It’s December and with the holidays approaching we are looking forward to a bright 2023. In this issue we provide an update on the status of our RPKI repository, a look at the IP readdressing activity our vantage points have experienced, and as usual our organizational updates including our experimental shift towards Mastodon.
Documenting Internet Events
We have recently started a new documentary service for Internet infrastructure we call “The Internet Last Week”. Every Sunday we summarize a few of the major events that occurred the prior week such as major outages, conferences, threats, attacks, and other infrastructure events. We are primarily focused on those events we deem sufficiently noteworthy that had or could have a major impact on Internet infrastructure operations. Follow us here or ask for an invite to our Slack space for each week’s recap.
RPKI Monitoring of our PP
One of our more popular services has been our public activity monitor for the RPKI publication point (PP) rpki.dataplane.org. Our monitoring of relying party (RP) activity and software distribution has been widely cited by the BGP/RPKI operational community. The PP was initially set up to facilitate a specific research project, which involved experiments that published ROA beacons into the RPKI repository to help better observe RP behavior. These experiments concluded some time ago, but our PP had been experiencing stability issues in part due to these experiments. Fixing the problem proved rather difficult to fix without entirely removing our delegated certificate authority (CA) from the RPKI repository. This is just what we did and the effect of this can be seen in the graph’s right edge below.
Coincidentally the red spikes reflect the effects of the RRDP service interface having intermittent problems that we needed to address. Our PP will eventually be rebuilt after a period of time and monitoring of RPs will return to normal. In the future we will no longer use this system for any experiments such as ROA beacons. Henceforth it will be used solely to publish our real and actual ASN/prefix mappings.
Vantage Point Readdressing
Something we periodically confront are IP readdressing events from our hosting providers. From time-to-time, a provider informs us that our assigned IP address(es) have to change. The most common cause is that the hosting provider is leasing IP address space they do not ultimately control from an upstream provider, and our providers are changing upstreams. As you’d expect, this practically never happens with most well established providers who have been directly allocated their address space from an RIR. Since we utilize some smaller low-cost providers that do not have their own address space, the stability of our assigned IP addresses for some hosts is worse than we’d like. However, as we’ve frequently suggested, the importance of any one vantage point is very small so these events are of little practical consequence to the average data consumer. In other words, the instability of IP addressing on any vantage point has relatively little impact on our operations. However, we have observed that address instability is a pretty good predictor of overall hosting provider quality. Furthermore, these changes are not entirely free. There is some management overhead. For instance, documentation needs to be updated, management tools may need to be refreshed, keys bound to IP addresses need to updated, and so on.
We took a look at readdressing events across our vantage points over the past couple of years. It happens more frequently than we’d like. In fact, the frequency with which it happens may even surprise you. Since early 2021, the (approximate) percentage of Dataplane.org's 300+ vantage points that have been subject to an IP4 readdressing event are as follows:
70% - Never
12% - One time
15% - Two times
2% - Three times
< 1% (but not zero) - Four times
These are purportedly "server-based" systems. Does this seem surprising? It should be. A large number of readdressing events were due to a mass migration of all systems by a provider we have many systems with in the past year so these statistics may be skewed. We’ll see how things look in the years ahead. This is a metric we’ll return to periodically to help evaluate the overall stability and consistency of our providers.
Current State of Dataplane.org
We are working through several internal housekeeping items that have been brought to our attention. Administratively we have met with several attorneys and believe we are close to finding a comprehensive firm that will guide us through our legal structures, being a 501(c)(3) charitable organization comes with obligations we need to consider including ensuring we pass the public support test. With the close of the year we are also ensuring that our public reporting and tax preparation are underway so that tax season doesn’t sneak up on us.
We continue to improve the robustness of our back end systems, with plans to add additional Signals and active probes once the new year has begun. Updates to Content Security Policy (CSP) on https://dataplane.org and a regular check of our Transport Layer Security (TLS) through various tools such as Mozilla’s Observatory and Qualys’ SSL Labs have been recently completed as we continue to ensure we are following current standards. Stay tuned to this newsletter for further updates.
On the social media front we have been active on Twitter and with recent events causing a migration of folks over to Mastodon we have established our Fediverse presence on Fosstodon @dataplane. We look forward to engaging with the community and hope to add new insights beyond the The Internet Last Week series we mentioned above.
As we increase our presence and capabilities we’re eager to share what we do not only in the virtual space, but in person as well. Two speaking engagements are already planned for early next year. One will be a remote session with REN-ISAC, the other at the FIRST symposium in Bilbao, Spain. Each topic will be tailored to their specific time and venue, but both will cover an aspect of Dataplane.org operations, analysis, and research.
For contributions to our mission, and continuous availability of our Signals please consider contributing a donation.
We welcome feedback on any items covered in our update or suggestions for improvement.
Feel free to reach out via email, Twitter, or Slack (request an invite if you need one).