David Clark: Rebuild the Internet

boarder8925 writes "David Clark, who led the development of the internet in the 1970s, is working with the National Science Foundation on a plan for a whole new infrastructure to replace today's global network. The NSF aims to put out a request for proposals in the fall for plans and designs that could lead to what Clark called a 'clean slate' internet architecture. Those designs, Clark said, could be tested on the National LambdaRail, the nationwide optical network that researchers are using to experiment with new networking technologies and applications."

Wont happend

[Bruj0]

"A whole new infraestructure" you say?.
We cant even start using the new ipv6 protocol. I dont think we are there yet. Try in 10 or so years.

Re:Wont happend

[drmerope]

Might be because we realized that the IPV6 protocol was unnecessary.

Once people were forced to NAT, it suddently dawned on the great mass of people that workstations shouldn't be getting public IPs for security and management reasons.

Nor for that matter should these up and coming embedded devices be placed on the public internet either. It just isn't appropriate.

Remember: The Internet was supposed to be a network of networks NOT _THE NETWORK_.

Most of the remaining IP allocation problems result from certain lingering gross misallocations such as the Class A block assigned to MIT.

Re:Wont happend

NAT is the greatest evil to befall the Internet.
Want to run a webserver behind NAT? Forward the port through NAT. Want to run *two* webservers behind NAT? Say goodbye to half of your visitors behind stupid proxies that only relay requests to port 80.

NAT is bad because it is a complex layer of translation software, NOT a firewall. Its job is to try to fit packets through places where they shouldn't be going, not the other way around. A stateful firewall is a much better solution. Even Windows XP SP2 gets it right in that regard.

Unless you *like* translation gateways everywhere, the idea of a network of networks is a silly idea. MITM attacks and the general waste of resources are the two biggest problems with that concept.

Embedded devices like, say, a PDA shouldn't be on the Internet to receive phone calls or send email? What do you have against the Internet that a stateful firewall and a well written network stack wouldn't fix?

Re:Wont happend

[J.+Random+Luser]

... certain lingering gross misallocations ...


6.0.0.0/8 DoD Network Information Center
7.0.0.0/8 Defense Information Systems Agency
8.0.0.0/8 Level 3 Communications, Inc
9.0.0.0/8 IBM Corporation
11.0.0.0/8 DoD Intel Information Systems
12.0.0.0/8 AT&T WorldNet Services
13.0.0.0/8 Xerox Palo Alto Research Center
15, 16.0.0.0/8 Hewlett-Packard Company
17.0.0.0/8 Apple Computer, Inc.
18.0.0.0/8 Massachusetts Institute of Technology
19.0.0.0/8 Ford Motor Company
20.0.0.0/8 Computer Sciences Corporation
21, 22.0.0.0/8 DoD Network Information Center
25.0.0.0/8 Royal Signals and Radar Establishment
26, 28, 29, 30.0.0.0/8 DoD Network Information Center
32.0.0.0/8 AT&T Global Network Services
33.0.0.0/8 DoD Network Information Center
34.0.0.0/8 Halliburton Company
35.0.0.0/8 Merit Network Inc.
38.0.0.0/8 Performance Systems International Inc.
40.0.0.0/8 Eli Lilly and Company
41.0.0.0/8 African Network Information Center
44.0.0.0/8 Amateur Radio Digital Communications
45.0.0.0/8 Interop Show Network
47.0.0.0/8 Bell-Northern Research
48.0.0.0/8 Prudential Securities Inc.
51.0.0.0/8 Department of Social Security of UK
52.0.0.0/8 E.I. du Pont de Nemours and Co., Inc.
53.0.0.0/8 cap debis ccs (c/o Mercedes Benz AG
54.0.0.0/8 Merck and Co., Inc.
55.0.0.0/8 DoD Network Information Center
56.0.0.0/8 U.S. Postal Service
57.0.0.0/8 SITA-Societe Internationale de Telecommunications Aeronautiques
1,2,3,4,5,14, 23, 27, 31, 36, 37, 39, 42, 46, 49, 50 are reserved to IANA

It would be tempting to say: Nothing to see here people... please move along..., but amongst all the squatters is one new allocation, a single class A net allocated this year for the entire African continent. It works too, I've already had two 419s from it ;-)

Re:Wont happend

NAT is a horrible solution. When I see someone actively _advocating_ more NAT I know that either they're selling a NAT product ("Cutting your face off is a great idea, and with new faceCutOff DX we guarantee only a few weeks of agony!") or they haven't looked very hard at the problem.

The Internet is a Peer-to-Peer network. Yesterday's big application, the "web app" didn't need this feature, but tomorrows potential big applications almost all do. If you disable them by using NAT, you're back where businesses were in 1996 when they started to realise that they should be on the web but had no clue how. Oops.

Seen all those annoying worms that choose random IPv4 Internet addresses and attack them? If a hundred of those worms hit one address per second they'll hit most machines in a year. With a thousand infected machines they'll take a month, But with IPv6 they don't stand a chance. A million worms, trying 10 IPv6 addresses per second, won't find more than a tiny fraction of vulnerable machines in a year. Even inside your much smaller corporate network "guessing" IPv6 addresses isn't feasible.

Elsewhere in this thread someone has observed that ordinary customers don't switch at the point of least pain. They wait, and wait, until they can't tolerate any more pain and then switch. Then they say "Oh, that was better than I expected" and maybe write an article for their trade magazine, "Why switching was actually a pretty good idea".

The point of least pain came when more than one network hardware vendor had IPv6 native. That was several years ago. Anyone buying new kit after that point should have been negotiating for IPv6 and either getting it, or getting a discount to "do without" it for a few more years. Otherwise you're a sucker.

Let's rebuild it with

[Man+in+Spandex]

PHP and MySQL which can do anything!

Reminds me of old habits

[fmwap]

"Fuck it! I'll rewrite it from scratch."

That approach is always more fun

IPv6

[scoove]

We cant even start using the new ipv6 protocol. I dont think we are there yet.

I've been to IPv6 summits. I've also served as the senior technology officer for several telecom companies (one of which was a very first CIX-W router connected ISP and frustration to Paul Vixie in our rather unique connection to the early Santa Clara peer point).

Through my experience, I've advocated IPv6, yet I've found significant resistance from nearly all sectors of business (except from South Korean and South American investors - go figure). Some of the problems IPv6 plans (and this "new infrastructure" pipe dream) face include:

• zero customer demand: dot-com was great for us geeks pushing ideas before their time. Fortunately or not, its demise meant a return to financial foundations. If customers don't demand it, there's no reason to work on it today. If it's the next great thing, then get customers understanding it! (Thought: How do we do this for IPv6? I can think of a thousand technical explanations for why this is. My customers would tell me they expect me to do these things already at no additional cost to them. Absent additional capital, it ain't happening in today's telecom market). Lacking a killer ap that only works in IPv6 land, the finance people won't back any infrastructure upgrade. Here's the rule: either make money or save money. IPv6... well, it adds features without really making or saving money. Guess what the CFO will decide? New features don't quite present well in any capital budget analysis (and rightfully so).
  
  
• State of the consumer market: Let's be honest for a second. While we dream of IPv6 efficiencies, the world out there is clinging onto Windows 98, first edition. They're stuck in the IP dark ages (hell, I had a discussion today with a Fortune 500 senior manager who thought dialup optimization was the same thing as broadband. *sigh* It's the Dilbert PHB "etch and sketch" laptop all over again!). These are people that can't understand their kids P2P and the five trojans pushing out spam are why their broadband is slow. These are the people that refuse to use antivirus, personal firewalls and spyware detection. Do you expect them to understand the nuances of better IP networks? QoS? Mobile IP? Dream on...
  
  
• We've forgotten our dirty bastard heritage: Don't forget, TCP/IP was the the dark horse protocol. OSI was the committees pick, yet nasty old ad hoc IP ended up winning out. NSFNET and the Baby Bell NAP plan connected by ANS was Al Gore's dream for a monopoly-powered Internet, which also flopped. A brutish commercial ISP network launched by the early CIX won out. Rarely does the committee solution prevail. Technology is one of the few areas where natural selection tends to ignore the best intentions of the wealthy and powerful elites.
  

Don't think I'm not wild about IPv6. I geek out and run it over AX.25 amateur networks for fun (what better way to learn a protocol). Yet the days of getting capital markets worked up in a frenzy, ready to throw hundreds of millions at network replacement are gone. Unless this latest dream is based on new tax revenues from all of us (which only creates messes like the original unaccountable NSFNET regionals), it won't go anywhere.

*scoove*

Yeah, thanks a lot NAT

[ashpool7]

Thanks for making "secure by default" less important.

Thanks for retarding IPv6 development.

Thanks for necessitating the invention of UPnP.

Thanks for screwing up peer to peer connections for legitimate things like videoconferencing and file transfers.

Thanks for continuing to allow ISPs to treat IP addresses like some sort of rare element.

Thanks for mangling things like FTP.

Now, with billing!

[Animats]

Clark said he would like to see two things addressed in any replacement for the current internet. The first is a coherent security architecture. The second is a healthy economic infrastructure for network service providers, who will need a bigger piece of the pie in the new internet than the one they are getting now if they are going to help pay for building it.

This guy must be getting support from a telco.

Telecommunications providers hate the Internet. Not only is the Internet too cheap, it's not set up for detailed billing. The US Internet backbone cost about $1bn to build, and costs about $100 million per year to run. For something that handles over 100 million users, that's nothing. All the intelligence is in the end nodes, so telcos don't get to add "value added services" for which they can overcharge.

What telcos want is an environment they control, like cell phones. With charges for everything from ring tones to SMS messages. That's what Clark is talking about here.

The telcos tried this idea back in the 1980s, and it was called TP4, or "ISO 8073 COTP Connection-Oriented Transport Protocol - X.224" X.224 is very much like TCP, but without the adaptive retransmit machinery to work well over unreliable links. You're supposed to run X.224 over a reasonably reliable virtual circuit provided by a telco. For which you pay by the packet, like X.25 or ISDN. Bad idea. Windows NT4 actually had support for X.224, and some older Cisco routers understand it, but it's dead.

This is not a place we, as users, want to go.

But, that's not how it works, folks!

[mcrbids]

Guys, guys GUYS!

I see many posts here about how we need to "mandate" this and "require" that and blah blah blah...

But the Internet, by design, is lasse faire! There is no "mandating" ANYTHING! Anybody can hook up to their neighbor, who hooks up to some guy across town, who is hooked up to a couple other folks...

The Internet is DECENTRALIZED and OPEN. The closest it gets to mandating anything is the much-disputed RBLs. I, for example, block all email from most Asian countries - nothing personal, but it sure drops the SPAM load with virtually no complaints. But, I can't mandate what the Chinese or Koreans do with their network - I can only mandate what they do with respect to MY networks.

The Internet is merely a commonly agreed upon set of standards for communications across disparate networks, and it's performing the task of connecting networks the world over with grace and flair.

Don't tell me that just because Windows systems get infected in 12 minutes, that the Internet is broken. Sorry. The Internet is working fantastically. It's Windows that's broken. It's not up to the task of functioning on a globally accessable network.

So far, every significant "problem" I've heard with the Internet hasn't been with the Internet, but with the systems at its fringes. SPAM. zombies. Worms. Viruses. Exploits. All are simply side effects of a "zero friction network" as espoused by the all-knowing Bill Gates in his 90's book, "The Road Ahead", combined with systems not able to cope with the ramifications.

Bill Gates, Larry Ellison, Scott McNealy, Linus Torvalds, and all the others are learning now what that truly means, and over the next decade or so, we'll see major advances in developing the kind of security needed to handle this frictionless network.

In short: the Internet is doing just fine, people! It's the systems hooked up to it that have problems!