Tag Archive for IP

| April 30, 2015
Comments Off on Romania Leads IPv4 Market

Romania Leads IPv4 Market

Romania Leads IPv4 MarketI first wrote about the grey market in IPv4 addresses when Microsoft (MSFT) bought Nortel‘s IPv4 IP block back in 2011. A  recent article from CircleID proves the market has caught up with Bach Seat. In the CircleID article, Doug Madory, Director of Internet Analysis at Dyn reports that the market for IPv4 addresses is heating up especially in Europe.

RIPE’s IPv4 transfers

According to Dyn, statistics from RIPE, the European registrar, show that the IPv4 market has heated up. RIPE’s table of transfers of provider aggregatable (PA) IPv4 address clearly shows a rapidly increasing rate of transfers of IPv4 address blocks and unique IPv4 addresses.  In fact:

  • increasing rate of transfers of IPv4 address blocksFebruary 2015 saw the most organizational transfers (373).
  • November 2014 saw the most unique address transfers (nearly 2 million).
  • The number of transfers in the RIPE region far outpaces any other region.

Romania is a key player in IPv4

An analysis of the RIPE data by the author finds that Romania is a key player in the IPv4 market.

  • Romania Leads IPv4 MarketDuring 2014/15 1,069 (58%) transfers came from Romanian organizations.
  • 947 (51%) of all the blocks transferred in the RIPE region were from a single Romanian organization, namely, Jump.ro.
  • Jump is willing to sell large blocks of IPv4 address space (around $10/address) or lease smaller blocks for $0.50/address/year.
  • Of the 4,656 routed prefixes that make up the Saudi Arabia part of the Internet, 1,498 or almost a third of them were Romanian just a few months ago.
  • The Syrian state telecom got 5.155.0.0/16 from Romania’s Nav Telecom last August and Iranian telecoms bought over 1 million unique IP addresses in 85 transfers over the past year (80% from Jump.ro).
  • Saudi Telecom received 17 IPv4 transfers since September last year representing over 1.5 million IP addresses: 14 were from Romanian sources and the other 3 were from
  • Ukraine.  At $10/address, those addresses would have cost Saudi Telecom $15 million.

A side-effect of the IPv4 gray market is abetting the growth of global routing tables to dangerous levels. The first effects of this were seen in August 2014 when BGP routing tables grew to over 512,000 routes when many older routers could no longer properly track the routes. ZDNet explains that routes are typically kept in a specialized kind of memory called Tertiary Content Addressable Memory (TCAM) which has a limited capacity which fails when it is full.

The author asks what are the implications of all this? Now that the Romanians have demonstrated that there is a lucrative business to be had in selling off IPv4 address space, will we see ISPs in developing countries rush to sell off their address space for some quick cash?  If such sales result in the IPv4 space getting sliced more and more thinly, we can surely expect the global routing table to increase in size, perhaps dramatically, as a result.

Will this cause more router meltdowns?

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , ,
| June 26, 2014
Comments Off on Who’s Hacking Who?

Who’s Hacking Who?

Update – The hacking map function seems to have been shut down – I got an error message “All access to this object has been disabled.

Who's Hacking Who?A new animated map of the Internet created by the U.S.-based computer security firm Norse helps cyber-defenders visualize where hackers are coming from and illustrate just how ubiquitous hacking is around the world according to a recent article by Maya Kosoff from BusinessInsider.

Norse logoSt. Louis-based Norse offers a product call IPViking which displays a map and lists of the countries doing the most hacking, the countries getting hacked the most, and the types of attacks happening. Quartz noted the animated map looks kind of like the vintage video game Missile Command.

Norse, founded by a former intelligence expert with the U.S.’s Department of Homeland Security explained to Smithsonian Magazine how the system works;

attacks shown are based on a small subset of live flows against the Norse honeypot infrastructure, representing actual worldwide cyber attacks by bad actors.

Who's Hacking Who?

BI continues that the map doesn’t show all the hacking going on in the world, it could be a representative snapshot of today’s hacking ecosystem. A snapshot of the stats shows some of the baseline back-and-forth hacking attempts. Today, over 5 hours,

The top attack types:

  1. SSH port 22 – 6,308 attacks
  2. SIP port 5060 – 2,380 attacks
  3. Microsoft-DS port 445 – 2,317 attacks
  4. MS-SQL-S port 1433 – 2,193 attacks
  5. DNS port 53 – 2,182 attacks
  6. HTTP-Alt port 8080 – 2,007 attacks
  7. SNMP port 161 – 1,367 attacks
  8. MS-term-services port 3389 – 1,327 attacks

Internet Attacks

Rank# of Attacks sentAttack OriginsRank# of Attacks receivedAttack Target
112,216China127,667United States
27,827United States
21,161Thailand
32,446Mil/Gov31,077Hong Kong
42,161Netherlands4682Canada
51,899France5655 Portugal
61,351Russia6650Australia
71,331Canada7600Singapore
8717Hong Kong8469Netherlands
9627Thailand9458France
10495Bulgaria10411Bulgaria
Internet Attacks as logged by Norse IPViking on 6-25-14 approx. 11:00 to 16:00

rb-

I have posted a couple of good maps on here before. This map relays a lot of good info while being mesmerizing also. The amount of malicious traffic flying at U.S. sites is staggering. The attacker’s emphasis is on basic network services, SSH, SIP, AD, SQL, DNS, HTTP, SNMP. Attacks on the basic services we rely on reinforce the urgency for U.S. network users to get their basics in order. The U.S. and China are locked in an escalating war about online spying that threatens to devastate business for companies in both countries.

Now for the really scary part. This IPViking map only reveals the tip of the hack-attack iceberg. It only shows penetration attempts against Norse’s network of “honeypot” traps. The real number of hack attempts lighting up interwebs at any given moment is far, far greater than this cool piece of big data mining can ever possibly show.

Related articles
  • A secure cloud can keep an enterprise safe from attack (cloudentr.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , ,
| April 23, 2014
Comments Off on No More POTS!

No More POTS!

No More POTS!A.G. Bell‘s question to Watson over a century ago may be relevant again. Tom Nolle at No Jitter explains how that can happen if the FCC expedites the transition to VoIP. Mr. Nolle, the founder of CIMI Corporation does not think that the basic quality of voice service is at risk. He does believe but there are some truly profound consequences to a decision to abandon TDM voice. He believes it will happen, it’s smart to think about the end of POTS — as relates to both opportunities and risks.

70% of business voice is still TDMTelecommunications has long been more than analog voice and copper loops. The author points out that regulations have stayed in the “TDM” Dark Ages. Operators like AT&T (T) have demanded the FCC modernize things. To deal with these issues, the FCC bundled its transitions (TDM-to-VoIP, fixed to mobile, copper to fiber) into a single Technology Transition Policy Task Force. The recommendations from that activity will hopefully launch experiments in promoting change while controlling the risk of unfavorable impacts. The recommendations of the TTPTF (quite the acronym!) are posted online (PDF) and he says it’s a clarion call for change. So instead of talking about the process, let’s look at the impact.

Who still uses TDM

Mr. Nolle the CIMI principal consultant estimates, that 40% of US households still have TDM voice. Businesses have a higher TDM commitment. The article says that nearly 70% of business voice is still TDM. Suppose we saw TDM voice go away completely; what would happen?

Transition access lines and trunks to EthernetFirst, little besides voice that requires TDM services and trunks. Which he says means we would see all access lines and trunks transition to packet–almost certainly to Ethernet. The author says this could increase the number of Ethernet business connections by about 28%. it would also likely increase the access bandwidth commitments by branch offices and SMBs (using DSL, fiber, cable, etc.) by over 50%. Metro and access vendors would benefit from this almost immediately because it’s likely that operators would start to promote Ethernet access and IP voice more strongly as soon as the “experiments” showed signs of success.

Operators already like the notion of an “access-first” strategy where they supply a fat pipe to a customer and then build ad hoc services over it. Ethernet or packet access encourages that, so giving that to everyone would drive operators quickly to look for rapid service deployment tools so that they don’t lose all the new access-generated opportunities to the over-the-top players (OTTs). The author believes that operator interest in software defined networks (SDN) and network functions virtualization (NFV) are linked to this very thing. After all it’s silly to talk about “improved service velocity” if you have to restring an access connection to upgrade service.

Impact on Internet policy

Net neutrailityThe second impact Mr. Nolle sees is on Internet policy. This voice transition raises the question of the difference between “packet” or “IP” and “the Internet”. You can do VoIP over any IP, including private networking. That’s done with a lot of IP voice today in fact. Operators could in theory augment their services to customers by building IP services that bypass the Internet, but that would pose issues in linking the services to current devices in the home or in businesses. OTTs would surely want to get involved in any new service opportunity, and all that raises the triple-threat question of QoS, settlement, and Net Neutrality.

There’s no barrier to QoS in “private” IP networks, but on the Internet, the Net Neutrality order last year said that you could offer QoS only if the subscriber pays for it. Most practical Internet QoS opportunities arise because an OTT like Netflix (NFLX) could gain by offering QoS to customers. They’d pay the ISPs and either embed the cost or perhaps eat it to improve their differentiation. But the FCC said “No!” Now the new FCC Chairman, Tom Wheeler, says “Perhaps”–at least he did in a speech to a university audience. If that were to become policy, it would likely drive QoS for Internet services, and that would drive settlement among ISPs and content players.

QoS stops where the ISP hands off the trafficSettlement has been a big issue for the Internet since the 1990s. Customers pay their own ISP, so if there’s no money flow from that ISP to others, QoS stops where the ISP hands off the traffic. That’s inhibited the value of the Internet for applications that need QoS, but it perhaps encouraged smaller players and startups who couldn’t pay like Google (GOOG) or Netflix could. Whether this small-player benefit is more for VCs who then have to raise less funding to get an OTT off the ground is an interesting question–but in any event, adding settlement and QoS to the Internet would almost certainly increase operator interest in providing service quality for a fee, which in turn would increase network investment, helping equipment vendors and carriers alike… In short, it would change the industry.

Mr. Nolle concludes that VoIP could be a back door to making the Internet a real network and not a service on top of carrier IP infrastructure. That could remake our experiences online, and the vendors’ fortunes in the marketplace. So watch the progress of this initiative; it could have huge impacts.

rb-

ATT has already made its move to get rid of POTS lines in Michigan. ATT has bribed gotten politicians in Lansing to introduce Senate Bill 636. Michigan SB 636 would amend the Michigan Telecommunications Act (PDF) to let ATT and their fellow travelers eliminate POTS lines in Michigan.

Melissa Seifert, associate state director for government affairs for AARP Michigan says eliminating POTS lines in the Great Lakes State would impact many people. It would affect small-business owners who use fax machines and credit card verification systems, she said, as well as emergency services in parts of the state where cell phone access is unreliable. According to the Michigan Public Service Commission, roughly 3 million Michiganders subscribe to landline service. About 90 percent of households of folks ages 65 and older still use landlines for “lifelines.”

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| September 12, 2013
Comments Off on PoE Overworked

PoE Overworked

PoE OverworkedGary Audin at No Jitter warns that Power over Ethernet (PoE) is not always a plug-and-play environment and PoE should be monitored, managed, and efficient. In this article, Mr. Audin observes that PoE has evolved into an electrical power device utility platform. POE started out as a centralized power source for IP phones, backed up with an Uninterruptible Power Supply (UPS). (rb- Click here and here for my overview of PoE) Since those early Cisco dominated days. The article says PoE now is called upon to support wireless access points; environmental controls; point, tilt, and zoom cameras; lighting control; clocks; door controls; Bluetooth devices; RFID; now laptops, and still more to come.

The LAN switch is the PoE source, but the article warns it can be overwhelmed with the power drain, which produces headaches for IT. Unless properly managed, the PoE function can experience:

  • power drainA blown-out power supply. Smoke is an indicator of this condition.
  • Reduced power to all devices with degraded service from all the attached devices.
  • An added PoE device does not work.
  • The more power is drawn by PoE, the shorter the UPS battery life. The original UPS design could last 20 minutes. Added PoE devices could shorten this to 3 minutes.

PoE IP phones and other devices can signal to the PoE network what class of device it belongs to and how much power it may need. Class 0 devices, usually older devices, do not indicate their PoE power requirements. These devices may draw any power level from none to maximum. The other standard classes, 1-3, range from very low power to mid-level power consumption.

Class 4 is a newer class of device requiring PoE+ (802.1at) and needs to draw more than the 12.95 Watt maximum provided by the original standard PoE. Class 4 devices must be powered by PoE+ ports and may not function correctly on an 802.3af PoE port. Most IP phones are in class 2. IP phones with color screens and other advanced features may be categorized as class 3 devices.

PoE classes

PoE Access Points Wireless LAN access points are also common PoE devices, many of which started out as class 2 and 3 devices. As the wireless speeds increased, so did the power requirements. The 802.11ac standard means that the access points (AP) will have a 1 Gbps connection back to the switches and routers.

site-surveyAt issue is the PoE required. It is likely that each AP could need 20 to 30 watts, the limit that the 802.1at PoE+ standard delivers. Many installed switches cannot support PoE+. So the enterprise has to buy new switches or power supplies or power injectors. (rb- add this to your site-survey when you plan to implement 802.11ac)

Mr. Audin spoke to Tim Titus, CTO, and founder of PathSolutions, (they happen to sell a network management tool) about what he considers a good approach to monitoring and managing POE. He told No Jitter,

“Regardless of whether there are any PoE or PoE+ devices on a network, it can be very helpful to monitor the health of our network equipment’s power supplies. The best monitoring system watches the status and power consumption of each power supply, what percentage of utilization it is running, and which interfaces are drawing power, so power policing can be achieved.”

He provided this example of missing power management.

“Keeping an eye on power supplies avoids unpleasant discoveries. One unlucky network administrator had two power supplies installed in a network chassis (one primary and one backup). Unfortunately, when the primary power supply stopped working, nobody knew, since the backup power supply was doing its job of keeping everything running. The problem wasn’t noticed for over six months. Nobody was in the empty remote wiring closet to notice the lack of lights on the power supply. The users remained blissfully unaware of impending doom until the wee hours of a weekend when the second power supply was shut off by a circuit-breaker trip!” 

Mr. Titus pointed out to Mr. Audin, that monitoring should happen at the port level,

“Not only will a monitoring system show you what mode a PoE port is operating in, but it should also provide a view of relevant error counters.

  • MPS Absent and Invalid Signature errors frequently point to broken or defective powered devices.
  • Overload conditions and short-circuits typically point to wiring problems (or somebody re-wiring devices in use).
  • Denied errors can point to devices asking for more power than the switch has available, and may indicate that it is time to consider adding another power supply to a large Ethernet chassis.”

How did that happen?

Finally, many network engineers try to buy limited PoE due to the cost premium of POE ports, only to find that half of their PoE ports are used by non-PoE devices such as PCs. With a monitoring tool, the engineers could have avoided buying expensive PoE ports or purchased less expensive “ordinary” Ethernet ports.  The engineers should have an up-to-date PoE port inventory and use it to avoid over-buying the PoE by playing safe in their design. (rb- Been there done that, I’ve been in many customer’s closets and found POE switches full of PC and printer access ports.)

rb-

The author warns not to assume that PoE is always a plug-and-play environment. PoE should be handled like a utility–monitored, managed, and efficient.

I have tried to build custom fields by working with reports in SolarWind’s Orion by working with MIBs, it’s not the funnest thing in the world. I wonder if this product does a better job.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| April 10, 2012
One comment

Order A Pizza With IoT

Order A Pizza With IoTA pizzeria in Dubai has unveiled a new refrigerator magnet that can order a pizza with a single tap. Samantha Murphy at Mashable reports that a pizza box-shaped magnet called the VIP Fridge Magnet is connected to Red Tomato Pizza in Dubai.

The magnet is preset to order a pizza online and is networked to the Internet of Things via a  Bluetooth connection on a smartphone. Red Tomato Pizza then sends a confirmation text and delivers the pizza soon after. You can also update your pizza selection online at any time.

Order Red Tomato PizzaThis isn’t the first time a pizza company has used modern technology to make ordering easier. Ann Arbor, Michigan based Dominos Pizza (DPZ) has an app that allows users to place, customize and pay for their order with a few taps.

Ms. Murphy points out that refrigerators have also recently been in the spotlight for embracing the web. In fact, Samsung touted a refrigerator that tweets, plays music, and even displays your Google Calendar. Meanwhile, LG announced earlier this year a new line of smart appliances, including a refrigerator that helps you maintain your diet, sends recipes to your smart oven and even keeps you posted when you run out of certain groceries.

rb-

This is a great example of the “Internet of Things” by creating a new application by combining the IP network, Bluetooth networking, and smartphone technologies to do a task with very little human interaction.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,