution levels, heavilly polluting industries would move to China, Mexico (also considered a "developing" nation by the Kyoto treaty), and other places where they would not be as heavily regulated as in the USA.

Would this decrease co2 emmisions? No, it might actually increase them. Personally, I do favor a treaty on reducing CO2 emmissions. However, a PER CAPITA level applied to all nations equally would be fairer, would result in less industrial migration, and might even be harsher on the United States.

Who agrees?

Wow..

[loraksus]

That viewpoint is shallow, and if I could moderate stories. . .

Seriously poster/???, do you have any idea about how TCP/IP / internet routing works?

Traffic is re-routed through the most OPTIMIZED path - That means that one packet goes through LA on its way to delaware, the next packet can go through vancouver bc, or even Frisco or one of the other routers. A packet from LA to Seattle could go to frisco, then to australia, bounce back to vancouver bc and then hit seattle.

Even if you hit one of the Mae's (i.e. one of the main routers like Mae West, Mae East) the traffic is still rerouted. Your Q3 ping times might increase a bit for the next little while, but hey.

As for DoS attacks on main routers: Routers transmit data -
How the hell do you take out a router? Fill it to capacity, fine, then the next one starts taking packets. Or the packet decides where to send the next packet because router 1 is not working.

Remember that even when the main fiber optical line to australia was cut, traffic still got through, albeit a little slower.

Lastly, the internet was not designed for downloading gigabytes of data from warez sites - or playing real time, low ping games - it was designed to share information on a text based, pissant k a second level. I have to say it scaled marvelously.

I'd have to say that if there is a problem, it is that there aren't enough seperate physical connections each of which can carry all the "normal" bandwidth at any point in time

Companies tend not to put in a system that is much better than what they need or can afford - that is the main problem.

I have a shotgun, a shovel and 30 acres behind the barn.

Re:Wow..

[onepoint]

>>As for DoS attacks on main routers: Routers transmit data -
>>How the hell do you take out a router?

Have packets die and transmit the infomation back, this way, packet has used up 2 moments of the routers cycle instead of 1

spambait e-mail
my web site artistcorner.tv hip-hop news
please help me make it better

Re:Wow..

[TeraCo]

Really? Telstra and all it's baby ISP's [all using Telstra direct to resell bandwidth] all had access to the rest of the world np [Apart from being a little slow].
Maybe you need to find a better ISP.

Re:low key packets

[loraksus]

lol, the first link in your article is dead. http://www.antioffline.com/ciscotips.html error 503 - /.'ed

I have a shotgun, a shovel and 30 acres behind the barn.

I found the problem

[loraksus]

Fucking aol and earthlink users trying to access their MSN.com, hotmail, and yahoo mail accounts.
The same fuckheads putting up web pages of pictures of their cats and families on geocities and angelfire.

Us warez/mp3/DIvX want to leave a message to all the lUSERS: The internet is full. Please go away.

Seriously, it be cool to see a breakdown of web useage - i.e. 80% "large file transfers" 10% streaming video, 5% porn, 0.005% business use or something...

I have a shotgun, a shovel and 30 acres behind the barn.

Re:I found the problem

[loraksus]

cool, thanks...

I have a shotgun, a shovel and 30 acres behind the barn.

Re:5% porn? You've got to be kidding.

[loraksus]

Dude, dumeter says 50 gigs downloaded, 11 gigs up from 3/23/01. The modem at my feet is often nice and warm, shaped almost perfectly as a footrest.

For me, I think a majority is not porn, email, or business use, if you get my drift. Most of it is video, though there's porn in there too. I'd say 20% is kinda excessive - people don't dl porn all day, but might dl movies all day, I dunno.

I have a shotgun, a shovel and 30 acres behind the barn.

Depends how you look at it

[andyh1978]

There was the paper (abstract here, paper here (PDF)) mentioned in the Slashdot article here about the resilience of the 'net; crash 99% of the nodes at random and it'll still run. Which isn't bad.

Problem is of course when you crash the <1% of nodes that actually do the major routing.

Routing's getting hairier and hairier; it should really get fun once IPv6 kicks off and everyone and their dog have a squillion IP addresses each.

Smaller countries are easier targets

[Snuffub]

I knew a kid a while back that attended a well known college who effectively cut off internet access from most of Bulgaria by setting a computer lab full of sun workstations to continuously ping several prominent ISP's servers for a while. I was 12 at the time so i dont know the details (besides the fact that he was expelled) and i imagine that It would be harder today, but it just shows how smaller countries with less developed infrastructures are extremely easy targets for that kind of thing.

Unrelated?

[Fervent]

I'm not sure, but aren't the redundancy features of the Internet and web sites totally unrelated? Redundancy helps if a node in between the departure and destination nodes goes down. But a web site is often a destination node.

It's not like my email goes through Yahoo.com as a node on its way to being delivered. Yahoo is an endpoint, not a pathway.

Money is the issue...

[DFossmeister]

When the internet was run by DARPA as a military project, redundancy was key. Now when commercial entities maintain expensive peering points with multiple backbones, noone wants to pay for traffic that they are not charging for if they can help it. The BGP4 routes are stacked as much for economical flow of traffic as efficient routing of traffic.

Having 50 NAPs nearby should be a *really* good thing for redundancy, but with big pipes costing so much, noone wants to share.

Donald E. Foss

Need cutting edge web hosting? Find us at www.coloexperts.com!

Internet Redundancy

[dstone]

I have always had a problem with the redundancy in the internet. Shouldn't every node on the whole damn 'net be mod'ded down: (Score:-1, Redundant)?!

Yep, but it's all gone now

[FatBoy+Titties]

I have a feeling that what Blueforce is talking about is the idea that the internet (as first concieved by the US military I think) is a decentralised communication system, not each company having a backup, as a few people have discussed, although that is relevant.

The key idea of the internet is that it is not a node-based system - in convential communication systems, if you take out a key node, then none of the people connected to that node can communicate with anybody and no other nodes that went through that node could connect to the other side of it. For example if you have a 20 storey building with your servers and such on the first floor, and from there a lan connection goes to a hub that serves the second floor and then through that hub to the third floor, and so on (which you probably wouldn't do, but you get the idea), if someone comes along and turns the hub on the tenth floor off, then the tenth floor network won't work at all and floors 11 to 20 won't get access to the servers.

In the internet, there should be no central nodes or key cables. Back to the office system, each floor should have its own servers, and connection to the internet, with a cable to each floor independantly, so that even if that idiot on floor 10 strikes again, none of the other floors will be affected, (the server on floor 10 might even have connections to the other floors independantly of the hub). Even if floor 10 was burnt out, floors 11 to 20 would be able to access the others and the internet.

Unfortunately though, this is not often put into practice any more. I can't really point the finger at anybody specific because I'm not really up-to-date with who's got what wires where, but most ISPs would only have one connection, especially small ones, so that if that line was damaged their customers would be out of service.

F4+80y +1++135

underlying design is resilient

[kludge99]

With the use of HSRP at most major sites, and BGP4 on the backbone, the underlying design of resilience on the internet is still there. One problem that was reported on /. is the size of the routing tables, the larger the routing tables get the longer it takes for convergence to happen in the event of a change on the network. I guess one point I'm trying to make is that the design and underlying concepts are still valid but are being made moot by the explosive growth by brother Bob, and Ma and Pa setting up shop on the net. All your routes are belong to us

Re:redundancy? very unlikely

[DanBari]

kech, you're totally right. having read a lot about the technical schema of how the internet was built and how it's supposed to react to problems, I laught when I see that a company is just using what is already there and only having a connection with one provider. . . if the big wire isn't working all the little wires tethered to it aren't going to work... that's why you make yourself secure and tether to many main lines... and then we get out the baseball bat and start swinging at the tether ball ;-)

This doesn't necessarily need more hardware

[arnald]

The problem with the internet is not necessarily with the infrastructure itself. It is more to do with the localised view of network concerns, eg. routing and so forth.

It has been known theoretically for some time that intelligent routing software with global knowledge of the network is able to cope far better with faults. Indeed, some of Cisco's more advanced routers have rudimentary implementations of some of the theoretical ideas.

Far more exciting, though, is the work going on at Sychron. The founders of this company are leaders in the field of research into high-performace, scalable, fault-tolerant parallel computing and networks, and are now applying their knowledge to the internet; specifically, to servers and routing.

So you never know, if more people take on ideas like these, the internet may become a more enjoyable place.

Re:Hyperbole counterpoint

[groomed]

All you need is to have is a large number of computers doing these attacks at the same time.

The problem happens after the first few attacks wreck such massive damage that it becomes impossible to deliver the remaining attacks with the necessary force.

Remember, "I could use a lever to lift the world, if only I had a place to stand."

Re:Cablevision + Bullet through fiber = no redunda

[~packetfire~]

Betcha that your cablemodem's DHCP lease expires every 24 hours, and it takes a min or two for it to request and get a new lease. > Also every night between 11:45p m and > 12:00 am I can't put any traffic across > my modem for about 2 min. What's up with > that? Routers rebuilding tables? Anybody know?

Network Research

[mr.+mulder]

I'm in the process of doing research into network topology and the effect(s) of server and/or router outages will have on the network topology and the overall connectivity of the network. Essentially, my research focuses determining the optimal locations for servers and/or routers for any given network topology.

Redundancy is no more.

[QwkHyenA]

I've noticed this problem for sometime, I'm starting an organization/open source project that will collect miles of string and old soup cans/ empty coffee cans to help alleviate the ever increasing problem of downed routers. More information will follow.

Why do my ping packets go all over?

[eww]

The only thing I know about this topic is this: I live in Edmonton. My friend lives in Edmonton. I have a cable modem and he has DSL. When I ping his computer my ping packet goes to the other side of the continent and back taking about 10 hops. Another friend of mine has a cable modem too. When I ping him I go through 5 hops to get to his computer and my packet stays in Edmonton. Why can't the different large ISP's have a shared connection in Edmonton? I am sure that it would be a lot faster if my packet's stayed in Edmonton instead of running to Toronto and back(Several 1000KM).

Another view on things...

[SamMichaels]

Last night our boxes colocated at Level3 in Detroit Michigan suddenly disappeared. Apparently they were replacing the chassis on the router and downtime was about an hour.

If they can't re-route for PLANNED maintenance, how can you expect them to be prepared for unplanned stuff?

...one step at a time :)

Internet Design

[n7lyg]

Back in the day when we installed the ARPAnet node in Seattle (a BBN C30), the network was redundant by design. We had to lease two 56k(!) lines from AT&T in order to guarantee two physical connections from each IMP to all of the others. One connection went to Minnesota, one to Berkeley. AT&T guaranteed to use separate facilities to route the signals leaving Seattle. That provided the redundancy, but we still had the SPOF within Seattle, because we relied on AT&T/US West to get the signal from the campus t the central switching center downtown.

As the Internet has grown, people have attempted to keep the backbone structure true to the initial premise of having two or more separate physical connections between each major backbone node. With the introduction of the MAE centers, the commercialization of the net, the proliferation of private backbones interacting with each other through policy-driven exchange agreements and the internationalization of the network (how to you have physically redundant connections on a single trans-oceanic fiber?), the goal of physical redundancy has been more or less abandoned, except for military purposes (.mil linkage).

It is nearly impossible for anyone to request and guarantee separate physical connections between backbone nodes, because even the telecom providers do not always know in advance where signals will be routed on their own ATM/SONET/etc. networks. Backhoe outages and DDoS are only the tip of the iceberg--we will see more routing troubles due to the complex, policy-driven exchange agreements are implemented using BGP mechanisms with varying degrees of effectivenes. If your ISP uses the Sprint backbone and Sprint is in an argument with PSInet, you may not be able to reach anyone on PSInet until the political argument is settled.

Bottom line, the Internet backbone is no longer a single network with built-in redundancy. Each separate, private backbone may (or may not) have internal physical redundancy, depending on the carriers network design. The existence of private networks interacting at MAE's pretty much guarantees regular partitioning of the Internet as backhoe outages disrupt the exchange of traffic between private carriers. The increasing use of DWDM fiber as backbone also pretty much eliminates physical redundancy in network paths. It is an open question whether or not redundancy is important or desirable in the modern Internet.

redundancy, &c

[Scott+Hazen+Mueller]

A couple of posters have hit on one of the key points - redundancy has gotten quite hard for a small site to set up. Even back in 1996, it was next to impossible to get routable address space for a small company (e.g. a web commerce/content provider). The smallest allocation has been a /19 for a long time, and if you've got 10 web server systems it's pretty hard to justify that many addresses.

From the routing standpoint, the alternative is to advertise subnet blocks out a redundant connection. That is, you sign up for provider A and get a /24 block from them (for example). You then sign up for a backup connection from provider B and get them to announce the /24 block from provider A's space for you. This works, but it's considered unfriendly because it undoes route aggregation. Unfortunately, ARIN doesn't really provide any better solution for small sites.

At the next level, even if you get redundancy of ISPs, you may very well not have redundancy in your telco facilities. Fiber providers swap the actual fibers back and forth - I'll trade you a pair on my NY-Chicago route in exchange for one on your Chicago-Dallas - so even if you get your Provider A connection from Worlddomination and your Provider B connection from AT&CableTV, there's a measurable chance they're in the same bundle. Even if they aren't in the same bundle, they may well run through the same trench.

Thirdly, you don't know what providers A and B are doing for redundancy. Are they ordering all of their backbone circuits from diverse providers, and are they ensuring diverse physical routing of the fibers? On top of that, I recall reading on one occasion that telcos sometimes move circuits around, so you can order redundant circuits, have them installed correctly, and then have them moved on you later...

There's also been a lot of stuff flying around here about NAPs & MAEs. The MAEs and NAPs were quite important a few years ago, but since then the major providers have switched mostly to private peering arrangements, where their interconnect traffic doesn't go over the public peering points. Smaller providers still peer at those points, and some of them probably even peer with some of the big guys, but the major traffic goes via private DS3/OCx connections running off-NAP.

Lastly, vis-a-vis the redundancy of major backbone networks. It's been ages since I looked at them, but Boardwatch used to have maps of the various Tier 1/Tier 2 NSPs. Even back in 1997/1998, UUNET's US network looked like someone took a map of the US and scribbled all over it. They have a huge bloody lot of connections, and you can be they've got multiple redundancy out of virtually any city. (Disclaimer: never employed by UUNET or any related firm...) Yeah, I can see that some of the smallest national backbones (are there any left?) might only have 1 link into some cities, but even those guys set up fallback routing so that their traffic can get in and out.

Generally speaking, if your favorite site is not reachable, it's most likely something at the site's end of things. Second most likely is that it's at your end, if you're not using a major connectivity provider, or if you're using a DSL provider with known problems...

Basic Design Flaw

[stonewolf]

The IP protocol and the whole routine structure were origianlly designed to provide redundant connections between TRUSTED hosts. Further it assumed that the transport was on top of the highly reliable PSTN which in the US is build to DOD standards.

It was never designed to operate in the presence of HOSTILE hosts and poorly designed transport networks.

Can you we all say "oops!"

StoneWolf

Amusing...

[randomgeek]

Right as I was about to click the link to read this story earlier today, a router went down somewhere about 8 hops away. A large chunk of the internet was inaccessible at least in this building...

Two words, DNS Spoofing

[DaHat]

My school is having a problem with this (although they don't admit it). A fair number of sites that I want to go to I can't because the DNS server has bad entries for them. It would be very easy to cripple the Internet without crashing a single router or cutting a single piece of wire. All you'd need to do is corrupt a bunch of DNS servers. If that were to happen, suddenly every time you typed in http://www.slashdot.com you wouldn't go anywhere, if you were to use the web servers IP of 64.28.67.150 then you could ... but how many users know the Pi's of their fav servers.

Re:low key packets

[raju1kabir]

I hope you realise that a nameserver and the root nameservers don't have anything to do with the lower levels (like IP and ARP). ... they are on a higher level (TCP to be precise).

Actually, almost all nameserver traffic is UDP.

Re:Hyperbole counterpoint

[raju1kabir]

Well, Dr. Mudge ( L0pht security guy ) mentioned in a Senate (could have been congress) hearing that his group of guys could take down the entire net in less than 30 minutes.

Just because some punk says something doesn't mean it's true. Especially when said punk has a material interest in people believing it.

Ever heard a drunk person in a bar go aggro and say "I could take every single one of you!"? Did you then go running off breathlessly to tell your friends, "I just saw the most amazing thing! There was a man in the bar who was so strong he could beat up 40 people!"

And the Senate is part of Congress.

Anyway, an attack like you describe would require an awful lot of coordination, because after the first couple actions (if successful) your connection would as a collateral effect be so slowed that you'd have great difficulty finishing it off. So you'd need people working on the leaf sides of all these routers. Many of those in developing regions are new installs and high-capacity but are connected via poor, old telco infrastructure, making your task extra-hard.

Not to mention, of course, that there's more to knocking out a secured router than saying "Hey, now let's take out Sri Lanka."

Re:Penalize USA and a free pass to CHINA???

[raju1kabir]

Under the treaty, all other countries need to reduce their CO2 emmissions to 5% below 1990 levels, BUT the USA has to reduce our level 7% below our 1990 levels.

Perhaps you hadn't noticed, but US per capita emissions levels in 1990 were far higher than the European countries'.

The 7% number was just pandering to US greed and unwillingness to play fair (it should have been much higher). Sad that even that wouldn't work.

Re:Hyperbole counterpoint

[raju1kabir]

If he'd referred tothe United States as "America", would we also be hearing about it from you?

No, because I've already explained at length, "America" is the accepted short name for "The United States of America".

The fact that I point out a real error doesn't mean that I have magically assumed every incorrect pedantic position known throughout history.

Re:Penalize USA and a free pass to CHINA???

[raju1kabir]

You're just pissed because your damn EU or wherever you live is a dreary little closet in the war-ravaged armpit of the world.

Well, I live in Washington DC, but you're right, it is a dreary little armpit.

Situation in Europe

[AdamInParadise]

I can tell you about the situation in Europe. Most countries (France, England, Germany, Spain...) use a star-shape network, centered on the capital. If at some point one edge is broken, well, too bad. So there is NO REDUNDANCY AT ALL. It's not like in the US where there is several way to get somewhere. In Europe there is usually only one way. So everyone host their server in the capital (or better: somewhere in New York)

Cablevision + Bullet through fiber = no redundancy

[zerofoo]

I'm connected with a Cablevision cable modem and when it's up it's really fast. A while ago the Cablevision's cable modem service went down in the whole state of NJ for 10 hours, why? Because someone shot a bullet through a critical piece of fiber, and that was the only one. Also every night between 11:45p m and 12:00 am I can't put any traffic across my modem for about 2 min. What's up with that? Routers rebuilding tables? Anybody know? -ted

redundancy? very unlikely

[kech]

All of this talk about redundancy makes me laugh. Let me tell you why. I have been working for telecom companies for a while now, and it's amazing what the internet savy don't know. Most of the fiber in this country has been put in place by AT&T and all the Baby Bells. When the government broke up AT&T and forced it to lease it's pipes to MCI,Sprint, etc., it was great for the consumer and the Internet boom, cause we could get competative prices from different telecom providers. Here is the funny part. A start-up broadband provider will not have the cash to build it's own fiber network, it will lease it from the big boys(AT&T, Bell ATlantic, etc.). Any of you geeks and nerds know how much data goes across a single fiber? What about a system that uses DWDM (dense wave division multiplexing)? An OC-192 carries 129024 DSO (regular phone lines), 192 T3's. What about the back-bones that carry this from one city to another? When I worked for Worldcom and UUnet, I could walk into the node and by cutting 4 fibers I could bring down 1/2 million customer. The building was one city block in New York City. 15 floors packed with telecom companies and internet service providers( Rackspace.com, exodus.com, etc.) Now for that redundancy every one talks so much about. If a terrorist blew up that building, countless internet sites (located in NYC) would go down, phone service, cable tv, broadband. You name it. Having redundancy means not the fiber going into the building from 2 different locations, but the providers having 2 different IDENTICAL locations (mirrors). IF terrorists want to hurt us by fucking with the internet, all they have to to is cut the fiber backbones that interconnect us. Your precious internet can be taken down by a pissed of employee that works at AT&T. God loves stupid people because there are some many of you!! kech

low key packets

[deran9ed]

What I see happening is a mixture of crappily assessed networks created by pundits who have zero skills configuring their networks.

When companies go out of business as well, so do their networks, which means if your on a node with that connection, somewhere along the line your bound to have a broken link.

Sure there are DoS attacks, and there are also fixes for them, so DoS attacks should be 3rd or 4th in line for resolving host names.

Security risks associated with BIND problems could also be to blame for resolving hostnames, in which you could always try different servers for your nslookups to try to resolve them.

Personally I don't think people envisioned what the Internet would be in a few years when they made those statements.

oh and here is your first quick guild book

[onepoint]

the guy at the web site :
http://home.online.no/~ggunners/NetBird.html

has a nifty program of the routing of traffic. very nice when you need real tight data.

ONEPOINT


spambait e-mail
my web site artistcorner.tv hip-hop news
please help me make it better

Re:Hyperbole counterpoint question

[onepoint]

>Just because some punk says something doesn't mean it's true. Especially when said punk has a material interest in people believing it.

Well I would not call DR. Mudge a punk. He is a respect security expert and at the time L0pht was only know to internet security people and those that hacked systems. He was not as well known as today.

>>And the Senate is part of Congress.
OK. Are there hearings subject to the same rules and regulation. I thought it was different.

>>an attack like you describe would require an awful lot of coordination.

Yes and No. What I mean by yes is that you are correct that it requires very detailed time line. The No part is how you or I could hack ( via virus and other tricks ) systems and set up the time line or even better, upload the time line at the last possible moment.

Taking out a router would not only require huge amounts of bandwidth hits but at the same time proper usage. I would definely use dieing packets,( packets that have to report back to the sender that they have died in transit and require a new packet to be resubmitted) this way I can clog up bandwidth at the same time.

Anyway, after the taking out of newark and white plains. The rest was a joke.

ONEPOINT



spambait e-mail
my web site artistcorner.tv hip-hop news
please help me make it better

Re:Hyperbole counterpoint

[onepoint]

Well, Dr. Mudge ( L0pht security guy ) mentioned in a Senate (could have been congress) hearing that his group of guys could take down the entire net in less than 30 minutes. Given, I think this was back in 1998.

Move to the current.

A well-designed attack on the major routers (and it's not that hard to find them) could reduce traffic to a crawl.

Hell all they have to do is hit the ... done in this order ...
Hit the MCI routers for their newly installed OC192's and the back ups OC48, take both out in Newark NJ and the backup in Weehawken NJ then kill the Sprint loop in Weehawken. Kill the OC3 and 12's in Newark and Weehawken.

Yes, there is a lot of traffic that passes via Newark and Weehawken; the others are White Plains and the Bronx. Take out White Plains and that should take out 10% to 30% of inbound the British traffic.

Hell while were at it, lets take out the Aussie, hit them at the Singapore router, that will slow it down a bit, then hit them at the Philippines and kill them off at Sri Lanka

But wait how about the Latin Americans, Easy also, Start at Miami, then work over to Bahamas then kill shot Sao Paulo, Brazil.

What did you say? I did not mention the Asians, Oh my... so sorry, but I would like to keep my goods at the current cheap prices so I'll leave them alone.

All you need is to have is a large number of computers doing these attacks at the same time.


spambait e-mail
my web site artistcorner.tv hip-hop news
please help me make it better

Case in Point -- UTD

[stu42j]

Last year, UTD added a second connection to the Internet, through a seemingly separate backbone. A few months ago, a single fiber cut in Irving, ~20 miles away, knocked out both connections for days.

So much for redundancy!

Error and attack tolerance of complex networks

[MikeyLikesIt!]

The following is the abstract from an article in the journal Nature - very interesting. Give it a read!

You can read the whole thing on their website

RÉKA ALBERT, HAWOONG JEONG & ALBERT-LÁSZLÓ BARABÁSI

Many complex systems display a surprising degree of tolerance against errors. For example, relatively simple organisms grow, persist and reproduce despite drastic pharmaceutical or environmental interventions, an error tolerance attributed to the robustness of the underlying metabolic network. Complex communication networks display a surprising degree of robustness: although key components regularly malfunction, local failures rarely lead to the loss of the global information-carrying ability of the network. The stability of these and other complex systems is often attributed to the redundant wiring of the functional web defined by the systems' components. Here we demonstrate that error tolerance is not shared by all redundant systems: it is displayed only by a class of inhomogeneously wired networks, called scale-free networks, which include the World-Wide Web, the Internet, social networks and cells. We find that such networks display an unexpected degree of robustness, the ability of their nodes to communicate being unaffected even by unrealistically high failure rates. However, error tolerance comes at a high price in that these networks are extremely vulnerable to attacks (that is, to the selection and removal of a few nodes that play a vital role in maintaining the network's connectivity). Such error tolerance and attack vulnerability are generic properties of communication networks.

Whatever Happened to Internet Redundancy?

[BIGJIMSLATE]

Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?
Whatever Happened to Internet Redundancy?

I don't know, but my fuckign alt and v keys are stuck...

Whatever Happened to Internet Redundancy? Who the fuck knows. :p

redundancy is a joke.

[emn-slashdot]

There is only one site that people would have to hack to take down the internet. Internap. They have routeing data for the entire world. With that data you could take out the 80 or so networks by simply owning the routers, or the routers behind them, and flooding UDP. It's kinda sick, but I guess it is like everything else these days. Everyone *thinks* it is reliable, safe, and etc. Reality is that given 72 hours, anyone with decent skill could (without fear of any type of punishment) take any 1/2 of the internet down.

The internet is not a web. it is a wire. It's just a lot of people hook on to that wire.

NOTE: I do not encourage this however. How else will I read slashdot?!?


-EvilMonkeyNinja
a.k.a. Joseph Nicholas Yarbrough
Security Grunt by Day
Programmer by Night

Who Killed the Internet Redundancy?

[CaptCosmic]

Back in the good old days, the Internet was rendundant and would route around down nodes. Back in the good old days, the Internet was also run by the National Science Foundation and the Universities. The NSF and the Universities were fairly good at keeping multiple routes up between them. Then along came the commercialization of the Internet. As the Internet became more and more the domain of corporations rather than academics, the philosophy of Intrnet routing changed. No longer did everyone keep links to several different services. Now corporations would sign contracts with each other and charge each other to connect. This resulted in a reduction in the number of links between hosts. Few companies can afford to link to a large number of other routing points, and those that can charge for the privledge of using them. This cycle has continued until the majority of the traffic routes through these network providers. This leads to a situation where, if one of these goes down, all the traffic they had been routing must now be shunted down their 2 or 3 backup links. These links usually have smaller pipes and, therefore, cannot service the enormous amount of traffic being dumped on them. This results in lost packets and unreacheable destinations. How do we fix this problem? That's the big question. The consolidation of network providers has killed the redundancy of the Internet.

Re:Kyoto treaty - 11th hour

[mveloso]

by pipelining the redundant secondarily pollutant fixtures through the appropriate ministries, we discovering telemesh synergies with your potato.

redundancy::reality

[mveloso]

because:

* peering arrangements create static routes
* problems on dynamic routes are difficult to debug

Combine these two factors and you can see the problem.

May be

[rakerman]

MAE East. MAE West. kaboom

Stupid question time...

[Telek]

Correct me if I'm wrong, but we seem to live in a world where something is considered done when it's 80% complete and left behind. Money is the top desire, and everything else comes second. If I can get from point A to point B, then why would I spend more of my money to create an alternate path when it's not needed? Management and decision makers have a LARGE tendancy to only look at the bottom line: can we make money of it NOW? No? Seeya!

Redundant versus Distributed

[s20451]

I took a course on routing and flow control in grad school. I get the impression that the features that people interpret as redundancy are actually examples of distributed processing. For example, no central location keeps the entire routing tree; local nodes don't need to know the global topology; nodes must find a way to route and prevent queues from busting without relying without supervision or instruction. That is, each IP gateway and router is expected to be co-operatively autonomous.

I also got the impression that although the potential for redundancy is included by distributing the authority, there really isn't all that much actual redundancy. For example, there are very few backbones that connect major routers across the country.

OC Backbones

[aristotle2000]

Most OC's are set-up with a protect circuit by design. Though I work for a telecom, I am not very familar with how it works, but I believe that the protect circuit can take the traffic if the the main fails for whatever reason. An incomplete answer but maybe that will spark someone else to reply with more accurate information.

Re:Hi!

[gsmraxe]

hahahahahahahahahahahahahahahhhahahahahaha! that has to be the funniest thing I've read on slashdot for a while!

Re:Hi!

[sllort]

word.

Hi!

[sllort]

Hi, I don't know anything about IP, store and forward routing, TTL, dijkstra's algorithm, or the differences between switched and packet forwarded algorithms. I don't even know that a majority of packet-forwarded traffic flows over antiquated voice networks configured in fiber-optic rings with 1:1 50ms protection switching, but no packet forwarding protection.

Hell, I don't even pay attention to the unbridled explosion in consumed bandwidth on the Internet, or the protocols like BGP4 that ISPs use to delineate their peering relationships and shut down unwanted traffic, decreasing network redundancy by entire orders of magnitude.

But, um, slashdot, I was wondering...

why can't i get to my porn?

thanks.

Re:Hi!

[circletimessquare]

i consider myself pretty knowledgeable about programming, but not so much about networking...

i could have very easily posted this question...

i think we can endlessly babble about whose intentions were what, but i think it's pretty obvious the joke was snide and sarcastic, and draws a clear line in the sand: "i know a lot of networking stuff and you don't"

and now someone's saying "how silly of a ask slashdot article this really is" and "The only people that would think that this is showing off are the people he's making fun of in the first place"

hey man, if it talks like a duck, and walks like a duck, it's a duck... this is snobbery, plain and simple

so if some networking dude is going to post a broad question about programming, can i make fun of them too?

is there a test to be considered ubergeek enough to post a question to slashdot?

or can you only ask minutiae questions rather than topics of broad interest?

c'mon, this is like a kindergarten lesson here... repeat after me: "if i don't have anything nice to say..." you finish the rest ;-)

Re:Hi!

[circletimessquare]

oh dear! and we haven't even been on our first date yet! 8-P flattery like that lover boy will get you everywhere! *SMOOCHES* now i know where your mind spends most of it's time! i've found my true love! XOXOXOXOXOXOOXOXOXOXOXOXOXOXOXOXOX

(ps: why can't "he's intentionally making silly posts to annoy people like you, and succeeding." apply a whole lot more to your reaction to my post given the level of emotion you've displayed, hmmm? gee, i made my point and i didn't have to mention your a-hole! WOW! WHAT KIND OF OUTER SPACE THINKING IS THAT! WHODATHUNKIT! pfftt... please... get out of the server room sometime, ok loverboy? your mind is drifting and you need to take care of some personal needs ;-)

Re:Hi!

[circletimessquare]

zark me ;-P

Re:Hi!

[circletimessquare]

wow! you must have spent *hours* on the web looking for this kind of stuff to find this site ;-)

it's an interesting kink you have and i wish you luck with your hobby, but that's just not my cup of tea...

i'm sorry, i don't want to hurt your feelings but i'm sure there's lots of other sweet guys and gals who share your interest in this kind of thing though, and certain you will find what you are looking for eventually... if you devote the kind of energy you have devoted to finding sites like this to trying to meet people who share your interests, maybe you will find the true love you seek...

best of luck on your fair journey

lots of love

your dear friend

xoxoxoxoxoxoxoxoxox

HAHA!

Re:Hi!

[circletimessquare]

Hi, I don't know anything about communicating my vast networking know-how to the average slashdot visitor, how to come down out of my ivory tower, being friendly, or the differences between a good honest question for good honest debate and a question I can inflate my ego over by making snide sarcastic fun of. I don't even know that a majority of slashdot visitors don't know as much as I do about packet-forwarding protection.

Hell, I don't even pay attention to the looks I get when my voice rises in frustration because no one else understands what I'm talking about when I'm in "the zone," or the simple human convention of being nice because I'm too busy plotting to take over the world and educating everyone about my vast knowledge of networking minutiae, decreasing my need to spend hours explaining things that I already know and holding it against other people because they don't know about decreasing network redundancy by entire orders of magnitude.

But, um, slashdot, I was wondering...

why can't i get a date?

thanks.

REDUNDANCY!!!!! THATS WHY IT WAS MADE FOR!!!

[madhatter256]

That's why the internet was for in case a router went down. That's why the pentagon spent a lot of money in it back in the old days just incase the soviets droped a nuke on us and we needed to retaliate SO a network was made so that if the nuke was dropped somewhere we can rely on a computer network that can be rerouted if a router went down and still be able to send a nuke back from a computer. Ever since they gave it to the public the redundancy of the system started to go down and the internet could easily collapse! It is true of what they say that if some person can do a DoS can bring down a large number of routers!! We should start and try to fix the problem before some idiot does one and it does some major damage.

REDUNDANCY!!!!! THATS WHY IT WAS MADE FOR!!!

[madhatter256]

That's why the internet was for in case a router went down. That's why the pentagon spent a lot of money in it back in the old days just incase the soviets droped a nuke on us and we needed to retaliate SO a network was made so that if the nuke was dropped somewhere we can rely on a computer network that can be rerouted if a router went down and still be able to send a nuke back from a computer. Ever since they gave it to the public the redundancy of the system started to go down and the internet could easily collapse! It is true of what they say that if some person can do a DoS can bring down a large number of routers!! We should start and try to fix the problem before some idiot does one and it does some major damage.

Re:Kyoto treaty - 11th hour

[devon_halley]

Please keep in mind that the "undeveloped" nations not covered under the treaty would be China and India... Undeveloped countries perhaps but not too far behind the curve.... Also keep in mind, you rabid ecologists, that most scientists (and English PM Tony Blair) agree that the Kyoto treaty doesn't restrict emission nearly far enough... Also, the treaty was never seriously going to pass Congress no matter what Bush said or did... One last thing, before the last Ice Age CO2 levels in the atmosphere were higher than they've ever been... I'm still waiting for a theory on global warming that explains that... Not saying global warming doesn't happen or isn't happening, just that maybe we need to get some more information on what's happening... PS Shouldn't this have been moderated down to -1 for being off topic???

ramifically speaking

[gBonics]

This is a misunderstatement. Al Gore, the inventor of the internet didn't coverationalize the impending ramificacations when he invented the router for Internet world wide web traffic which could systemautomatically handle the dispersement of traffic fluctuating in outer space.

Aren't you glad you have a Resident who cares?

Resident George W. Bush

But...

[MojoMonkey]

Aren't most web sites inaccessible due to the web server being down? I agree, this is skirting the issue, but... still. How often are sites inaccessible due to some node in the path being down? I would wager it is a very small percentage, with simply having the server crash being the major culprit.

Demand will drive Internet reliability

[leegates]

End to end network reliability is limited by a number of factors, including physical redundancy, router reliability, DoS attacks, etc. A recent study you might want to take a look at is End-to-End WAN Service Availability, by Chandra et al, which tried to quantify the impact of routing failures, and how much CDNs help at hiding failures (despite the hype, answer is: not much).

DoS attacks and success floods are also an increasingly big factor limiting end to end reliability. Anyone with a grudge can download a tool to take out virtually any Internet connection (we have even seen attacks aimed at everyone from major web sites to individual home users!), and the tools are becoming even more sophisticated and devastating. Re-routing along a redundant link doesn't help here (except in a few special cases) -- the DoS attack traffic would re-route along with the good traffic. Fortunately, there are products available (from us and others) to solve the DoS problem, and solutions to other Internet reliability problems are being developed.

Bottom line: demand will drive Internet reliability to get better; it is not a technological problem.

Built-in Failure

[LiquidZero]

Now, I'm no expert (in fact, I'm a moron compared to many of you out there), but don't we strip away some of this redundancy by setting a value for how long our packets survive? TTL... Time To Live, is great for speed. But I'd think the redundancy can come back if you jack up that value, so the packets can survive many more hops.

He's got a point.

[h0tb0x]

I work for a fair sized cable isp and on occasion a router somewhere between "us" and "them" goes down. The traffic may get rerouted but the new route does not necessarily work too well. Packets only have so much "time to live" or ttl and quite often the new route takes way too long to make it to its destination without totally timing out and getting discarded by some router along the path. Personally I think the problem lies with the isp. ISP's pay for "X" bandwidth anything beyond that they're out of luck and what ends up happening are routing loops where the upstream isp simply starts bouncing data back to the isp when it's over its limit. Outside of that the sheer size of the internet now makes it incredibly complex compared to what they were dealing with when it was the ARPAnet. Also when you think about it if you were to poke out the center of a spiderweb sure you could get from one side to another still but you have to take a longer way (and in the Internets case a much longer way) around. I sincerly hope that IPv6 does all that it's supposed to. Redundancy is still there (barely) but real redundancy means that for every route there must be a second route that goes the same way and that's not economically feasible for a lot of companies and that is what pretty much constitutes the Internet since it was "commercialized". Try explaining to the company CFO why you need 6 cisco UBR's to manage 3UBR's worth of traffic. It probably all comes down to dollars and cents in the end.