Slashdot Mirror
David Clark: Rebuild the Internet
boarder8925 writes "David Clark, who led the development of the internet in the 1970s, is working with the National Science Foundation on a plan for a whole new infrastructure to replace today's global network. The NSF aims to put out a request for proposals in the fall for plans and designs that could lead to what Clark called a 'clean slate' internet architecture. Those designs, Clark said, could be tested on the National LambdaRail, the nationwide optical network that researchers are using to experiment with new networking technologies and applications."
"A whole new infraestructure" you say?.
We cant even start using the new ipv6 protocol. I dont think we are there yet. Try in 10 or so years.
http://securityportal.com.ar
What will the powers that be put in there to make it easy to track and control everything we do with it?
Click here or a puppy gets stomped!
...is this project going to actually provide revolutionary designs to ease or eliminate the problems we face today, or is this just a matter of reinventing the wheel?
I realize that it's quite tempting for computer developers to want to clean up a system after it's done, but such work only ever works if you have a clear understanding of the problems faced under the current codebase as well as an absolute need to fix the issues with the current system. Simply saying, "it'll be better/cooler/faster" just doesn't cut it. Those things can be obtained from evolutionary development. Revolutionary means that you are uprooting all the existing users. The payoff MUST be tremendous or they ignore it!
Javascript + Nintendo DSi = DSiCade
Considering the uptake speed of IPv6, I can see a new internet coming online in about, oh 2092...
I think there would be a very very long transition period for anything that tried to rebuild the internet - even if it is feasible.
No problem.
1. get fresh pr0n
2. ???
3. profit!
should be worked on and finished first. It's only fair.
Clark said he would like to see two things addressed in any replacement for the current internet. The first is a coherent security architecture. The second is a healthy economic infrastructure for network service providers, who will need a bigger piece of the pie in the new internet than the one they are getting now if they are going to help pay for building it.
I read this as users having no anonymity and paying through the nose for it.
Can I just keep the old internet?
The internet might have its problems, but it's here now and everybody is on it. Unless they add a backward compatibility layer (doubtful if they are designing a 'clean slate' architecture), it becomes a chicken and the egg phenomenon, no matter how much better the technology might be. Nobody will want to use this architecture until enough people adopt it, and enough people will need to adopt it before joe average uses it. All the while the existing internet is there.
In other words your broadband bill is gonna go through the roof, and the Cisco routers will have new Anti-Virus code of sorts that will stop mail that says "pr0n penis biggzerz"
Seriously, what specifically did this article say about a future plan?
PHP and MySQL which can do anything!
Obligatory
Get your Unix fortune now!
It seems every measure to stop phishing, spam and the like, just results in a means to circumvent. I'm not against renewing efforts to re-engineer, but I'm not sure it's fruitful to go after it for those reasons. IPv6 is a moderate step in that direction and is worth giving a chance.
How long before the RIAA tries to get on this rebuilt internet, eh? ;)
The clean slate never stays clean for long. Sooner or later you get weak NAPs, preferential treatment at peers, crappy colos, blah blah blah, these issues will just emerge in the "new" network once it goes live (and then someone else will want to start "clean" all over again!). Meanwhile the "old" internet will continue to use market forces to make the changes people really demand, even if it results in "uncleanliness". In any case Internet2 was supposed to provide this by now...it was always intended to be for "everyone", jsut students and profs first. What happened?
in ipv7, we won't need a navi at all...
"Fuck it! I'll rewrite it from scratch."
That approach is always more fun
"A super-high-speed internet could even allow people a world apart to collaborate inside elaborate 3-D virtual arenas, a process called tele-immersion."
I believe the technical term for this is MMORPG. It appears to work pretty well with our current internet.
All joking aside, I don't think anything will change any time in the near future. IPv6 is probably the most radical change the internet will see for possibly decades to come, and that can't even catch on. People are simply not going to pay to have the internet re-architected when it is working well enough as it is; why reinvent the wheel while its still rolling. Things along these lines have been proposed before, and I'm sure will be proposed again, and I'm sure that one day, the internet will eventually be rewired. However, this is still far ahead of its time.
Cars still ride on wheels, power still goes out with storms, and cell phones still lose service underground. What makes anyone think the internet is going to be any different.
I'll agree with him that Internet2 hasn't lived-up to what it should have been, and trying something completely different would be a very good idea.
However, I don't agree that the current internet is in-need of replacement. Creating TCP/IP packets requires significant processing power, and a simpler protocol would mean more devices being online, but by the time anything new becomes accepted, a $1 chip will be able to do it all.
If you want to improve the internet, put explicit congestion notification back into all TCP stacks, as it was before the BSD stack left it out... Goodbye massive packet loss due to minor congestion. Require all vendors to support jumbo frames... And many more small changes (to the existing internet).
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
"It's a trap!"
I've been to IPv6 summits. I've also served as the senior technology officer for several telecom companies (one of which was a very first CIX-W router connected ISP and frustration to Paul Vixie in our rather unique connection to the early Santa Clara peer point).
Through my experience, I've advocated IPv6, yet I've found significant resistance from nearly all sectors of business (except from South Korean and South American investors - go figure). Some of the problems IPv6 plans (and this "new infrastructure" pipe dream) face include:
Don't think I'm not wild about IPv6. I geek out and run it over AX.25 amateur networks for fun (what better way to learn a protocol). Yet the days of getting capital markets worked up in a frenzy, ready to throw hundreds of millions at network replacement are gone. Unless this latest dream is based on new tax revenues from all of us (which only creates messes like the original unaccountable NSFNET regionals), it won't go anywhere.
*scoove*
I don't remember who's idea it was, but if we have all future internet devices use encryption (like IPSec and IPv6), then if we have a portion of the ip address be a crypto hash of the devices public key, then it would make spoofing harder. Of course part of the ip address would still have to be reserved for routing purposes for efficiency.
"How long before the RIAA tries to get on this rebuilt internet, eh? ;)"
How long do you plan to keep human nature off this new Internet? If you all don't like the old internet, then you have only yourselves to blame.* Build a new internet, and start the vicious cycle all over again. Fix the people, not the technology.
*And if all you "/."ers think that you can lay the entire blame in corporate laps? Then you're bigger fools than I originally thought.
"Look at phishing and spam, and zombies, and all this crap," said Clark. "Show me how six incremental changes are going to make them go away."
Wait Mister Clark, you show me how *any* amount of change(s) will ever fix the inevitable human error, whether it be running a bad program or an actual programing error-- I'm sorry, but no design change will ever 100% fix that.
Don't fix what ain't broken.
Sure, there's almost always better ways to do things that are only illuminated by hindsight, but that doesn't mean that the old way should just be tossed out and replaced.
Besides, the Internet is one of those amazing flukes of history. It's a very open, public, and free world unlike anything before it. Does anyone really think that something designed now in the age of terrorism, by committee, using government money (NSF) would be carefully designed to protect those initial design elements that make the Internet what it is today?
Hexy - a strategy game for iPhone/iPod Touch
The premise of the existing Internet was benign cooperation. The previous /. story on the 12 minute Windows heist clearly demonstrates that that model is no longer valid.
I think it is a good time to take a look at all of the layers and see if something better is possible. I am not suggesting that Clark et. al. be given Carte Blanche to build a new Internet. The naysayers may well be right that any significant change would be practically impossible. But I do think it is a very good idea to investigate what changes are possible and what benefits those changes could provide. I'd hope that practical concerns of getting from here to there would also be explored.
We don't see the world as it is, we see it as we are.
-- Anais Nin
NEW YORK (AP) -- The U.S. government will indefinitely retain oversight of the main computers that control traffic on the Internet, ignoring calls by some countries to turn the function over to an international body, a senior official said Thursday.
Okay, I RTFA'd a bit more closely: it does say that he is talking about "a whole new infrastructure to replace today's global network" but later on the article states, "Even Clark agrees with those who say the internet currently serves most of its users quite well." So my point is still that he doesn't necessarily need *every* net user to be successful, just a large enough sub-set. And, yes, I know that means having two networks in the long run. I'm not certain that that's a showstopper.
Dcobbler
www.digitalcobbler.com
And, yes, I know that means having two networks in the long run. I'm not certain that that's a showstopper.
:-)
The only showstopper is if users are saying "Why should I use Internet 3 over Internet 1?" There's a lot of people in the loop that have to be convinced even to capture a subset. As a result, the technology *must* be a tremendous step up from what we have today.
Javascript + Nintendo DSi = DSiCade
For those of you that follow Clayton Christensen's disruptive technology models, I have a question for you (those of you that don't know it, but want to run tech companies, get your ass to Amazon and buy this book yesterday, or else learn the hard way as I did thru several companies before Clayton figured out some rather important rules). As a career disruptor, I was shocked to read my comment as follows:
:)
My customers would tell me they expect me to do these things already at no additional cost to them. Absent additional capital, it ain't happening in today's telecom market). Lacking a killer ap that only works in IPv6 land, the finance people won't back any infrastructure upgrade. Here's the rule: either make money or save money.
Damn if I sound like an old IBM suit.
Clayton's model says my thinking is what plowed DEC (Digital Equipment Corp) into the ground. I'm wondering if Clayton is off... what if the "right answer" only came from a bunch of irrational entrepreneurs who threw caution into the wind and bet on new technologies before any financial analysis would ever prove it out? Sort of an irrational charge of ten thousand barbarians against the city gates, of which only five might survive, but in doing so, the win?
Take my pragmatic thinking as detailed above in the quote. I've been through startup hell and have grey hairs. I'm an old guy in Internet time. I've finally agreed with all the financial rules. What if being 20-something, irrational and fearless gives you an unbeatable advantage vs. the rational "IBM" decision making models? We've gone from Innovator's Solution to Innovator's Nightmare. Instead of a viable solution for business redevelopment, we have a scenario where you throw a thousand lemmings at a new technology, most sink and die (a farce, yes, and a funny Apple ad), but the one that makes it breeds and kills the old guys.
I'd be very curious at the thoughts of those that have walked in these shoes... slashdot five-figure IDs or less certainly
*scoove*
Yes, I agree with you that it "must be a tremendous step up...". I think, however, that it only has to be a step up for *some* (small "a") applications that the current internet is used for. Further, I think it's possible to cherry-pick some of those applications for which the internet is woefully inadequate and for which there should be a large enough set of users to support a superior alternative. However, it's late and my brain's tired so I admit I can't think of any good examples right now ;-(
cheers,
dcobbler
If one is able to find any privacy or anonymity in this new Internet, it will be because of some undiscovered security hole, which will be quickly repaired, rather than any kind of conscious design decision. Probably one reason they are accepting proposals before rolling it out is to avoid the sort of accidental security holes that enable pr0n, peer-to-peer filesharing and left-wing political activism.
Microsoft, a leading contributor both to this nation's technology base and to the campaign coffers of its leaders, will embrace this new technology and extend it in such a way that the development and dissemination of Open Source software will be, if not mathematically and physically impossible, at least as difficult as factoring a 2048-bit public key.
Imagine, if you will, Trusted Computing implemented at the router level, in such a way that any packets that go farther than one hop are certified not only to support protocols whose patent licenses are fully paid-up and on file with the legal department in Redmond, but whose content is compliant with the Windows standard. The faintest whisp of a Public License, GNU or otherwise, will result in the dropping not only of the individual packet, not only in the cancellation of the entire file transmission, but, within microseconds, the physical location of the offending server. The identities of its rogue administrators will be fetched instantly from the database maintained by the Homeland Security Department. (You will have to submit fingerprints and DNA samples to obtain a Windows server license, as after all, Internet servers can be used to disseminate explosives recipes or the formulas for nerve gases.) The supercomputers that constantly monitor the cameras mounted on every lampost in the United States of (God Bless It!) America will be ordered to recognize the criminals' faces, and when they are spotted trying to flee to the Amazon jungle, orbiting lasers will vaporize their bodies, leaving nary but a whisp of smoke.
When a close family friend tries to comfort one of the grieving mothers for the loss of her son, she will desperately proclaim "No, I have no children! You must have mistaken me for someone else. Please leave me alone!" before she scurries rapidly away.
National firewalls such as those employed by The People's Republic of China are expensive and difficult to maintain. They are notoriously leaky, and easy to circumvent by anyone determined enough to find out how. But worse, they impede the economic potential of emerging economies such as China, which necessarily bottleneck technical data and eCommerce in order to have a single chokepoint for the Four Horsemen of the Infocalypse (Taiwan, Tibet, Hong Kong and Pornography).
Imagine, if you will, the potential of our New Internet: not only by technical design, but by international treaty (enforced by the threat of military intervention on the part of the UN Security Council), each nation will have a national firewall which is as transparent to the air to fully-licensed Windows Media Video files of Barney the Dinosaur and paid-up Wal-Mart orders, yet absolutely impenetrable to content not sanctioned by Homeland Security, the Republican Party, the 700 Club and the Boy Scouts.
I, for one, am weary of our present Internet, cesspool that it is of moral depravity and copyright infringement. I long for the days of yore, when men were men, women wore hoopskirts, and racial minorities were separate but equal. And so, I raise my right hand and shout with an enthusiastic "Heil!":
Copyright © 2005 Michael David Crawford.This work is licensed under the Creative Commons Attribution-NoDerivs License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nd/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
Request your free CD of my piano music.
Holy crap, I go offline for 12 hours and you guys are giving me this kind of jobs?? I quit! Nothing like signing on to /. and seeing your name in the top headline.
-- David Clark
"Look at phishing and spam, and zombies, and all this crap," said Clark. "Show me how six incremental changes are going to make them go away."
Well, in the context of that message: 1) make people pay for phishing licenses (or let Darwin sort out the fish); 2) plenty of ideas of how to use spam at the national spam festivals; and 3) "Just shoot 'em in the head!" (sarcasm)
I wonder if "all this crap" referred to the pop-up advertisements, sites that portend to present the truth or just Web sites that others find offensive or requiring of censure or ratings.
Seriously, unless there is a real epiphany in how some new restrictive internet (perhaps just a friends and family plan) designed to allow everyone to use it freely while also eliminating any type of abuse (especially attacks of social engineering) I would certainly like to know how that would be done (most especially the latter without any type of intrusion on the educational system).
My initial instinct is that the use of the new network would be considered 'clean': a) if it were a new medium not immediately adopted by the elements it chooses to avoid; or b) significantly difficult enough to either "register within its recognition system" or use so that it delays the elements it chooses to avoid from having said presence.
When you're done with the old Internet, can we have it?
Hugs,
The Developing World.
Crumb's Corollary: Never bring a knife to a bun fight.
NAT doesn't seem to completely solve the addressing problem. According to this report by Cisco to Congress (warning: pdf), we're going to run out of addresses for real somewhere between 2015 and 2025.
Yeah, I know they're a vendor, but this is a really reasonable report. They counter a lot of the hype, but they say we're going to need IPv6 eventually, so let's start now, before the Japanese and Koreans have built all the infrastructure and Americans are left to buy from them.
Thanks for making "secure by default" less important.
Thanks for retarding IPv6 development.
Thanks for necessitating the invention of UPnP.
Thanks for screwing up peer to peer connections for legitimate things like videoconferencing and file transfers.
Thanks for continuing to allow ISPs to treat IP addresses like some sort of rare element.
Thanks for mangling things like FTP.
Sounds pricey. I don't think I can afford more than $6 million to rebuild him... I mean it...
A guy walks into a bar... well, I forgot the joke, but the punchline is that he's an alcoholic.
Second, absolutely mandate IPSec. Don't just "mandate" it and then ignore it, as happened with IPv6, but make it a pre-requisite for all users. That gives e-commerce a lot more assurance on secure transactions and authentication, which seems to meet one of their requirements.
Third, mnandate QoS. QoS not only guarantees network quality, which would interest a LOT of corporate users, but also provides a mechanism for increasing profit. Simply offer different levels of guaranteed quality at different prices. This meets another requirement.
Fourth, the biggest new market is in mobile devices and wireless networking. So support them! What is the point of the IETF churning out megabytes of specs on mobile IP and mobile networks, or of software developers supporting all these new protocols, if none of the ISPs or network engineers give a damn? It would also provide an additional service, therefore an additional revenue stream, therefore also meeting the profit requirement.
(Mobile networks are where all the wireless users are going to stay using the same router, but the router itself is moving through the network. If you were to have WAPs on aircraft or trains, where you are static relative to the vehicle, but the vehicle is moving between ground stations, this is probably the way you'd want to implement it.)
Fifth, it is possible to balance anonymity with accountability. Accountability merely requires that machines are who they claim they are and (where user identification is relevent) users are who they claim they are. It does NOT require that anyone actually posesses enough information to actually identify those machines or users, only that when a claim is made, it is verifiable in some way.
We already have Kerberos for authentication, so it would seem a fairly trivial extension to use that as your authentication mechanism. The token does not reveal your identity, but it can be verified with a Kerberos server in the heirarchy used for authentication by that user, to prove that the user did identify themselves correctly.
If that isn't good enough, use X.509 certificates at both host and user levels. Lots more money to be made there. It doesn't kill anonymity, as you can perfectly well have a certificate that doesn't say anything useful or self-incriminating. It would still be useful for accountability, though, as no two entities, no two machines and no two users should have identical certificates. At the very least, the key used to examine the certificate would be different, even if the content itself was identical.
This would be more than good enough to ensure that Joe Bank Manager's personal checking account could not be logged into by Sammy Script-Kiddy - there's your accountability - but would not require people in politically dangerous countries (such as the US) to reveal anything that would compromise their safety, meeting a lot of the anonymity requirement.
As for the "upgrades" cost - that's just because most providers (backbone or ISP) are too cheap to do it right the first time. Optic Fibre has been around a LONG time, and to upgrade an optic link just requires upgrading the transceivers at each end - so long as the fibre is of good enough quality. At present speeds, a single fibre can carry about 4-5 terabits per second, and typical bundles have about 20 or so fibres, giving you 100 terabits per second.
Lets say that, when the US Government was still runnin
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
What is more interesting is not whatever lame-ass design this old fart has for a "new" Internet but the reasons why he thinks the Internet as it is today sucks.
Skynet. And then see what happens...
I can see it now: TCP/IP/[insert new acronym here]
Quick, someone call JC Denton!
More like... nerdular nerdence!
A Real-Time Architecture for Publicly Humiliating Spammers with Rusty Spoon Framework
Just wait for IE 7. You won't need to change the internet!
Instead of rebuilding it from scratch, can't we just correct what's not working. Please!
And while you are at it, get linux on everybody's desktop!
1.Ban all operating systems that aren't up to snuff on security . Buffer overflows and not secure.
2. Ban scanning. If caught , a fine and no access for a year. Then probation.
3. Mandatory firewalls or no access.
4. Have a control center you can send your firewall logs to so they can coordinate against the idiots.
5. Try and slow down port scanning from outside the U.S by creating another firewall for anything outside the U.S. It's only a matter of time before another China internet attack. Remember the DOS attacks by them.
OK, that's it, stop the comments, leave this story, it's all over.
Researcher #1: Hmm, this old version of the internet is too shabby. Lets make a new one!
Researcher #2: This time, lets use those new "optical wires". I bet the speed will be fast!
Researcher #1: Whatever it takes to screw over the media industry.
Researcher #1: Amen.
ôó
What the...? Are you confused by the name? I2 is just another semi-private backbone. That's all. It's occasionally a testbed, but mostly it's just a bunch of fast routers, nothing magical. It serves much the same purpose as the early Internet: connecting universities and a few large organizations.
LOAD "SIG",8,1
Define, as part of the standards, that when certain standards have been upgraded in important ways, within five years all essential infrastructure software must be upgraded so that it understands the new version.
This should apply to essential infrastructure like routers, DNS servers, SMTP servers, and so on. If a server does not understand a protocol that has been around for five years, that's reason enough to refuse connection.
If this becomes part of the standards, we won't have to support ancient legacy forever. When countries with languages other than English want readable domain names, we won't have to live forever with kludges like punycode, such kludges will stay just for five years, after that real solutions can be used instead. If/when solutions to serious problems like spam and DDoS are found and standardised, we can count on the infrastructure to support the solutions within five years. Stuff like IPv6 could spread quickly and smoothly.
Of course, having to upgrade introduces some inconvenience and expenses. But having to support ancient legacy is also inconvenient and expensive. In spite of the upgrade inconvenience, in the long run this kind of limit should save lots of money for everyone.
Terrorists can't threaten a country's freedom and democracy. Only lawmakers and voters can do that.
#1 Change: User side one time only credit charges. The only way to do a transaction would be to use an encrypted transaction that would prevent fishing from being any good at all. This would be more of a banking change, and most people would hate it, but the whole CC# and Bank info phishing has to end, the transaction mechanism needs to change.
#2 Change: Add a decorator pattern to ALL explorer windows, making user that every popup has a BRIGHT ORANGE BORDER, turn off the ability to disable the X button. Pretty much make all popups automatically listed as unsecure. Tag all 3 party "unsigned" apps with a Bright RED BORDER, if it isnt trusted you should know, every time you run it.
#3 Change: Add a hardened Email System to the main email. Where hardened email can be flagged as less likely to be spam. The hardened email system would be unprofitable for spammers to use, Proof of work tolkens or a small monitary deposit required for emails that are "in play". This would leave the old email as functional, but would gradually replace it as old email wont be used by real people.
#4 Change: Reduce to number of auto-launched services, anything that it out of the "OS-normal" for launching would be in one big happy spot, where it could be removed. The operating system wouldnt have a "backdoor startup" or a way for the program to re-insrt itself into the system. and the OS would solidly isolate itself from getting nailed by a trojan.. keeping almost everything in a sandbox.
#5 Change: Prevent the system from being able to spy on you. yea, it gets rid of some legitamate monitoring applications, But make it an option in the control panel that is stupid obvious that no-one really wants to turn it on (except corporations that are monitoring their employees).
#6 Change: Have a nice big registry of "BAD Software" If people are online anyway, there should be a way to tag software as JUNK, or SPYWARE, or a dozen other bad bad things.. and when the software is being downloaded, it shoudl be checked against the big database and the user should be VERY appropraitly warned.
Ok that's six off the top of my head.. yea they are mostly focused on microsoft, but thats where most people are hosed anyway. The net isnt bad, but some SIMPLE changes would really make the experience much beter for everyone.
Storm
When I was a grad student, creating new operating systems (from scratch) was all the rage. We were trying to replace UNIX (in it's various forms: BSD, SunOS, AT&T SYSV, Linux hadn't caught on yet). It just seemed ready to be replaced.
I think a lot was learned from creating those OS's. But, what ended up happening is that the *NIX's easily incorporated the interesting features in those research operating systems and so it was difficult to get hardly anybody to give up UNIX for a totally new OS.
A "clean slate" internet would probably follow the same path. It's worth doing but don't be surprised if nobody adopts your new internet but instead incorporates the most successful features into the existing Internet.
This guy must be getting support from a telco.
Telecommunications providers hate the Internet. Not only is the Internet too cheap, it's not set up for detailed billing. The US Internet backbone cost about $1bn to build, and costs about $100 million per year to run. For something that handles over 100 million users, that's nothing. All the intelligence is in the end nodes, so telcos don't get to add "value added services" for which they can overcharge.
What telcos want is an environment they control, like cell phones. With charges for everything from ring tones to SMS messages. That's what Clark is talking about here.
The telcos tried this idea back in the 1980s, and it was called TP4, or "ISO 8073 COTP Connection-Oriented Transport Protocol - X.224" X.224 is very much like TCP, but without the adaptive retransmit machinery to work well over unreliable links. You're supposed to run X.224 over a reasonably reliable virtual circuit provided by a telco. For which you pay by the packet, like X.25 or ISDN. Bad idea. Windows NT4 actually had support for X.224, and some older Cisco routers understand it, but it's dead.
This is not a place we, as users, want to go.
Instead of using odd languages that have developed in an ad hoc way through time, I propose to create a new language from scratch. None of the inconsistencies that plague all languages will be present. Let's call it Esceranto, or something like that. I know this will work.
I only hope they didn't forget to hire Al Gore or else this won't work.
from the to-stupid-for-words dept.
Our government kept control only to service its' corporate overlords.I might actually feel safer if the internet was run by an inefficent world body then by a single government (especially the Bushite government).
... how about a new Windows architecture (something that maintains the same 0wn35h1p).
... how about a new brain architecture for the masses (something that won't give out banking and PayPal passwords to every phishing email).
We have many, many fundamental problems in our society. Most of the problems of the internet are not really caused by the internet itself, but are instead reflections of ourselves, our society, and the morons that surround us.
But I wouldn't mind having an internet the way it was back around 1990, before the web thing started. Yeah, we did have morons online even then, but everone knew who both of them were.
now we need to go OSS in diesel cars
We can rebuild it.
We have the technology.
We have the capability to make the world's first optical network.
The Internet will be that network. Better than it was before.
Better...
stronger...
faster.
Guys, guys GUYS!
I see many posts here about how we need to "mandate" this and "require" that and blah blah blah...
But the Internet, by design, is lasse faire! There is no "mandating" ANYTHING! Anybody can hook up to their neighbor, who hooks up to some guy across town, who is hooked up to a couple other folks...
The Internet is DECENTRALIZED and OPEN. The closest it gets to mandating anything is the much-disputed RBLs. I, for example, block all email from most Asian countries - nothing personal, but it sure drops the SPAM load with virtually no complaints. But, I can't mandate what the Chinese or Koreans do with their network - I can only mandate what they do with respect to MY networks.
The Internet is merely a commonly agreed upon set of standards for communications across disparate networks, and it's performing the task of connecting networks the world over with grace and flair.
Don't tell me that just because Windows systems get infected in 12 minutes, that the Internet is broken. Sorry. The Internet is working fantastically. It's Windows that's broken. It's not up to the task of functioning on a globally accessable network.
So far, every significant "problem" I've heard with the Internet hasn't been with the Internet, but with the systems at its fringes. SPAM. zombies. Worms. Viruses. Exploits. All are simply side effects of a "zero friction network" as espoused by the all-knowing Bill Gates in his 90's book, "The Road Ahead", combined with systems not able to cope with the ramifications.
Bill Gates, Larry Ellison, Scott McNealy, Linus Torvalds, and all the others are learning now what that truly means, and over the next decade or so, we'll see major advances in developing the kind of security needed to handle this frictionless network.
In short: the Internet is doing just fine, people! It's the systems hooked up to it that have problems!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
I'm no more a lawyer than I am a techie, so I have no idea of how this could even begin to be started, but to put it simply, anyone designing this thing has simply got to take all the legal wrangling and abuse of the past few years into account, and at least attempt to deal with it, otherwise I don't care how wonderful this new internet is, none of us will be able to use it without ten subscriptions and an RFID tag shoved up our butts.
Mod Points: Helping you keep your opinion to yourself.
"A super-high-speed internet could even allow people a world apart to collaborate inside elaborate 3-D virtual arenas, a process called tele-immersion."
I call it fragging.
Dear Internet Community,
You are kindly notified that the Internet will be shut down starting July 5 2005 12:00 GMT due to yearly regular resetting of TCP segment counters and the general rebuilding of the 21th century global network infrastructure.
The Internet rebuild construction works are predicted to take anywhere between 3 to 7 days. The estimated ETA for Internet core restart is tentatively scheduled for July 10 2005 16:30 GMT.
During the entire lenght of construction works, Internet users will see a total, global service outage. We are sorry for the inconvenience, but the deep exhaustion of the IPv4 address space and rapid depletion of the TCP segment pools by spam senders have forced us to rework the Net to make it better and more secure IPv6 network for everybody.
The Internet will be booted up gradually working away from the core, thus edge networks may see service outage until the 15th of July 2005.
Please stay tuned to CNN satellite news television where continous live coverage will be provided of the great Internet rebuild starting July 4 2005 19:00 EST. Network administrator worldwide will recive instructions via CNN TV on how to assist with the great Internet restart process once the reconstruction works have been finished.
Please note that the new IPv6 global Internet network will only be available to computers equipped with a DoD-certified stack. These systems currently include Microsoft Windows, Apple Mac OSX and a number of licenced Unices and mainframe solutions supplied by established commercial vendors, including Sun, SGI, SCO and IBM. For a fully certified list please visit:
http://ho.ax.nsa.g0v/linuxisnotunix/uarefucked/
Thank you for your attention and cooperation!
Signed: U.N. Internet Govering Council, U.S. D0D, NSA, KGB, Microsoft, IBM.
Like my recent Open Mouth effort? Sadly I don't feel like bothering with step two so I probably won't profit. It has spiked my bandwidth bill up to over 15GB a day so far in the week since I put the site up. Hrmmm something not working right. ;)
IMHO tcp/ip is a really bad standard. ...
... You realize that tcp/ip belong to the past.
Already back when it was invented it was not that glamourous. If we use it nowadays it is not because it is the best network infrastructure but because it was back then the easiest and cheapest network solutions.
After all the (theorical) OSI standards did exist, and everybody hoped that ATM would replace tcp/ip
When you see the QOS needed for VOIP, Video-conference and live TV feed
The RIAA and MPAA get representatives in the Internet 3.0 rebuilding committee, eliminate the pesky peer-to-peer architecture in favour of regulated servers and restricted clients, and build pervasive DRM into it at the protocol level.
Nein; das ging ja nicht, baby.
In the name of Her Majesty the Queen, Freddy Mercury and the Holy Emperor of Japan!
We are hereby announcing to all subjects under our rule that:
Based on royal wisdom and the requirement to better align with world-wide trade, all network traffic in the UK and Japan will be converted to right-hand packet drive during the 2005 Great Internet Shutdown period of the monkey.
In order to migrate away from left-hand packet drive, TX and RX legs will have to be swapped in all RJ-45 ethernet cables. In coaxial thinnet, the core and the shield contacts will have to be swapped. In fibre optic networks, the wavelenght of light will have to be inversed. This is commonly facilitated by swapping red LEDs to green ones. For more exotic networks, the required technical information can be found in the bulletin titled "De Rerum Novarum" issued by the Holy See.
After the right-hand packet drive conversion all network measurements will have to be provided in SI units. The use of customary and imperial units will automatically result in the punishment of removal of entry from the DNS system.
.. better, stronger, faster.
The only problem is crappy NAT boxes that cost $20... If I want to hide my intranet NAT is the only right way to do it.
"What a penis"
... I personally have trouble listening to the great technical wisdom of some dickhead incapable of 'cumoonikatin wit ur coleegs at an encredeebul tekneekul levul".
OK, it was three, but people here on slashdot can't count anyway.
I would like a new car, totally redesigned, very different. Problem is that this new car isn't capable of driving on the current roads, it requires a new infrastructure.
Is this guy high ? He must be smoking crack, they can't be paying him for this utter rubbish. Can they ?
And as for the "wont happend" thread
I'm drawn to, but constantly amazed by the pure number of stupid people whom frequent slashdot. It's like a herd of stupid people pretending to be amazingly stupid people indeed, with extra stupidity thrown in for good measure.
I'm guessing, but the average age here must be 16, with -5 years experience. I wish the domain would lapse so that I could buy it and clean this up. We'd be done with morons, only valid, useful, readable posts would get through the kretin filters.
Slashdot is to my art of science as McDonalds is to fuckin' fat 400 pound-living-at-home-with-parents-virgins, which by a startling coincidence is the vast majority slashdot posters.
Wow, what a rant. Well, you all deserve it.
"u orl deeserv it fukkas"
Well, I have to go, my girlfiend is waiting for me in bed, she's listening to the Hitch hikers guide to the galaxy, although her name is not Trillian.
why dont you just start here: http://anonet.fshell.org/
This is the NSF which controls quite a lot of the university grant money. Combine that with the federal government getting on board and you already have a good chunk of critical mass. The usual order for things is:
University -> military -> porn -> mainstream corporate america -> home users
The NSF can get the first 2 steps.
How in the world is this Offtopic?
pr0n and Sci-Fi are the backbone of the Internet. Name an advance in Internet technology that didn't come from the pr0n community first. I mean, what else do you use 'tabbed browsing' for? Business?
The opposite of progress is congress
I just completed downloading the internet! Darn!
One of the key points in the article (that has been missed so far) is that the research for this is being done on the National Lambda Rail. One key technology that hasn't been mentioned yet is DWDM (Dense Wave Division Multiplexing). This runs 30-40 different wavelengths over a single fiber. Each wavelength (lambda) can currently carry 10 Gb/s of data, 40 Gb/s in some cases, and 100 Gb/s is on its way. That means that a single fiber can carry up to 4 Tb/sec of data in the real near future (right now in some labs). The next important technology is ROADMs (Reconfigurable Optical Add/Drop Multiplexers). These devices allow individual lambdas to be inserted, extracted, or tapped from a fiber. Next is GMPLS (Generalized Multiprotocol Label Switching). This a switching framework that ties together the ROADMs and optical switches to allow a single lambda to be routed through an optical mesh network. Actually it sets up a per use circuit through the mesh for any particular lambda. Also, anything that can be converted to an optical wavelength can be routed over this kind of network, not just ethernet. Fibre Channel, SONET, high defition video and ethernet can all be routed over this kind of network at the same time.
"David Clark, who led the development of the internet in the 1970s"
Vint Cerf, Al Gore, David Clark...?
The Internet billing model right now is fucked up.
The content provider pays, the consumers pay nothing but a flat rate. So if you have a popular web site today and get slashdotted, you are hosed.
The users should pay the bandwidth costs, not the content providers. Otherwise, you can go bankrupt trying to publish free information.
Want to run *two* webservers behind NAT? Say goodbye to half of your visitors behind stupid proxies that only relay requests to port 80
Is this a bad ad hoc example (would not be surprising)? A shortcoming of iptables (would be surprising)? I believe OpenBSD and pf will do this. I haven't tried it myself but I believe pf can redirect port 80 to more than one machine as part of load balancing.
"Look at phishing and spam, and zombies, and all this crap," said Clark. "Show me how six incremental changes are going to make them go away."
I can do it in two incremental changes.
Ban any application that explicitly provides a mechanism for automatically executing native code or unrestricted scripts received from an untrusted source. With or without a "Do you really want to do something stupid" dialog.
No ActiveX, no "open safe files after download", no "click here to install XPI", nothing.
Ban any operating system that, after a normal install, has any network servers listening for routed protocols without explicit action by an actual human being.
No sendmail/apache/NFS, no Lan Manager/Windows Networking, nothing.
Without these changes, no changes at the network level will do anything to solve the problem he's trying to solve. With them, you limit attackers to social engineering... and it is possible to learn not to be socially engineerable.
Important Stuff
# Please try to keep posts on topic.
# Try to reply to other people's comments instead of starting new threads.
# Read other people's messages before posting your own to avoid simply duplicating what has already been said.
# Use a clear subject that describes what your message is about.
# Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
Problems regarding accounts or comment posting should be sent to CowboyNeal.
Load balancing can be also be done with iptables. See also this thread on the netfilter mailing list.
My blog
When you see the QOS needed for VOIP, Video-conference and live TV feed
Funny, I don't seem to need QOS for any of that. Are you sure you're using the same network as everyone else?
After all the (theorical) OSI standards did exist
I was using OSI stack networking protocols back then.
Be glad they didn't take off. Oh, my god, be so very very glad they didn't take off.
IPv6 makes sense it gives us enough address space for many human generations to come. Also if everything was connected to the Internet security would lie in smartly designed software, quality software. There is a growing market for this type of quality software. The weakest link is humans and those not technically able to protect themselves should seek a buddy that helps them make the right decisions. Beware of monopolies like Microsoft though, strength lies in diversity.
Actually, there is something like a backwards compatible API. At least under Linux, I don't know what the other architectures are doing.
::ffff:xxxx:xxxx address range, where xxxx:xxxx is an actual IPv4 address. (also sometimes written as ::ffff:###.###.###.###)
/etc/hosts or address parsing or whatever) and return a list of "addresses". The address can be an IPv4 or IPv6 address, you don't really need to care, just pass the returned information to the socket calls and you have your stream or datagram file handle. Even if the added IPv9 or something else, your application will most likely just work since it doesn't care.
In the IPv6 address space there is the
This means that applications can use the IPv6 sockets API but then use the old IPv4 stack.
This means that a newly written application can use the IPv6 API and still work with the current Internet without the explicit need to support both. A lot of OSS software already supports this.
You can find this in your logs when you have loaded the IPv6 module.
Jul 1 14:35:59 server imapd: LOGIN, user=xxxxxxxx, ip=[::ffff:192.168.xx.x], protocol=IMAP
Also there are some new APIs in the C library that make it easy to write completely (or mostly) protocol-independent software.
Like the "getaddrinfo" library call. It will do a hostname lookup (via DNS,
Most applications are rather easy to port to either the IPv6 API or the protocol independent API. What's more complicated is to port ACL checking and these things because that's where applications start parsing the addresses itself. Or if applications want to store address data or transmit it inside their protocol.
Will it run Linux?
Just do not let Microsoft help develop it. Can you imagine accessing the Microsoft Winternet2 that is totally propietary and incompatable with the current internet. AND It crashes and has to be restarted every half an hour. And when you are unavailable it just delivers to a random person near you so it can be helpful and you never loose another email.
Let me guess, it will contain the data equivalent of a "Broadcast Flag" right? (ie: copyright flag)
Clark to himself: "Hmmm I invented this internet but I forget to patent it... why don't I make a new internet (Internet II), and everyone will have to pay me for it."
I've run two webservers behind NAT. I just read the http request on one machine, differentiate based on name and forward to the relevent server. Piece of piss. Dunno what you're whinging about.
You might have a point if your example was some kind of UDP layer, but that's the fault of protocols that rely on IP instead of name. Any fule kno that IP != name.
Justin.
You're only jealous cos the little penguins are talking to me.
Second, absolutely mandate IPSec
Third, mnandate QoS
use X.509 certificates at both host and user levels
I would not have thought it possible for someone to have been around this long and still completeley miscomprehend the utility of the dumb network.
My hat goes off to you sir.
One more reason to rag on those Halliburton assholes.
Could any of these organizations possibly justify needing more than a couple thousand public IPs, ever?
Despite what EULAs say, most software is sold, not licensed.
I'm not done looking at the one I've got now!
Dark Reflection
Things that NATs break
Fix all those, and you'll have invented IPv6 ...
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
*claps*
Well done, sir. Best troll in a long time.
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
you can read the papers here. I recommend the first few pages of "NewArch Final Technical Report" to find out answers to your questions
NewArch Project: Future-Generation Internet Architecture
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
1992 called, they want their Bespin smuggler with a primitive gun back.
--
Trolling the trolls since...um, June 2005.
For that matter, we could just define the secondary channel on the serial port as full-speed, then use the serial line for everything. Forget ethernet frames entirely. Early networks were, quite literally, just serial cables (or parallel cables, for short enough connects) strung between machines. XON/XOFF should be enough for anyone.
Ah, a certain amount of intelligence is required for an efficient network. The question is, how much is too much? ("Too much" can loosely be defined as the point where the overheads exceed the benefits.)
Well, studies do seem to show QoS overheads are well below the benefits, for bursty connects and connects that are running close enough to capacity that the probability of cascading collisions is significant.
This describes the Internet very well - meltdowns are so common, they aren't even remarked on any more, and are so common that most high-end users have long-since bailed out onto dedicated circuits with guaranteed bandwidth. MCI uses MPLS and CBQ extensively on their business networks.
So, we're to assume MCI are ignorant fools? After all, they use all this fancy intelligent networking stuff. Well, I won't comment on their intelligence, but I will say that they DO provide the guaranteed level of service - at least, when the lines aren't defective. That's been the biggest problem I've noticed with them, not the routing or the network intelligence.
Seems actual on-the-ground experience suggests highly intelligent networks are actually a highly intelligent way to go.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
That's a really interesting way of looking at it; I knew little to nothing of network architecture in those days, so I just remember BBS's. Nothing about larger networking. (Well, maybe FIDONet.)
I want to use that "the average American internet user uses $1 a year of USA backbone traffic" statistic. Do you have a source?
I agree with a sibling poster; IP multicast would be a wonderful windfall for distribution, putting at least some of the power back in the hands of the little fella. (Not to mention making Bittorrent a dozen times more powerful.)
But no one will buy their silly services now that they can just use the raw bandwidth. Right? Right? This is why ISPs don't provide NNTP servers any more.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
You are using NAT where you should be using a firewall. You want to restrict which addresses can get to which other addresses? In an awkward and stupid way, NAT can do that for you. But everything would be much simpler and more flexible if everybody had publicly routable addresses, and access were restricted at a firewall. NAT is a nasty hack, not a security tool.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
why would we ever need a new internet? it's not like there's 100 million Chinese online today and the Net was built before Kanji and other ideograms became popular ...
seriously, let's go to IPv6 with Mars/Saturn/Jupiter extensions, ditch all the cruft, and do it right.
-- Tigger warning: This post may contain tiggers! --
Douglas Adam quote sums up the problems with David Clark's thinking in one swift stroke;
"A common mistake that people make when trying to design something completely foolproof was to underestimate the ingenuity of complete fools."
2. The central registry would be choosable by the user, however it would probably default to some profitable organization that would charge companies to be listed. What is does stop is spoofing. The whole point is that regardless yo know that the "System error" is a real system error because it isnt ORANGE or RED boardered. This is just so your you can tell your mom.. If a window says you have a virus, only trust the blue boardered ones.. (hand waving here)
3. The tokens would be a proof of work system that would be hard to compute, easy to verify. While I'll add some hand waving here.. it could be something as simple as running a checksum on the FULL email (including recipient name and time), and then finding where a fixed number of binary digits occur in PI. Generally the hardened email system would gradually up the criteria for what can get through.. making the sending of mass spam expensive.. (more hand waving here)
4. Each application gets it's own sandboxing, application X cant keylog application Y.. and the OS should let you turn off any third party application, I dont want the Bonzai Buddy turning on an 'unturnoffable' flag that says that bonzai buddy is way too important to be disabled. But it still leaves some big honking holes in how to get it happy.
5. Ok the whole not spying thing pretty much prevents the just your talking about from the start. The apps dont have the option to "raw read, or patch themselves into the OS, if you added a hook to a system library, it would invalidate the system library because the checksum/sig wouldnt be valid. The operating system would require that all system files be "signed" as in cryptographically. If a new patch comes out, it has to be signed as well. The sig would only be valid from MS for their OS, I really dont want ANYONE else adding to windows, even if it is convienent, it still opens up too many holes.
6. The registry would just be a user-vote system, with the results to simply be a compilation of data from users who felt that feedback was nessisary. But the legal options do need to be examined..
The databases would be run by various organizations, and users would have to select a "trustable" source.... still not a perfect world.
hmmm you are right, I need more of a -1 offtopic, but my fingers were needing a good walk.
My apologies to all of the eyeballs that read through my tripe. and to the grey-matter behind them.
Storm
P.S. 'ere
You saw the ruling - this just encourages more efficient and faster piracy. It is illegal, immoral and aids terrorists.
Just wait until the MPAA and RIAA hear about it.
I'd *HATE* it if my ISP NATed me instead of giving me at least one real address.
There we have it folks. He thinks it's fine to put everyone else behind NAT, but he gets his own address. Can you say 'not in my back yard'?
There should be speed limits, but I'd *HATE* it if I was caught for speeding.
There should be taxes, but I'd *HATE* it if I lost a huge chunk of my wages through taxes.
Here's a test: if someone says that everyone should have to do something, but he should be excluded, he's a fucking hypocrite.
First Metcalfe, now Clark. Do they put something in the water at IETF meetings?
Ubiquity is no excusse for Windows: Over 70% of the web is served by Apache, yet attempts against it are relatively rare.
If you need to retrieve a tree structure of files, download several files from a single server, or need to upload files, FTP is the way to do it. If you need to download only one file, or several files in parallel (typical webbrowsing), then HTTP is your friend.
I used up all my sick days, so I'm calling in dead.
You just don't get what he's saying, and you're not making any sense.
"The only time FTP has less overhead than TCP is when you're retrieving several files."
I'm going to make a guess here and assume you mean HTTP, not TCP.
First, take a look at the FTP RFC.
http://www.freesoft.org/CIE/RFC/959/index.htm
Then, take a look at the HTTP 1.1 RFC:
ftp://ftp.isi.edu/in-notes/rfc2616.txt
You tell me which has more overhead? A notable part of the difference is the encoding; FTP can transfer data straight binary - no MIME types or special encoding to send the data over the channel.
"the overhead of FTP can be significantly higher than HTTP (logon banners)."
Are you kidding?
" For HTTP, you send the request and sit back and wait for the data. "
If browsers were as simple as an FTP client, this might be true. But don't forget about all the banners and lots of extra data that gets communicated between your average browser and HTTP server these days. Not to mention cookies.
"With FTP, you have to login (USER, PASS), which both require you to wait for confirmation before you can PORT and RETR."
All of this is is likely done in less then 100 bytes of data transferred.
"Not to mention the overhead of establishing another TCP socket to pass the data over."
Here's a quick run down of how a TCP connection is established:
1. Packet sent from initiating machine. Very small packet (bytes) with the SYN flag set.
2. Recieving machine gets packet with SYN. Sends packet back (bytes) with the SYN and ACK flags set.
3. Initiating machine sends back another small packet (bytes) with the ACK flag set.
The amount of data necessary to open a raw TCP connection is so miniscule that it's almost not worth mentioning.
"If you need to retrieve a tree structure of files, download several files from a single server, or need to upload files, FTP is the way to do it. If you need to download only one file, or several files in parallel (typical webbrowsing), then HTTP is your friend."
You're looking at this from a user perspective, not a technical one.
FTP is very low overhead (read: almost zero,) it's a very intelligent design, and it works great over slow and unreliable connections to boot.
Nobody is saying we should replace HTTP with the FTP protocol.
- It's not the Macs I hate. It's Digg users. -
I agree about the evilness of NAT, but there is a critical flaw in this argument:
"A million worms, trying 10 IPv6 addresses per second, won't find more than a tiny fraction of vulnerable machines in a year."
I believe your assumption is that current IPv4 nodes would become randomly addressed within the IPv6 space. Frankly, that is unlikely. Major ISPs and internal LANs will probably still assign contiguous addresses via DHCP, meaning to attack N active users you just target PREFIX:0 to PREFIX:N. Even if PREFIXes are assigned randomly, major ISPs will probably still place millions of nodes on the same PREFIX. Worms will evolve, and will not be significantly thwarted simply by switching to IPv6.
Fully randomized V6 addressing would help but I am unconvinced major networks will consistently deploy that even if it were MUSTed in the DHCPv6 RFC.
To justify my cynicism with a corollary: OpenBSD is the only major OS that randomizes TCP/UDP port autobind, even though the predictable Linux + Windows allocation from 1024+ assists many forms of evil.
Any new infrastructure is feasible, if it routes IP as a legacy service, and interacts nicely with a necessary subset of old protocols, like BGP, and provides rudimentary client side tools and proxies to acess the IP world outside.
I see the problem with IP is that it is both too high level and too low level. It is too high because it requires global addressing state inside the network and does not expose nodes inside to the end nodes. It is too low, because it operates on packet level, not on a level of an abstract byte stream (or a "connection", if you want), which could be negotiated for security and speed control.
Plan 9 9P/2000P provides a better altervative. As a inheritant of file level UUCP ideas with local addressing and source routing, it provides exact control of all nodes in communication with no centralized addressing. Each hop is always authenticated with application developer friendly protocols. It is perfectly capable of carrying itself over IP links, or carrying IP over 9P.
Anssi Porttikivi / app@iki.fi
You would be 100% incorrect. HTTP has a lot of encoding overhead. A login and password is nothing. You might want to learn more about the protocols before you comment further.
You get a cookie for actually knowing what you're talking about. Around here, that's rare! Congrats! :)
The point I was trying to make was that HTTP uses TCP just the same as FTP does, and that FTP has some downsides to it. However, I'm still not convinced that HTTP has any more data overhead than FTP does. If you have more information on what overhead HTTP has that FTP doesn't, I'd appreciate it.
I used up all my sick days, so I'm calling in dead.
I can handle being wrong, but the "ha-ha, you're stupid" attitude doesn't help.
I used up all my sick days, so I'm calling in dead.
That's what I get for typing in a hurry. Encoding = "header overhead", plus the potential for base64/language encoding, depending on the mine type. And that can vary wildly depending on http server configuration and client mime type support. As a measure of oddity potential, it's also possible to actually HTTP-gzip encode a download which is already compressed, which can actually make the download larger. Yes, that would be rare, but my point is, HTTP is largely an unknown because of so many site to site variables. HTTP has rather large headers and only handles a single file at a time. This means with HTTP, it's not unreasonable to expect an exchange of very large headers for each and every file downloaded with HTTP. Sure, you can argue a minimum HTTP header size, but even the smallest is larger than what is required for FTP; including anonymous login. On the other hand, it's not unreasonable at all to expect the headers to be fairly large, especially once you start adding in cookies and/or a put overhead request; which has become increasingly popular these days. Long story short, FTP has a known, fixed overheader. HTTP is bulky and can widly vary from download to download.
The original version of http (1.0) did not support content length. Version 1.1 does. HTTP has a long history of not being reliable (corrupt downloads, etc) because of lacking content length. Version 1.1 does greatly address this http shortcoming but does so by adding yet more header overhead. I would ahve to dig, but I believe HTTP still has some realiability concerns. Which, in turn, means the potential for yet another download.
FTP has always has native support for resuming transfers. HTTP originally did not. Version 1.1 of HTTP does allow for resuming of transfers, but is limited based on the content type and encoding (if any); so it's not always available. Futhermore, a content length is not required, even with HTTP. This is important because a lot of proxies still only support HTTP 1.0. And yes, transpartent proxies can still be in the mix.
Long story short, FTP is better for transfering files. For very small downloads, the HTTP overhead can become significant overhead. For very large files, the overhead can be pushed to background, but you still have reliability concerns (IIRC); which may require restarting the download from the beginning. About the only situation that one can argue that HTTP wins is for downloading very large files over very reliable and very, very high latency connections. In other words, that situation just does not come up in the real world. Worse, if the download is truly large, at best, you will still be on par with FTP.
One could argue that FTP has a slightly higher latency for download startup but actually has a much lower startup bandwidth demand. It is easily possible for an HTTP request to exceed a single MTU worth of data (excluding TCP/IP overhead). FTP, on the otherhand, can be initiated with less than a couple bundred bytes spread out over
several packets.
Generally speaking, if speed is what you want, FTP is what you want.
Opps...and I forgot to add, FTP's login is done only once. The data connections do not authenticate, which is why the ports are specified as part of the transfer start.
Base64 encoding does not happen on HTTP transfers. The only time I've seen base64 encoding used on webservers is when encoding binary data into cookies. There's obviously nothing in the HTTP spec that prevents base64 content encoding, but it would be an extension, and non-standard (not to mention almost completely useless because HTTP has no reason to be 8bit-clean).
Gzip (or deflate) is designed to only add 5 bytes per 32KiB (0.015%). Phil Katz designed the format extremely well in this regard. It's a pity that he's no longer with us. Besides, on a properly configured server, you'd specifically exclude already compressed files.
That is true if you consider the minimum required for both protocols, however, I've noticed many FTPs with very verbose MOTD banners. The one Debian FTP mirror I connected to had a 983 byte MOTD in addition to all the usual protocol parts (this pales in comparison to ftp.kernel.org, which weighs in at a hefty 2208 bytes). With that same request size, I could send a reasonably complex request to any webserver, including cookie, and referrer.
I'll concede that it's easier to resume transfers done via FTP, if for no other reason than the software for FTP access is typically designed to have that feature, and HTTP clients (webbrowsers) do not. Anyone who has ever used IE knows that there's no way to tell IE to resume -- if it wants to resume it will, and it it doesn't want it, it won't. Firefox does the same.
Even if the webbrowsers had well designed resume features, there'd still be obnoxious web applications that pipe the file through the webapp to prevent off-site linking to the download (and these webapps are typically not well designed enough to sent a meaningful Content-Length or Last-Modified header, let alone accept the Range header). So for large files, especially on unreliable connections, FTP has some clear benefits.
Assuming a meager 30ms roundtrip time, and 1 Mbps connection, you could download 3.7KB for each extra roundtrip an FTP connection would add (at least three). A 42kbps modem user with 150ms latency could get 787bytes per command. This has a large effect on the perception of speed (it gets even worse if the FTP server is [mis]configured to wait for an IDENT response before it finishes establishing the connection).
I still believe that there's no meaningful overhead difference between FTP and HTTP (at least for real-life situations and single file transfers). We're talking about differences of one to two kilobytes for an HTTP request versus 100 bytes to two kilobytes for an FTP connection, with the normal difference probably being around one kilobyte. When talking about files in the hundreds of kilobytes, that's not a high overhead. When I see people say that HTTP has a high overhead, I'm left wondering if they believe that HTTP servers base64 encode binary files like MUAs must (HTTP uses MIME types and some look-alike headers, but not MIME encoding - see RFC 2616 19.4).
There are obvious uses for FT
I used up all my sick days, so I'm calling in dead.
could you and I, not with fate, conspire
to break this sorry scheme of things entire
could we not shatter it to bits and then
remold it nearer to our heart's desire!
- The Internet Swansong
More seriously, this is just a PR news item for a piddly little grant of $200K. MIT researchers routinely engage in this kind of vaporware research including much-hyped off-their-bottoms position papers in tight community-knit workshops.
NSF routinely awards much larger grants greater than $500K and very often even more than $1 million on collaborative grants. None of them make news, but this one does because Dave Clark is soooooo good at PR. Of course, as the article says, the program managers refused to talk to this reporter because they knew what it was worth -- nothing!!
For more info, search for recent awards on http://www.nsf.gov/
Thank you for the response.
;)
You seemed sincere and proved polite to boot. It's my pleasure; even if we fail to see eye at the end of this.
Base64 encoding does not happen on HTTP transfers. The only time I've seen base64 encoding used on webservers is when encoding binary data into cookies. There's obviously nothing in the HTTP spec that prevents base64 content encoding, but it would be an extension, and non-standard (not to mention almost completely useless because HTTP has no reason to be 8bit-clean).
You need to take a closer look. HTTP, in of it self, may not be 8-bit clean for a specific MIME type. But, MIME types differ and ecoding can ensue without you even knowing. Encoding can range from base64 to unicode. Simple fact is, you really never know what you're going to download when you use HTTP. That makes for a huge unknown. Remember, content can change file type to file type and even your local can effect what you get. In short, for you to say that base64 encoding does not occur on HTTP connections, is wrong. Period. Simple fact is, it MAY or MAY NOT be base64 encoding, compressed, localized, etc....it greatly depends and deferes from server to server, the server's location and configuration, the file (MIME type) you're downloading, etc. To rule it out is wrong.
Gzip (or deflate) is designed to only add 5 bytes per 32KiB (0.015%).So for large files, especially on unreliable connections, FTP has some clear benefits.
I completely agree here. Simple fact is, if you have a download fail via HTTP (happens ALOT), you are looking at using up to 199% of the origianal download bandwidth with HTTP. That's not only clear, but huge; especially for large files. I've lost count how many times I've had to restart downloads of very large files which pettered out anywhere from 40% - 95% complete via HTTP. With FTP, I stop the download, go to another mirror and resume. With HTTP, I just paid a 40%-90% overhead penalty. This is a common problem with HTTP. And, everyime you change downloads sites, chances are, you have to do a lot of navigation to get to the download, just to start it, to send up large headers all over again, to start an unknown content download, with an unknown result; which may have to start all over again. I can say, my personal best for having to resume large downloads is 6-times before I got the entire ISO. That's hardly a small difference.
This has a large effect on the perception of speed
Not really. Most time and throughput estimates tend to start high and float downward. Realistically, no one will ever the latency and as such, will have zero impact on perception.
(it gets even worse if the FTP server is [mis]configured to wait for an IDENT response before it finishes establishing the connection).
You didn't cry foul when I spoke of misconfiguration for a web site so I guess I can't cry too loud here either. Just the same, services don't use IDENT much; sve perhaps for IRC. Sure it's possible some wacky configuration may create this situation, but I'd be willing to pull a number out of my tailpipe that says a badly confiugred web server which does bad things is many order of magnitude more probable than is a ftp server which has been misconfigured to use IDENT.
I still believe that there's no meaningful overhead difference between FTP and HTTP
Feel free to do so. The simple fact is, when it comes to speed and reliability, FTP is where it's at. If you enjoy falied downloads, unknowns as to what you're actually downloading (up to 200% (unicode/local conversion) overhead + 33% (base64) of the 200%), inability to resume downloads (with costs up to 199% of the total bandwidth), by all means, continue to believe that HTTP is great for downloads. Simple fact is, HTTP is and always has been designed for many, small, synchronous downloads where failure results in clicking the, "reload", button. Realistically, that's where HTTP belo
Well, I'm just getting this directly from RFC 2616.
19.4 Differences Between HTTP Entities and RFC 2045 Entities
19.4.5 No Content-Transfer-Encoding
As I said, I've seen base64 used in HTTP before, but not in the transfer itself. I've seen it encoded into cookies and form elements (and maybe view-source on webmail messages). The only way HTTP is supposed to deliver something base64 encoded is if the source material was base64 encoded. HTTP uses the MIME types just the same as Linux desktop environments do -- to identify the file type, nothing more.
Well, the reason I choose IDENT is the fact that it's still on by default in most FTP daemons (it's not their fault, really, it was a "different time" when they were designed). I'm sure everyone has experienced the MIME type misconfigurations which result in the webbrowser trying to display a file when it's not text/plain. Or the character set encoding problems where the server reports that it's UCS-2, but it's just iso8859-1, or vice-versa. On the other hand, FTP clients sometimes get the wonderful task of trying to deal with the [broken] "DOS" directory format of IIS FTP.
I will admit that it is possible for the server to convert the format into Unicode since nothing in the RFC disallows that. The standard gives implementers three choices for the Accept-Charset header, deliver the document in the requested charset, give a 406 error, or deliver an unacceptable charset anyway. It would be a little unusual to see a conversion, however, since most HTTP servers only use it as a suggestion, not a hardline rule, and happily deliver a non-requested format if that's all they have available. Besides, when we're talking about downloads, they're usually a binary file, and converting those would generally corrupt them.
As for the reliability angle, I guess it's been so long that I've had a stable connection that I've forgotten about the frustration of downloading something 4 or 5 times. Not to mention that when I want to download an ISO, I usually look for a bittorrent link instead of an FTP or HTTP site (since resumability is built-in, and it generally uses all of my bandwidth to download). I do vaguely remember using software like GetRight to resume broken HTTP downloads, and I believe I did hate it.
There are a lot of possible downsides to HTTP. The biggest o
I used up all my sick days, so I'm calling in dead.
Fair enough. I still claim FTP is better and faster for transfering files. I do conceed you've made some excellent points.
Fair enough.
Thanks for a civil discussion, something rather rare here these days.
I used up all my sick days, so I'm calling in dead.