These are unedited transcripts and may contain errors.
Closing plenary on 4th of November, 2011, at 11 a.m.:
ROB BLOKZIJL: Good morning. If we all can find a chair, then we can start with the last slot in our RIPE meeting.
In this slot, first, we have a couple of presentations, and I ask Geoff Houston, who needs no further introduction, I'm sure, to give his revisited IPv4 address exhaustion.
GEOFF HUSTON: Good news, I found some more addresses, I lied. Sorry. There are no more. I am with APNIC and this morning I'd like to give you an update on some talks I gave earlier about IPv4 address exhaustion. But before I do so, I would like to put this into some context. We all work in an industry, the telecommunications industry, and while we might think the Internet was invented sometime in 1960 something or rather TCP IP came around in 1974 and so on, we go back a long way, to wireless telegraphy and the first telephone systems in 1876. We are a very, very big industry, I have been trying to understand how many folk Deutsche Telecom employed at its peak, and I will start with an opening bid of 300,000 but if anyone wants to raise me by hundreds of thousands, feel free. We had a huge number of people working for us. We were the richest sector on the planet. We were big. And the interesting thing is that size and sanity don't go together. I think they are actually inversely proportional. And when you look at their efforts to engage in the data industry, ISDN was one of those disasters that only a telephant could ever have dreamt of and the committee that dreamt up ATM had something funny in the air conditioning. This is an industry where size just simply meant you got it wrong. And everything that we now think is really cool, those billions of SMS message that is became tweets, seen social networking, let alone IP, was a surprise, a complete shock. No one in the industry could ever claimed they planned to be to where they are today. It was a surprise.
So just remember, big and sanity are inversely proportional.
So, we are now confronted with a bit of a problem which is where we get into this exhaustion report because we have to skip from v4 to v6, and we have a track record that says, anything is possible, so, it's not sure or clear we are going to make this jump. So, I'd like to look at, today, exactly the challenges in trying to drive us through this transition, where are we going and why.
So the first kind of question in my head: Why do we have to worry about this, why is this a concern? Because quite frankly, shouldn't it just happen? So many folk I have talked to said, you know, you shouldn't worry Geoff, when we run?out of v4 addresses we will run v6, just wait and it will happen. Or maybe not.
So I want to look at this a little bit closer and actually try and understand this.
So, let's, again, draw back into that rich history of telecommunications and talk about other transitions which, at the time were probably quite traumatic. The first kinds of ways in which we built these systems, was by using wires. This is a picture of New York at the last century. I went to Buenos Aires a couple of weeks ago and looked outside and that could be Buenos Aires, these guys just really love wires, string them up any way you can and they had a scarcity problem then, they were running out of space on the poll, because the next consumer, they are going will I hang that next wire? It won't fit. At some point we had this really cool ideas let's do different conversations at different frequent see, let's go from wires to virtual circuits? It's really hard to give you a picture of that, so a blank screen, sorry.
So from then we moved on to packets because quite frankly, 1,000 times cheaper than circuits, identifies what the switches need to do. All of this, to us, coming along years after the event, it just looked so easy. It was inevitable. We didn't have to worry. It just happened. So, now, let's do this again, and looking at where we are now, and where we need to be.
So, we have this little problem in the middle. That little air gap that we have been talking about now for the last, oh, ten years or more, this minor problem called transition. Now, I love watching the diving at the Olympics, don't you? They are going to execute a double triple pike with a backward somersault, degree of difficulty: Five. Let's look at the degree of difficulty here in this transition. The first thing was he wasn't meant to muck around with TCP or UDP, same kind of API, well the difficulty plus one. It's not backwards compatible. Whoops. That is a plus two. It's an end?to?end protocol so anyone who wants to put translators on the path, is really going to muck warned a whole bunch of things, including security so the end?to?end protocol is another plus two penalty so we are starting to get pretty difficulty and of course, I am sorry, we are not allowed to disrupt users. It's still just got to work seamlessly across all of this. That is a big plus five because I can't say sorry, no Internet this weekend, we are busy doing a v6 transition.
Now, up until a couple of years ago, that is a plus ten. So that is a triple backward summer salt pike with no splash at the end, right? But oh, no, no, we are professionals, we do this for a living, that is easy. So now we do the plus ten. We have got to do a dual stack transition with an exhaustion of v4, break a leg and do that dive. This is what we have set ourselves as a target.
So, little wonder that this transition is going to prove traumatic, because we can't just skip from the v4 paddock to the IPv6 fields of green daily in summer because it's not going to work. It's going to take time. And you are going to explore twisted little passages of carrier grade NATS, morphed content distribution networks because we are not going to be able to do end?to?end cleanly and application level gateways, because the longer this transition takes with no more v4 addresses, the harder this gets.
It gets really hard. Because, now, this industry is going to do something that it's not used to; it's going to have to spend money. The Internet was cheap, we are cheap bastards, if we can make customers pay and us avoid the cost, we will. Who bought all the NATS out there in the network today? You or your customers. Your customers. We externalise every possible cost we can. This is great, customers love cheap. But all of a sudden when you put in a carrier grade NAT, you have to pay. You have to make that capital investment. But this is temporary. This is transition. I am going to spend five million dollars on capital ?? carrier grade NATS, how long am I going to use them for? One week? One year? Hang on, that was millions of dollars. I am going to use them for ten years. Because if I spend that money, it's going to have to make a return. And at some point, when I buy that temporary equipment, I am committing myself to a different outcome. I am no longer renting something for a week; I have bought the car, I have bought the house, I have bought the entire architecture. I am now somewhere else. And I am not necessarily committed to a temporary investment. I am not necessarily going to, well you know if the rest of you hurry up with v6 I will go and junk that million dollar piece of CGN because I won't need it any more. Oh, yeah. We never do that. Once we make the investment we are fixed. And at some point we have a risk that we lose track of where we were going to go. We have a risk that we actually build a different future, and we head off in entirely different direction.
I have got time. You have got time. You are stuck here. I want to go through and go what is the risk we never get to v6? What is the risk of actually heading off into a different LAN. So let's go and explore this space for just a little bit.
The question is, are you guys seriously prepared, as an industry, to contemplate v4 forever? Are you really prepared to go to that warped place. Let's put some numbers there to understand the situation we are in today. Almost half of the world's transit network support v6. Fantastic job. Well done. This is cool. Half of the world's transit network support v6 right now. Half of you are already there. Great. Half of the world's end devices support v6 right now in their stack. If you are running anything recent from Microsoft it has it there. If we start tickling the entire world, half will respond with a v6 packet. Sure you have got to use Teredo and go through some tricks but the still is there, the staff is active. So, two sides of this problem have been built. What about the bit in the middle? See in this graph, this is the number of clients who can successfully connect to Google using v6, a phenomenal.3 percent. Not 30, not 50.3. Measured it ourselves. We got a slightly different number.4. Well done. There is something wrong with that figure isn't there? Somehow there is a missing gap. That 0.4% of those ?? 50% of devices, only that tiny amount can do v6 end?to?end. What is the problem? Last mile. The problem is getting to them. So, there are a number of reasons why the last mile carriers haven't done v6 and they haven't. You can read this as well as I can, I actually, if your last mile access carrier maybe I should read it out for you because there is a problem, and the problem might well be one of stupidity, laziness or just lack of information or maybe you are just plain broke, maybe you have got the Greek disease and there is no more money left. I suspect you are not stupid, you are just a player in an industry trying to do the best you can in an economic and business regime. You haven't done v6 because that is not where tomorrow's revenue lies. You haven't done v6 because there is no natural incentive to you, it's unattractive. Why? Why is it such an unattractive proposition. I am still digressing and I will get back to the point really soon. Remember that I sew 7 blah?blah?blah, in the telco world, that was a building. People pay for service and everything else is paid for by the service. I to speak to people for a a telephone company. I don't care about the switching or anything else that happens in technology. I pay for the service. In the telephone world and in this world, services paid for everything else. This was the old world. But we deregulated. We introduced competition. We made sure that the new competitors didn't have to become mini telcos, they could take the bit that made money and just work at that. As did Google, as did Yahoo and a whole bunch of folk who figured the money was in the serves. What happened to the other elements of the stack? They are broke. They have no money. That is a problem. Because where is the money to run v6? They really don't have money. They don't have any spec rum either, they used it up but that is a different problem. Let's look at this a subtly different way from the perspective of the last mile carrier. The last mile carrier doesn't have Google as a cuss meshing the last mile access carrier doesn't have Amazon as a customer or anyone else in the service business. The only place the last mile carrier can get money from is users. And you guys are cheap, you don't pay them very much at all, you pay them 20 dollars a money grudgingly and that have they make two dollars a month in profit. It's a really, really tough utility game and it hurts. There is no margin left. And now you are asking them to put in CGNs and make a whole bunch more investment because they run?out of v4 and to keep the service running they are going to have to spend a whole bunch of money. Who is going to pay? Are you, the user, going to make more money for a worse service? You are not. I know you. You know yourself. You are never going to pay money for a worse service.
So, where do I get the money from? Well, blackmail and extortion are always good answers and when you are desperate anything will work and that is what we are going to see. Because those CGNs and ultimately ALGs aren't just bits of technology; they are rationing devices because there aren't enough addresses to go around and it's not addresses to users; it's addresses for users to reach services.
Google relies on a clear 2020 vision of customers, because Google's business model is to sell you to advertisers. If they can't see you, their business model does not work. And it's the same for every service based business. But all of a sudden, if I build a carrier grade network, I have an aperture, I have a shutter, and I can expose as much or as little of the customer as I choose. All of a sudden, I can do, blackmail but let's call it monetary extracts because the economists like those terms, all of a sudden Google will pay because they have no choice. All of a sudden, v4 takes on a new and carnivorous aspect, by not doing v6, the network certainly worse, but the last mile carriage provider seize a new new revenue stream. So when I talk about how real is the risk that we never actually go to v6, and when I talk about the fact that the people who are stopping us, the bit that we haven't done, isn't what is on your desk in front of you and it isn't the long halls around the planet, it's that last mile to get to you, that is what is stopping us and those folk aren't on the same page as the rest of us. Because their business model is not necessarily aligned to v6 so it's a possibility we are heading off in a different space. Let's go back to where I was. If I can remember. That's right, we are talking about how to manage the transition. How do we make sure that all of us are on the same page? Because this is challenging. Because we are going to get distracted by optimising what was intended to be temporary, by making the CGNs brighter, shinier, faster, better, by having a new application level guide way that does even more. Why are we doing this? This is difficult. How to manage the transition in a deregulated industry is extremely difficult and so far.3 percent, when the entire Asia Pacific has already run?out and you guys are only months away from the same fate in your region .3 percent is an industry market failure. So if you say how well we are managing this transition, on a scale of one to ten, you are at minus five. You couldn't be worse.
So, the pace at which we are doing this, I thought about glacial and then someone said no, you are too fast, the pace at which we are doing this is truly geological. If you go back to that slide it was.3 percent a year ago as well, whatever up to the right means it's not including transition. Nothing has changed. So you need to be a geeologist to find any light in this.
But it's OK. We are professionals. That is easy. Let's make it harder. Let's introduce just a few more challenges.
The first one is really the birth of the Internet came from deregulation. It came from taking apart Deutsche Telecom, British telecom, France Telecom, taking apart the vertically integrated monopoly, the structural cross?subsidisation, the years of planning. These guys were professionals at planning. In Telster, I served a ten years sentence in Australia, they had a year 2000 committee in 1985, that is planning. These guys are planning experts. What about today? Well, it's not the same world. And it's not even a case of either or; we can do v6 or we can do v4. Oh, no, we deregulated. And all of a sudden, everyone has a stake in the business. We heard this week from the CPE vendors because the access providers say I can't do a anything until the CPE folk do and the CPE are saying I would like to and I am doing something but it depends on the chip vendor. There are many people in this industry, and because it's deregulated, everyone is now trying to optimise their own position and role. We don't have any direction. There is no plan. No one is in control. There is no assured outcome. It's just market pressures. V6 may, or may not happen. It's no one's fault; it's just market pressure. And there is no assured feature here. That is a challenge.
But let's make it harder. Because we are not all running out at the same time, are we? I heard your registration services manager say there wasn't any panic. IANA run?out there wasn't any panic. That is the run down of APNIC. That since 2008. See that vertical bit on the right there? That is panic. Because when you really get down it, we are humans. When the bank is running out you are going to line up with the rest of them. When there is no more, we panic. We always panic. You can't stop ourselves, and that is certainly what happened to us. And I am pretty sure that is what will happen to everyone else but that is what we did. Where are the rest of you? Seem to be suffering a bit of a Greek problem right now. You notice with both ARIN and with RIPE some of those curves, they are flattening out but panic will happy eventually. But we can do a bit of maths and play around with the numbers, and interestingly, right now, we are actually going to run?out at quite differing times, so each of those curves will hit that last /8 at a different time. RIPE NCC you have got about four left, that is about 64 million addresses and as long as you keep on having this financial sort of disturbance and as long as you are not sort of investing at the rate you were a few years ago, your address pools will last until July of next year. Great. But in America, at their rate, they will last a year longer. LACNIC slightly longer. We are going to run?out at different times. I can give you some probablealities on that but it's a decent projection. We all run?out differently. Well, we have a hard time accepting reality, because quite frankly, while in that other part of the world ten hours away by jet, the other side of the planet, they have run?out but I haven't. So how do you, as an industry here, react? Addresses are fine. I can still do my v4 plans, I can build new networks. Why should I worry? Because for you, it's not a here and now problem; it's a sometime, might even not happen. Because by heart we are irrational optimists. Why do folk live in California? The earthquake will happen. We are irrational optimists. So while we haven't run?out we assume we never will because quite frankly, we live in a world of denial. And the industry lives in a world of denial. We are professionals, it's not happening until it's happening to me. You just deny reality. Well done.
So to make it harder there is a credibility problem. We believe our own myths and live in denial because it's more comfortable and we love it. We can make it still harder. Because this diversity is really going to up the ante, if we look at that map of transition, APNIC is heading down towards where the industry players in that region have to, have to deploy CGNs, and as we said before, they might even want to, but they have to. There is no way around this. We have run?out. And a little while you guys will be doing it too, welcome to the club but it will be in a little while and if we take the thing a bit further: ARIN and LACNIC and AfriNIC still aren't there, still in 2013 on the cusp of exhaustion. We are going to be experiencing different regions, different pressures, different markets, different technologies and requirements. How do we keep one network? How do the packets still go from end?to?end cleanly when each part of the world is building different architectures and different networks? Because quite frankly, the risk is we are not going to keep this together. The market pressures that produce openness and homogenaity don't work in a environment of scarcity anywhere. And as scarcity affects us all at different times, it's likely that the co?herency of the Internet won't survive. It's likely we won't have one Internet in three years' time. It's likely that we are going to suffer the MIT of the long?term plan.
I keep on hearing folk saying, I didn't hear it this week which maybe a good thing, haven't you heard ?? how long will transition take? Five years is too quick. Maybe ten. Five, six, no transition will take 20 years and some of the optimists go no, it will last forever. Transition will take an awfully long time. So, cast your mind back to 2006, forget about everything that has happened since then, what was your long?term plan? Do you even remember what your long?term plan was five years ago? None of you do. Transition is going to take longer than that, we are going to create a ten year long?term plan. What was your long?term plan back in 2001? I have no clue what mine was but I know I am not following it. I absolutely know I am not. And neither will the rest of you, ten years later, whatever plans we make, today will not happen. The longer the transition, the higher the risk that we are going to drop the marbles on the floor and do something else because as humans, our long?term memories are crap. We rely totally on short?term memory and as engineers who have obsessive OCD, you really do work on short?term memory. You'd like bright shiny things and every new thing that comes in through the door, where it's MPLS or social networking, you are just there. This is a technology that doesn't plan any more; this is a community that simply reacts. Long?term planning is not part of your gene pool any longer so you are going to fragment this network and go in all different directions and by the end of this decade, v6 will be a distant dream because we are all going to live different features.
So one network is not an assured outcome in all this process. Quite frankly, the longer the transition, the longer the differing market pressures are going to produce different outcomes.
I don't like that. I think it's crap. I love the last five years, I loved the idea that I could build an application that would work end?to?end. I like the idea that you guys can deploy Atlas probes all over the place and they just work. No matter what the environment you plug them in and packets fly. That is open networking at its best. That is the whole strength and power of the Internet, and we are bringing it apart. So how do we stop that? How do you build a network that we want to play? In? I suspect there is a public interest at work here. That transcends mere venal greed and transcends the possibility that the access providers can blackmail Google and make lots of money by breaking the network. How do we do this? How do we make sure that, despite those short?term pressures for one person to get an another person's back, how do we make sure that we actually survive with a single open network? How do we get this Internet through this transition? Or if that is too hard, let's take a slightly softer question: How do we really not muck it up so badly that it's irretrievably damaged and can I void making it any worse than the rather weird situation we have today with NATS at the edges? What do we do? Sorry. I don't know. I have no clue. Absolutely none. I would like to meet someone who does. It's a really, really hard question. And so far.3 percent, we are doing really badly. We are not doing the transition. We are just building more cruft in a network and not building a clear open network for our kids. We are making it worse.
So, I'd like to leave you with three thoughts that might help you in the address policy area of thinking, what might at least help a transition and not make it any worse, because your potential for making it worse is limitless. Let's go through a few thoughts here.
Self interest is not necessarily common interest, and think about those last mile access providers. If we really want one Internet, then we have to make sure that what works for you, what works for your sector, what works for Europe, has to be the same as what works for the world. RIPE and its community can't solve this problem for itself. Hanging on to addresses, hanging on to resources saying I have got mine, the rest of the world can get stuffed, is the best way I know not to have an Internet. Think about how to make sure that when you make decisions, that local interest and common interest try and align, that you think and think about everyone, mot just yourselves and when you talk about Inter?RIR address transfers and so on, if you move yourself away from the mechanics and think about the bigger problem we are trying to solve here, if you want one network at the end of this, those few v4 addresses we have left, have to fuel a transition for everybody, not just yourselves. So, common interest is what makes one network. Think about how you align that with local interest.
Secondly, there aren't many women here, and any women who has gone through the pain of childbirth will probably tell you that pain is best kept short. Prolonged pain is terrible. And if we stress this industry by prolonging and eeking out that last point of exhaustion and deferring it for years, are you making life better or worse? Are you just simply increasing the uncertainty of the transition because quite frankly, a ten year transition leads to nowhere I understand. It's too uncertain. In ten years' time, we could be doing anything. We have been struggling so hard to make scarcity and fairness work together. They can't. Scarcity, by its very definition, means there is not enough to go around. Rationing simply makes everybody angry and disappointed. Stop trying to prolong the pain. Addresses need to be used not safeguarded or hoarded or eeked out slowly. Let them go, move on, which moves on to my third thought: Bring it on.
Stop trying to defer the inevitable. It's going to happen. And by deferring it out to 2015 or 2016 you are going to go through four years of pain and uncertainty and you are going to go to no place very good. Because in the meantime you are going to bust end?to?end irretrievably and that is going to be bad. Bring it on, because we can ?? got a finite amount of time, money and effort. After Greece, you have even less money. So a very small amount of money, time and effort, and all of a sudden off real decision on where do you place that energy. We have become fixated in the standard world and vendor world and service world about bodgy solutions for CGNs and beyond. What a waste of time. They are temporary, moving on. Because all we are doing is annoying our customers and diverting our own efforts. If we really want v6 at the end of this, go faster, get some focus. Understand that this is just temporary so bring it on. Run those addresses out and move on with our lives. Because if we don't, you are going to be snuck this half?life of broken networking and we are going to perfect making it worse and not better. Thank you.
(Applause)
ROB BLOKZIJL: Thank you, Geoff. Are there any questions?
GERT DORING: I think you are so negative about things. Can we please get the pretty pictures of the train wrecks back.
(Applause)
AUDIENCE SPEAKER: Benedict Stockebrand, freelance IPv6 guy. In most aspects I quite agree with you but there are a couple of things that I think might work out different. First of all, about the telcos blackmailing Google. It might actually go the other way around because if Google told Deutsche Telecom customers you can't have YouTube because Deutsche Telecom is blocking you then Deutsche Telecom will lose users who are spending whatever money the ISPs carries whatever need to make the money so I think it's not quite clear who is the stronger party here at that point.
Second thing about all those, when we are going to run?out of addresses in the different RIR areas, I think they are pretty much useless, really, simply because the development is an exponential process and you can ask any sort of ?? somebody with a chemical background or an engineer, it's very difficult to extrapolate exponential functions in a remotely reasonable manner, let alone that panic consideration you mentioned.
Finally, we are sort of making the IP world ever more complex. We are pretty much doing exactly the same the telephony people have done decades before us so what actually might happen with that is that people show up and build something on top of our technology which is just like what we built on the telephony stuff when we came up with the Internet. We used their lines and whatever things doing ?? doing completely different things they had intended and we made the Internet out of it. Something like that might happen to our technology and somebody might put something on top of that and I mean, beyond http.
GEOFF HUSTON: Let me react to this. The tension between carriage and content goes back thousands of years. If I built a road then I'd love to charge people for using my road. And that tension we have seen being expressed all the time. The last ten years the carriage folk lost. Those gold plated taps in the bathroom of the telcos, have long disappeared, because content won in a deregulated world. Because we built a carriage environment that became commodity and then started to enact network neutrality, we insisted that the networks couldn't retrospect barriers ?? but scarcity becomes a barrier. All of a sudden, for free, the carriage folks have a new weapon, a weapon to use against content. And they will use it, because in this world, anything is fair, and yes, we are going to see another round in that battle, I despair for the users like me. I despire for folk who really have enjoyed open networking and network that actually encourages createty and innovation, because the last time carriage won in the telco world. 80 years of telco operation produced just one innovation, the fax. Those guys were awful. I don't want to live that world again. Thank you.
(Applause)
ROB BLOKZIJL: Two more short questions.
DANIEL KARRENBERG: The other chief scientist. It's very good to hear at least an optimistic note and I see it as an optimistic one, your last thought. I said on Monday that I think what we need to do as a community is to build a better performing IPv6 network than the IPv4 network and you showed some of the barriers there. But don't you agree with me there might be an argument even for the access networks to say, hey, if you don't buy the shiny CGNs and make that large investment, the investment to get a better forming IPv6 network out there is smaller and your operational cost will be less if you have a technology that will actually in the end scale, so yes, we are better long?term planning but maybe we can make that argument
GEOFF HUSTON: I agree with you and I think it's a very productive argument I think, though, we should be building to the future, not trying to Band?Aid a past. I also suspect, though, that even that might not be quite enough and I also suspect that the laissez?faire attitude of the public registry regime of simply saying it's the market and whatever outcome happens is fair, might not quite be enough and I would certainly like to see regulators strongly think about where our collective interest, as consumers, lie, across this period and gently encourage an industry to move towards outcomes that preserve openness, neutrality and diversity and creativity of service, so yes, I agree, there are really advantages in running to v6 but also I suspect, just a little bit of push would help.
DANIEL KARRENBERG: Of course I am a chief scientist so I have to have a little criticism on your methodology. Your argument here we are at 0.3% was based on those Google statistics but Google actually limits them by not giving all of us IPv6 addresses when we ask at google.com or some of the other systems so they are really capping this figure and it might be much higher if they gave all of us these addresses.
GEOFF HUSTON: You are quite right. APNIC do it use nothing white or black?listing and the number is higher, 0.4%.
ROB BLOKZIJL: Last question.
AUDIENCE SPEAKER: Patrick Gilmore, realise that Acme is not actually a content provider, we don't own any content so without disagreeing with most of what you have said, I would like to disagree with the idea that the telcos, the incumbents are having a problem, specifically just while you were talking I looked up telecom, France Telecom, Deutsche and Horizon and all of them to every single one of them said they were highly profitable and the more broadband they get the more profitable it is and it's making for losing phone revenue which is declining. This addition to that, and on top of being profitable and continuing to be more profitable as they go along, content has no way to blackmail anybody else, when Turkey filtered YouTube, nobody left; they just all moved to facebook. There is no problem on the content side, getting stuff to v6 there is no problem with us, the problem is the incumbents, it's not they don't have the money it's they like the money they have and they do have gold plated something somewhere and they want to keep it gold plated so they are going to force other people to pay for it, however that is. You said externalising the cost, that is exactly what they are doing, it ain't going to stop any time soon whether v6 is fat or slow.
GEOFF HUSTON: I would certainly expect us to raise the stake. I think we have been lackadaisical in the way we have allowed this industry to ride into a train wreck. To actually allow this situation to get to the point where we are running out of addresses and will run?out. And once we have run?out the solution that we have to deploy are truly awesomely horrible and they do hold users captive.
AUDIENCE SPEAKER: How are we going to change that when the incumbents, let's take Deutsche Telecom ?? it's a big company but one small country, they have more revenue than Acme Yahoo and Google combined and you take that worldwide and you can't get them to spend money whereas Google is spending tens of millions to do this v6 stuff. We can't do it, you need the incumbents to do it.
ROB BLOKZIJL: Thank you, Geoff.
(Applause)
Next we have a list of four presentations, they are lightning talks so they are short and to the point. The first one we have is from Dave Wilson, what did we learn from World IPv6 Day.
DAVE WILSON: From HEAnet. There is a problem with the slides but we will cope with that, don't panic. The bigger problem is I thought let's follow a talk about Geoff Houston about how well we did in IPv6 day. Which is kind of ?? let's see how that goes. I work for a national research network, my customers are universities and other educational institutions. They are the ones that people in the past have looked to for innovation in the network. And I wanted to measure how we got on. I was asked by my boss what rewe going to do for World IPv6 Day and everybody else was dual stacking the web servers and we did that years ago but what we did, what we could to push it among our clients only a few of whom have had any meaningful v6 deployment so far and I came up with a bunch of different metrics. Here is some based around interaction with our own knock. The number of phone calls we got about World IPv6 Day was zero. The number of angry e?mails we got about World IPv6 Day and about things that have gone wrong because of it, happily was also zero, and I am very pleased both of these numbers. Everything seemed to go fine. The number of tickets we had to open, as a result of problems reported due to IPv6 day, there was one; we actually had someone come in about the same time with a problem that arose out of dual stacking a server but then it turned out that they didn't dual stack it because of World IPv6 Day it was part of a different plan so that was actually zero.
Customer interest. Now, the number of physical customers we have schools aside, we do handle the 4,000 primary schools in Ireland these days, the number of customers I had getting ton me saying can you help us do something for World IPv6 Day, was one of them did phone up and say what can we do with this and can you help us. Unfortunately they phoned us us up on the Friday before so we didn't get anything done. Which leaves traffic.
So, we had all these users, some of them are dual stacked, most of them frankly aren't, what difference did we see in the amount of traffic that was on the network? OK, fine. Here, for the weeks surrounding July 8th ?? June 8th, was our inbound and outbound v6 traffic, among a bunch of different providers, dominated by outbound flows so most of our traffic, our natural traffic as opposed to FTP server, is inbound, so take away a lot of the weird stuff there, I take out ?? I took out there because it's ?? it's dominated by different flows which changes over time and we will try and look for natural Internet traffic and it's still dominated by outbound flows which are sort of weird and different. Get rid of everything except the local exchange point and two transit providers and that is what it looks like. And is there ?? the Wednesday there, looks pretty healthy and it seems like things grew over the week pretty a happy with that. That was the week itself. And if we zoom out to the surrounding months, can you see it there? Week 23, which is the week with v6 day in it is lower than the ones around it. It went down. We had less traffic in the week of v6 day than in the weeks surrounding it. What the hell went on there? OK. I think what went on there is what customers we have for using IPv6, we have been very aggressive in getting on the Google white?list. Some of them whether they know it or not. And they already get YouTube and YouTube dominates v4, never mind v6 so I think what was happening here is we are seeing natural variations and the A dual stacking that happened around that, we were already there and waiting, so we didn't really show any changes as a result.
So, OK, I am stuck. Fine. What the hell is going on? Let's take another approach. We have an FTP server, we get about 12 million hits a day on it and it runs a source forge mirror, where I come from 12 million hits is quite a lot of traffic. So, it's going to be fairly technically orientated but maybe it's a partial picture of overall usage on the Internet. So I got out some Awk and a bunch of the logs and did an analysis and we have a lovely ramp up of the number of hits to the server that happened over IPv6 over that time, and really please with that, 8th of June looks good and healthy there. Then I made a mistake, I looked further. I looked at traffic. Actual bytes. Lads, what gives? What is going on? Come on. So this meant I had to look closer and by the way, that scale is correct, we were looking at about 50 parts per million there. Why is this in OK? So that meant I had to look further again. I went back for an entire year's worth of logs, I did another scan and this is again the number of hits, percentage on hits of v6, fairly healthy. There is some bump there in the middle, air's rock shaped that I don't reallyened stand but it looks very healthy. Did the same scan for the number of bytes transferred and, again that scale has changed bay factor of ten. There is nothing there. There is a spike one day last year, unilast year, and nothing else. And I had to work ahead to go unpick this. Back to the hits. I thought how much of that came from inside my own network? 12 million hits a day, they are dominated by hits from outside, except in the case of IPv6, they are not. That is often inside my network. And as far as I can see what is going on there, is that is not just from inside my network but from inside our own company. We have an army of Linux machines which use this as primary update server, make a bunch of hits and that is dominating ?? apt get is dominating the number of hits to the server. It generates no traffic compared to someone downloading an ISO. Linux image which they don't do. So we saw no meaningful difference in traffic as a result of v6 day on our content that we provide either. What does this mean? I think that is great news. I am delighted. Because the original objective of course, when we heard about this last year, was to see what happens with a full scale dual stack of content and see if it works, and it did. Stuff didn't go wrong. It worked so well that the guys at Google decided to leave parts of YouTube dual?stacked and that means that any customers of mine who comes along and dual stacks now has a reasonable proportion of traffic that they can expect to get over v6 without joining a while list and passing some test. It will be there. And this means they have to pay attention to it.
And my conclusion from this, and what I have been trying to say to people since I see the backbone as a solved problem. We know how to solve this. Known everyone has done it but we know it can be done and done in production. Content is now the same. The biggest guys in the world have done this and shown it can be done; therefore, the problem has been solved once and can be solved again. I heard a lot of talk about this about consumer access and I am delighted to see and it's outside my area of expertise, but I am delighted to see that it's getting done, and people are working hard on this. But I got a look at the enterprise because the universities these days are enterprises, they use the same technologies, they have very similar business pressures, they are requirement for means to deliver a reliable service and their requirement from their own management is for that the thank to not break and that is first, second and third most important thing they have to do. They aren't experimental laboratories any more. So at least for the primary connectivity. So my conclusion on this is, I have always been concentrating until now on how do we get other ISPs and service providers, how to do this. It's what I know and what I am familiar with. But the pressure I think that we need to apply now as an industry, is I am less concerned about improvements to the equipment I am deploying and more about improvements to the equipment that they are deploying. I can run a network with the equipment I have, it hangs together OK. But why enterprise in particular? When people are talking about home DSL users I am a little bit weary if we have some cognitive bias here, are we concentrating at this top of this slide because they are the most important or because of the bits we understand and feel we have most leverage on? And I think it could be the latter. I think the vendor pressure now most seriously needs to go at the bottom and the I think the future traffic we see certainly during the business day and from universities is going to come from the bottom. So why an event? I still think another IPv6 day event is important but it's got to concentrate down here and the reason I think that, this time last year I was talking to a client of mine and I was trying to have the honest conversations that I am not going to cajole you into trying to deploy v6 or tell you why you should or why you shouldn't; just tell me why you haven't and what the problems are. And one of them said something very interesting: He said some time ago we went on strike. And someone was asking us, is it bad for your organisation, does it look bad fort organisation when you go on strike? And the answer that came back was: If it was just us, it would be; but the entire sector was on strike, and therefore, there is no difference. If everyone makes the leap together, then the blame is disseminated and there is no real negative impact on any individual organisation. And he said, it's the same with the transition with PIC. If we do it on our own we are taking too big a risk, if there is a thing we can concentrate on and rally around we are able to do something. I would like to see future IPv6 day with some sort of concentration for the enterprises and what they need to do and how we can help them do that. And that is it. Thank you very much.
(Applause)
ROB BLOKZIJL: Thank you, Dave. I see nobody rushing up to the microphone. Fine. You asked for another IPv6 day, the next lightning talk is about IPv6 week proposal.
ANTONION MARCOS MOREIRAS: From the Brazilian network information centre. I think Luisa talked about it in the bit in the LACNIC announcements, LACNIC. This is kind of announcement, kind of a clarification; this IPv6 week is a regional initiative in the LACNIC region. It's not the world IPv6 week, OK? And why we are doing that? This is started as a Brazilian initiative. We think that IPv6 world day was a huge success. We, a bit after the World IPv6 Day, had a meeting, trying to evaluate it, and people from Brazil who participate asked for more complete test. They think they need more time for testing and they think they need real traffic for testing. And some very important content providers in Brazil could not participate in the World IPv6 Day because of lack of Internet transit to and from their up?streams at that time. So, we decided to have another test, a Brazilian test, at the beginning, and why 2012 and why February? We have this event in Brazil, it's called campus party. It's like this picture, a lot of people together in a big place with their computers, some of them go then for camping the whole week. They are going there for playing games, for listen to talks, technical talks, a lot of talks about the Internet environment, all kinds of talks. They are there for sharing files, they are then there for a lot of different reasons, but what it's important, it's about 7,000 people expected to the next year, and we will have dual stack network there, Telefonica, Telefonica is the organiser of this event and we are going to have some initiatives, some challenges inside this event to foster these people to navigating the participant websites. So we choose the same dates from campus party to make our regional IPv6 day. After that, we start to talk with Brazilian content providers, to start with, and when we had some basis to make this test, we start to talking about ISOC and LACNIC and other regional providers, and in the last LACNIC meeting at Buenos Aires, we decided to have a broader test, a regional test, so now it's LACNIC plus ISOC plus nic.br initiative. It's a week, seven days. We tried to have content providers participating, as in the World IPv6 Day. We are trying to attract data centres, hosting providers, ISPs and even end users. For ISPs, we are talking about trial with users. We are ?? we don't force any specific percentage of users. We want ?? we don't want to scare N ISPs, we want to have all of them participating. And for the end users, there will be some technic challenges with ours. About World IPv6 Day, that I think we will behaving in June, or January, that is the next lightning talk I think. That is not us and we are not trying to compete with it. We are trying to add. We could not wait more for a definition of this event. Maybe we are a step behind in Brazil and in Latin America and we need to keep moving, we need to do something more concrete in last time, so, that is it. We fully support it and we will foster the participation in our region if it will going to happen really.
Well, your support. We would like to have your support, especially if you have strong presence in our region. If you have ?? if you are ISP and have customers there, we are talking about activate IPv6, and if you are a content provider, Google maybe, facebook, we would be very happy if you could ?? very happy if could you activate AAAA for our regional ccTLDs like .br, .cl, ,
.aer and so on or could you activate worldwide. Why not? Well, it worked on World IPv6 Day very well, so it would not be a problem. It would not cost anything to do that. And it would help us to attract more participation, more local participation.
Well, that is it. Thank you.
(Applause)
Questions?
ROB BLOKZIJL: Thank you very much, and maybe we can hear about your results at the next RIPE meeting. Next is about a world IPv6 event, is this the IPv6 Working Group? (Is this)
JEN LINKOVA: Hi. I hope ten minutes. So, name is Jen, I am working for Google. Actually, I am very happy the time present at the end of the conference some of things I was going to say have been said already.
So, we all know everything about world v6 day, we all know it was great success. I wasn't able to take a day off but looking at my pager for eight hours and that was white. I like it, it should always be like that. We found some technical issues but it was like business as usual and I also think that IPv6 day helped us a lot to solve and debug some interesting technical issues of a course, yes, now nobody knows you can press this big red button and everyone survived. Fantastic. But what I could say about something new: We were able to measure the results, and again, for the whole week, we have been listening presentations about measuring results of IPv6 day and it is awesome because now we can see how successful it was. And we can see some numbers reach a slightly better than just 0.3% we are talking about usually. It was good news. But indeed, I have better one for you: After v6 day was over, v6 was turned back off, and not completely yes; we might list it to YouTube so you can see some increase in IPv6 traffic because if some ?? if people in the room are watching YouTubes instead of listening to my presentation you are probably doing it over v6. Yes numbers, we are doing ?? I agree. So what is the problem? Technical issues but we are working on it, the protocol is not so new but some bugs to be discovered, we got used to it, we can find a lot of different bugs. We have been talking there is no content, operators no, no, we are not going to deploy v6 because our users is not going to use it, there is no content. I was told there is some special content but it is a different story. Contact on v6 and we are working on getting more v6 content. So, second issue: To get to that content users have to go through the broken CP devices and go through the access networks, yes, because I believe backbone networks are mostly done nowadays.
So, CP vendors here, it was on Tuesday, we are ready, everything is fine, we are just waiting for operators to install our devices. And operators still pointing fingers, CP vendors saying no we could not do this because it does not work. It was a very interesting presentation from Australian ASP talking about CPs, finding some brokenness and so on. So, we have a kind of chicken egg problem again, everyone is pointing fingers to other participants and, it's not my fault; it's their fault. In addition, it's a human nature people needs deadlines. I was preparing the presentation yesterday, yes. Not the week before. And so, everyone, if I think it's a kind of basic stuff from time management if you need to do; don't just put it in your to do list, put it in your calendar next Wednesday, then I am going to do that. I think it's one of the problems with v6 deployment here, we are going to do it sometime later or maybe we will get there. Not, today I will think about it tomorrow. And no one was coordinating this event. And from our experience, v6 day helped a lot because it was a community which was leading the v6 day and we had a definite deadline for that, even in Google we were working very hard in June and May and almost all the year before v6 day, to get that done. So, that is great.
So, what is going on? We have been mentions v6 day the whole week and there was a question asked, a lot of times, if we are going to have another event any time soon. So, I hope we will, I will explain later why I am not saying yes we will, but I hope we will. So, the idea is to get another event in June next year, June again so you can just change the year on your slides and not the month. We are trying to involve as many participants ?? when I am saying "we" I don't mean Google; in that case, I mean a group of participants which are organising this event. So, websites, yes. Websites I expect to enable v6, give users content over v6 and it could be measured easily, yeah, we have about how can we measure v6 for websites. Access, it's probably more tricky because we like to have actually a kind of ?? we'd like operators to commit, yes, I am going to give v6 connectivity for at least end person to follow users and I would expect end to be larger than one, and when I am talking about giving v6 connectivity it does not mean I can announce v6 prefixes, it does not mean I am going to make my backbone dual stack, it means your users will be actively using v6, not capable to use v6 because as Geoff said, it is about half of the users. No, we expect N% of your user actually going to google.com and other sites over v6. We will be measuring it, yes, and I hope we will see something better than 0.3% and probably Geoff could see more than 0.4. I hope so.
We would like CP vendors to actively participate but we are still don't exactly know how we are going to measure it. Even for websites, yeah, it could be. Take a question but for CP it's most interesting point. And we'd like people to compete. Could I not promise any prizes but you can see your names on the list of participants but I would like to warn you, committing to provide access for even one percent of your user means you need to deploy v6 fully in your network because not everyone will be using v6 anyway.
And of course, yeah, everyone who would like to participate, come and talk to us. So, how we are going to implement those things I have just mentioned? So far, we are trying to finalise a core group which will be working on that event and again we need participants from all areas, content, ISPs, CP vendors. And we'd like those participants to do some commitments and announce, yes, we are going to do that, and they could ?? and everyone will be able to say, yes, it's actually has been done after the event. And of course, yeah, there are a lot of details to be finalised, so what I am talking right now, it's work in progress, almost nothing finalised, that is why can I not tell you yes it will happen; I can tell you it's likely to happen and I can say that we are working hard to make it happen.
So, back to details, which we are trying to finalise. We still think about how to measure participation because even for users, how can we ?? how can we measure it? It wouldn't be fair to measure by traffic, because there are small sites, websites and so on, small networks and large networks, so probably we will be just measuring a number of, let's say, queries from the given network going over v4 and v6, if 10% of queries to google.com from your network is coming over IPv6, that is good, congratulations.
So, as it's work in progress, we are open to any suggestion. Everyone I have told you could be changed in someone come to us and say it's crap, I have a better idea. You are going to do it wrong I can suggest something better. I hope someone will come and say it. So, no public announcement yet, but again, after details will be finalised we hopefully announce press release. And so, it's in formal discussion. No one has made any commitments yet. It sounds slightly scary but as far as I can remember it's exactly as it was for IPv6 day. People, oh, no, are you serious? You are going to do that? Probably I can but I am afraid, yes and thank you for your analogy, it should be all?out strike. Everybody going on the streets, stop working and doing IPv6. So if you would like to participate, if you are ISP, if your content network, if you CP vendor, please come and talk to us. You would like to see your name on press release, come and tell us, you can make a commitment to provide IPv6 for such number of users. But actually, I am almost done with my presentations. So, I will be here till the end of the meeting, please come and talk to us ?? by the way, I could see people with orange dots their their badges. Please raise your hand if you can provide ?? if at least 1% of your users actually using v6? I was going to buy drink for those guys but too many. OK. Thank you.
(Applause.)
ROB BLOKZIJL: Thank you. The next and last in our list of lightning talks is Randy Bush, who will talk about RPKI validation performance.
RANDY BUSH: This is not about IPv6.
(Applause)
We did that back in '97. We did. All the way to the customer, through the CPE. We made the CPE. This is about performance of RPKI validation in the current prototype test bed, one validator that is in Seattle, about a week's worth of data, the parties that have mediocre performance, we will be fixing this and expect you to have the misfortune of hearing more about this later.
This is connection counts how many times we succeeded in connecting to different servers. You can see this is a bit of a problem, and there is problem down here that is ?? I think it's AfriNIC, but RIPE, we had trouble connecting. This is the same thing in large scale so it's a little easier to see. Big deal. This is how many objects we got from the different repositories. That is pretty boring and consistent. This is good. Boring is good.
This is objects per connection. So you can see we'd get occasional spiking and probably due to connectivity problems earlier in sessions, and this is the log version of it so you can see a little more clearly and it's RIPE and AfriNIC again.
Second, to fetch an object. And watch out, the colours changed. This is AfriNIC that has got the big spikes and of course they had their prototype server, I think it's in Johannesburg but it could be in Mauritius, and here is the log scale version of it, and, you know, I suppose you people are interested in RIPE, which is the red one there, so it's not too bad.
Length of connection: Again, AfriNIC. Here is the log scale version of it. Isn't that yellow lovely? It's so easy to see. And so, what we care about here is the red, RIPE, and that is not too bad, OK? And failure rate: Again, we see AfriNIC having problems and this is the log view of it, same story, except that light green is, again, those spikes you saw earlier, with the RIPE servers.
So, the bottom line is APNIC, these are are all avail on the web continuously ?? so APNIC had some non?conform ant X509 issuer and subject names because of misunderstandings in the protocol. They got about 1,200 objects total, and for those people who were ROA freaks, there you go, 19 objects. And here is RIPE, 422 objects, the same problem with the AS 1 on the issuer stuff, but that is thrash and it will be fixed.
LACNIC, two ROAs, but we have some certificate problems. AfriNIC, again some certificate problems, 20 and ROAs. And also in the design group, unknown obs, we jokingly referred to them as jifs of naked furries. We don't know what they are, but whatever. And stale CRLs a little problem, but 38, this is an ARIN test bed, OK. And so on and so forth. This is my own little server.
So, here is surf net with one ROA and here is national institute of standards and technology, NIS, nine ROAs and stale CRLs.
So drawing pictures is easy; trying to understand what is happening behind them is harder but we are trying to find the problem problems now before we start begged networking on it so it's the performance of the validation and we are all working together to try and make these better and this is just some of the very early numbers. Thanks.
(Applause)
ROB BLOKZIJL: Thank you, Randy. This is the last ?? this was the last of the presentations in our programme, so this is I think the appropriate moment to remind you that, at this RIPE meeting, we had something new that influenced the programme and that was programme committee, the programme committee wants to give a short report of some things that needs your attention. And ?? yes.
SPEAKER: I am Daniel arena and I am a member of the RIPE programme committee. For those who still aren't aware, RIPE has a programme committee and you can read it all on the website, anyway our main task is to make the programme for the RIPE meetings, so I will just go ahead. So this is what we do, and you can read it all about it on the website. And this is who we are. Currently, the programme committee is made of eight members, four are designated by different entities, one from MENOG, from ENOG, Working Group chairs and the local host. So up to this meeting, the members were ?? designated members were Osama, Andrei Roboshevski, Joao Damas and Harald Michl and there is four members from the RIPE community and this means you. The four members that are ?? have been operating until this meeting have been sort of designated, as well, in the last meeting; this is myself, Rob Evans, Sander Steffann and Todd Underwood. But this is a boot strap committee, so in every meeting, there is going to be one community representative to stand down and be replaced by someone who is elected by you and this is what is going to happen now. Because Rob Evans is standing down ?? I can't see him but thank you, Rob, for your work ??
(Applause)
?? and these are the three candidates that have applied for a position in the RIPE programme committee. You are not getting paid. Just volunteering, it's just a lot of work. Can I ask the three people to come up here, Harald MIchl, Filiz Yilmaz and Piotr. So we will ask we will ask every one of you to address the community ?? you can find their biographies on the RIPE 63 website but they are going to speak a few words each.
FILIZ YILMAZ: I put the biography on the website so it's over there and I don't want to take too much time. I just want to summarise the whole thing: Basically, I work for the RIPE NCC as a staff member for ten years and I supported through that position the RIPE community and that was my active participation in the RIPE community by that time. Now, I am not working as a staff member; I want to continue such active support for the community and I think programme committee is a good place for me, because I am willing to go out there and scout for speakers and good topics as I, in my current position, I keep ?? keeping ?? in touch with all sorts of Internet communities, still. So that is pretty much summarises my motivation. Other than that I do believe programme committee may benefit from some female touch. Thank you.
(Applause).
HARALD MICHL: And I am staff member of Vienna university. We are running an exchange point in Austria here and the national research network and to have good contacts and directive in all of the national and international communities, to both of these sectors and as Daniel already mentioned I was on this very first programme committee which was working for the agenda of the plenary here as an appointed member of the local host and I think we have learned a lot and got a lot of experience during organising of this meeting here and I would really like to put this experience so far got into organising and planning the next meetings and that is why I stand up, I want to continue what we have begun.
(Applause)
Piotr: My name is Piotr and maybe I am not looking so seriously on the picture but believe me, I could be more serious. And programme committee is a serious thing. So, I came from Poland, I am working for the technical university in Poland, one of the biggest ones in my country and I think that Poland is a strange place for most of you, and because of that, I am pretty much sure that I can give that new look, give an insight look about the topics which matters in that central and eastern part of the Europe, which is an important part of the RIPE service region. And since I do have ?? because of my duties I do have contact with both academic and commercial customers, I can be in both positions and can imagine what different people in different institutions could do and what we want from my community. Yes. Thank you for voting.
(Applause)
SPEAKER: Thanks for to all the candidates and you can stay here, you can sit down if you want. We are going to vote now by a show of hands. Can I call the three counters that RIPE NCC has kindly put forward for us. So they are going to count the three wings of the room. Can we do a test vote, can everybody take their hand up, just to see that you are listening. That is cool. Perfect. OK. So we are going to go in alphabetical order. Please keep your hands up until I say "stop." So votes for Harald. ? Hands up.
AUDIENCE SPEAKER: Are the votes exclusive?
Daniel: In theory, yes. It's not like we can check. Next time, better way. Thank you. You can put your hands down. Then now votes for Piotor? Hands up. You can put your hands down, I think. And then please hands up for Filiz Yilmaz. Hands down. Thank you. Just a second. Computing. I think the result was pretty clear, if you actually looked at the hands, but Filiz Yilmaz is the new member of the RIPE committee.
(Applause)
So thanks to Harald and Piotr who participated, especially to Harald who was in the RIPE committee, the programme committee, at this time. So another applause for him, please.
(Applause)
And you can stay here for a minute because I am going to call ?? going to scroll the others. Since next time we are going to be in Ljubljana, there is going to be a new representative for the local host, which is Jan Zorz, if he is here. And I don't know if Jan wants to say a couple of words? No. Jan doesn't want to say a couple of words. Then, as ?? OK. So maybe
JAN ZORZ: You are welcome to Ljubljana in next year. Thank you.
(Applause)
Daniel: The big announcement is that João Damas is standing down for the ?? from the programme committee after 100 years, I think, of serving on it, of being the programme committee, so even if he is not here, please let's thank him.
(Applause)
Standing ovation for him. Well someone is going to have to point him to the webcast, I think.
But then, the new representative of the Working Group chairs is Brian Nisbet. Is Brian somewhere? Yes. So please welcome him. And could I ask, also, the last remaining member of the programme committee currently in Vienna, which is Sander Steffann, to come up.
(Applause)
Osama unfortunately wasn't able to make it to Vienna and Andrei has left and Todd has also left. And obviously, there is Filiz, which is the last selected representative. This is us. Please, send us e?mails for, if you want presentations, we are going to issue new call for presentations for anything related to the plenary, mainly, BoF and tutorials. So that is it.
ROB BLOKZIJL: Thank you. As I mentioned several times, this was the first time and we thought in order to encourage you a little bit, in the ?? the RIPE NCC has prepared a small token, as an expression of our appreciation on behalf of the whole community. Those members who are not here, they will receive it by one way or another. Camilla will hand it out and. And once again, thank you, programme committee
(Applause)
ROB BLOKZIJL: The next two items should take one minute each, they are rather a formality. Earlier this week, Daniel Karrenberg mentioned that the RIPE NCC is operating a set of beacons used by the community for test measurements. According to our address policies, the address block used for those beacons, which the RIPE NCC allocated to itself, that allocation should be approved or reapproved from time to time, so my question is, you have all understood this; you have, in one of the sessions, heard some comments from people in the community who are using this, so do you agree that the RIPE NCC continues using this address block for the well specified application? Show of hands. OK. Thank you. Done.
There was another request for ?? are you going to object? You are in a minority, Remco.
Remco: I might be significantly outnumbered but I am supported by policy. There is a policy for allocations to the RIPE NCC and I am just wondering if our arbiters have been asked about this?
DANIEL KARRENBERG: Since you are the author of the policy, you should know that it says that the ?? that the plenary needs to be consulted if either the RIPE NCC registration services department or the arbiters turn down the request. We requested from the RIPE NCC registration services department these address blocks. They turned us down. We went to the plenary.
Remco: You didn't just ?? you didn't bother to even say to the arbiters well this is what we are going to do?
DANIEL KARRENBERG: Read your own words, when it's ??
ROB BLOKZIJL: I think if the arbiters think there is a problem ?? we will ask them, OK.
A similar request was posted earlier in the week by Marco, who will report on this.
Marco: We have received some feedback from the community over the week, without missing out on certain procedural parts which means this request can be ignored. We are back to the drawing board, thank you.
ROB BLOKZIJL: Thank you for speeding up things.
(Applause)
Next is a short as usual technical presentation on the network we have all been using in between hick cups this week.
ERIK ROMIJN: Thank you, Rob. This is the RIPE 63 technical report. I will introduce our TEAM. We have eight people including one manager this time, two of them switching around so they did half the meeting each. From various departments within the NCC.
Basically, our responsibilities include practically everything that has wiring, power blocks, servers, all the webcasting and recording, the laptop, the presentation system I am using, the services centre, registration desk, absolutely anything that involves wires except for beamers and audio. And also even some things without wires.
Our network set?up is quite simple, we have a fibre from A1 which goes straight into the aconet backbone, we have two routers on the venue, one of them in cold stand by and several different networks, so there is the public one which you are all using and two more private networks where we run our servers at the network management.
These are the two rooms in the hotel. So this is the one downstairs. The thing is with the one on the right, is that not actually all those cables are ours; quite a few of them...
So this time we had two floors, so there are is the up link comes in in this patch room, it's actually somewhere here in the bottom and then there is a link down to this floor where we have most of the rest of the network.
AUDIENCE SPEAKER: I have a question. Go back to that last slide. It's missing a notice, it should say "do not touch any of these wires."
ERIK ROMIJN: It's sort of implied. So for new set?ups, we introduced most of the things are still the same, over the last few meetings, one thing we did router advertising monitoring, we have some issues with people sending out route advertisements, we monitor this and manually block people because the filtering cannot be done on the access points. So if we would filter on the switches which is possible, then would you get rogue roost only if you happen to be the same access point, randomly move around, we monitor and manually block somebody. So about half an hour after I switched on the router advertisement daemon, we got the first one. And sure enough we blocked this person from the wi?fi, basically they could associate but no traffic and a day later and it came in and said I have this funny thing, I can't access anything on the wi?fi. And yeah, of course we checked their Mac address, this is Windows so it makes it very easy, anybody who comes into the Ops Room with Windows who can't access Wi?Fi there is a list with MAC addresses we blocked.
So, a few days later we get this one, and this was more funny because if you look at the IPv6 address, this is not a 6 to 4 address that came from the meeting network because those ones will start with 2 O2 and NC 100, this is somebody else's IPv4 address. And so what we did is decoded the address after blocking them, we decoded the address, looked it newspaper Whois and found that it belonged to a particular ISP. They weren't on the list but one of our colleagues new actually that ISP and who here was working for them, so we found the just as they started noticing they didn't have connectivity through their v4 address.
The funniest one we got is this one. Because this is really not a valid IPv6 address; it's ?? and so, I actually didn't block this one because none of the ?? my Mac didn't pick it up so I would assume it would be discarded and I want to have a role packet capture of this. We didn't end up getting one. At some point somebody came into the Ops Room and said I have this funny thing I can't get v4 address from the http and while they were debugging that my colleagues noticed it was the same and disabled the 6 to 4 announcements, gave him a static IP from the closed pack and he was happy. But hearing that story, I thought well, you know, so somebody, the 6 to 4 announcements and somehow they don't get a v4 address from the http. In RIPE 52 I had this slide, also somebody doing a rogue ROAs who denied booting in the XTP, so the same came back here and the filter was still in place. But the funniest thing is that apparently Windows 7 has absolutely no problem doing 6 to 4 announcements even though it doesn't have an IPv4 address. It will still do announcements and:
So, on to the issues we encountered. The issue on first last meeting we reported a problem with IPv6 printing with this printer. It would take a v6 air dress, announce this but not listen on it. So, every printer would be delayed by a few minutes. We ?? disabled IPv6 tell. I am happy to report this is no longer a problem because the whole printer died Sunday evening.
(Applause)
But thanks to our hosts we had a new printer the next morning and you can still print.
Another issue we had is power. The hotel assured us that the power blocks in the floor were actually all different groups and sockets and that is mostly true; it's just that some of them are extremely unreliable. What would happen is as soon as any significant load would be put on the group they would start switching on and off very rapidly. As it turned out there are two colours of sockets we shouldn't use the white ones. So after debugging this for a while, we moved all ofl them, rerouted all the power and since then it's been more stable.
And then as Mac OS Lion users experienced that if they would be on the 2.4 gig network they would disassociate very quickly. And fortunately ?? well fortunately that is not a problem in your network it, it seems, if you look on the Internet you will find that many people actually have trouble with Lion and wi?fi.
So, we did look at the locks in this. Basically the Lion locks will say we are disassociating due to inactivity, the access points lock say nothing so somehow this triggers on our network, it doesn't trigger if you ping something, continuously. But I hope that issue will be fixed in Lion.
AUDIENCE SPEAKER: I want to say this conclusion is completely wrong. This didn't happen only on Lion ?? it happened on everything, it didn't happen on hotel network. So, there is something with this on RIPE network.
Erik: This is the first of the problems. This is one problem where people with Lion would regularly disassociate. People write about this everywhere, but the thing I can say is I am happy you are not all running Windows.
AUDIENCE SPEAKER: I just want to let you know that I have seen this behaviour on A network.
Erik: You are the first to report that one. So problem number two we had on the wire, all these happen at the same time which makes them debugging them significantly harder. Number two would be basically usually the normal ROA interference problems so mostly there is continuous packet loss, it sometimes drops out, high latency but the same thing all the time. We did three things, some of the hotel wi?fi was still running so we had that shut down, we reduced the density that we thought it might be interference between our own access points but the biggest fix was to the sale of the access point of their own there, which we had seen but we figured that that it would be only occasion for some use so we didn't think it would give much interference until we realised they had this very nice iPad ap which was right next to the access point for controlling audio and volume metres for every single channel. So, instead of sending the occasional packet, more than once a second, it would be sending to the iPad the latest volume levels on one of our channels at absolute maximum power, so that caused a lot of interference as well.
The nastiest problem we have is the access point lock?ups. The symptom that would you see here is the connectivity is pretty decent most of the time and then suddenly it dies. There is absolutely nothing. And after about half a minute to two minutes it's completely back to before. So to show you how we put this together. We have the access point and in our real deployment we do attach the antennas and it has a number of clients, it's attached to a switch, it's fast ethernet, runs power over ethernet towards it so it doesn't get its power from this room and there is the operations room where we are.
And basically the symptom we would see is the access point is not just a people behind wi?fi, the entire ?? we can't even ping it over the wide interface any more, it completely stops and this link does not go down; the power doesn't go away or reboot; it just stops. One issue that was pointed to us is that it could be laptops with multiple radios who associate with both and cause broadcast storms, we disabled and there was no change.
So, basically our problem is it's a complete loss of connectivity, it's not directly a ROA issue, it might be triggered by something that happens on the ROA but it's not it's ROA shut down or something, it doesn't ping on this management interface either. It doesn't reboot, there is nothing at all unusual in the logs. There is no ICP users and we think it gets worse under higher loads. There is no software config changes, there is no specific clients or Mac address ranges or vendors that we see over these port filters ?? not caused by dual ROA, somebody suggested port production which didn't help we talked about no ideas at all on what it could be. We have about 50 hardware platforms on the wi?fi so any of them could trigger T that is our best guess for now. In addition when relation to wi?fi problems it has become much busier which I will get to now.
As usual we have deployed TTM antenna, we forget the ?? we had to be more creative. And so we used this to measure the up link but also look at checking v4 versus v6 connectivity. In this particular case it is in Hong Kong and this was the same until they made their v4 connectivity worse, somehow. But the winner this time is RIPE NCC who has 50% of the latency on v6 than on v4. 20 versus 40 milliseconds T has a a bit more jitter in the start but definitely a lot better.
Looking at vendors on the DHCP, apple at the top with 60 percent and includes I pads, all types of Mac Books, we don't have a distinguish. We saw one ?? 16 Blackberrys. The up link traffic is what we are used to. Peak a bit higher than usual but nothing disturbing, the IPv6 traffic is slightly lower than last meeting so in this case we have come to nine percent of our traffic being IPv6. That is not bad but the last meeting it was almost double. So projecting even in the future:
And continuing this trend, we will be no more doing any IPv6 if in RIPE 72.
(Applause)
But as you can see, nine percent is not at all unusual. The last meeting was very high.
We deployed 19 bay stations and this time had a peak of 500 associations, we deployed a few on the top floor because that is pretty quiet. In the plenary we deploy, in this very room there are already ten on this floor, there are 14. And as usual we have applied our same technique for high density distribution, which is why you can only see four of the ten year.
Looking at the past meetings we see a big trend going up and with Dubai being the lowest at 200 at the peak we are now at 500. Compensating this for the number of attendees, we see that it's actually been pretty regular but it's now going up, so in this graph basically one means that we have the same number of peak association as attendees. We also see for the first time we have gone over one which means that on average you are using more than one device per person on the wi?fi at the same time. Should this trend continue, this linear trend, then by RIPE 75 we will expect to you connect 1,500 devices to the Wi?Fi.
We have looked at the devices per attendee that we have sat some point in the wi?fi networks but not necessarily ?? total amount we have giving out and that doesn't grow very fast. Especially if you look at it on the scale starting at zero. This is a small data at that certificate, I have to state it for two meetings but it doesn't seem to be rising which means you are not bringing more devices you are just using more of them at the same time or using them more often. So that is conclusive stats.
For the next meeting, we plan to provide a special software upgrade for Windows users who were still concerned about 6 to 4, all 6 to 4 came from Windows laptops so we will be providing software updates which will assure there will be no 6 to 4
(Applause).
With that, I have one last thing: We will keep the network up until half an hour after the plenary closes. After that it's bonus. So if you want to print your boarding passes please do that before lunch.
ROB BLOKZIJL: Thank you and thank the whole team. You had a busy week. We are coming very close to the end of this meeting. There are two main items left, one is without further ado, the Secret Working Group.
SPEAKER: So we are not quite ready yet. We will entertain you a bit. I hope I have the ?? it's the wrong one.
(Secret Working Group.)
ROB BLOKZIJL: Wilifred Woeber
NIGEL TITLEY: Wilifred's term of of a office documents an end fairly shortly. Wilifred is the only nomination, we have asked for others, the RIPE NCC board is pleased to select Wilifred for a further term. Thank you.
(Applause )
ROB BLOKZIJL: Right. You are almost there for your lunch. I do apologise for running over time. Next slide. We had 465 attendees that is a new record because the old one was 464, and we have seen quite a few graphs this week with exponential increases of this, that and the other. I think if we keep adding one new attendee every meeting, we can still run this for a long time to come.
We had 30% newcomers and 70% of you have been before and thought it's worthwhile to come back.
You came from 57 countries, from various types of organisations and as usual, we are interested in what you thought of this meeting. Here is the feedback form. Please have a look and fill it out in ?? out or in. We thank our hosts and sponsors, especially, I think, I would like to call Christian Panigl, Robert Schischka if they are here and Renata if she is here. She had to leave already. Renata is the lady who organised most of the entertainment in the museum festival from Tuesday and she had a great hand in last night's pleasant, very pleasant entertainment.
Christian, Robert. Next time, we might come to Vienna you will have a very hard job to make it even better than this time.
OK. Here you see all the organisations and companies that played their role making this week of RIPE meeting a successful as it is. Thank you for that.
(Applause).
We have, as usual, a couple of prizes. We had the NCC services centre where people came there and got the tickets and now we will do a draw.
SPEAKER: Number 59.
(Applause)
ROB BLOKZIJL: Hello, Christian. Congratulations. We had a fuzz ball tournament and after some confusion, we have winners. And the winners get a prize.
SPEAKER: Thanks, Rob. Unfortunately Marcus and Tomas have just run?out the door to catch their plane, so I will do the honours. We had a very fears final fight this afternoon between Andreas and Rolf who did very well. However our winners are Christian and Erik. Do we have them in the hall?
(Applause)
SPEAKER: Stealing yourselves for carrying it home. Anyway, congratulations. Thank you very much. Thank you for whoever played, I hope you all enjoyed it.
ROB BLOKZIJL: Last but not least, our early birds, the first three who registered for this RIPE meeting get their traditional token of appreciation. So the numbers 2, 3 and 4, look at the corner on your badge.
(Applause)
And you are, all three, still here.
This is finally the end. See you all at the next RIPE meeting in Ljubljana. Jan Zorz, on behalf of the local host in Ljubljana, already invited all of you passing by this microphone, and I don't think I want to take more of your time. Thank you all for coming and participating. Have a safe journey home and see you in Ljubljana.
LIVE CAPTIONING BY AOIFE DOWNES RPR
DOYLE COURT REPORTERS LTD, DUBLIN IRELAND.
WWW.DCR.IE