Archive for the ‘Vol13-No2’ Category

Vol. 13, No 2, June 2010

Monday, June 28th, 2010

Contents:

From the Editor
Address Sharing
Implementing DNSSEC
Book Review
Fragments
 
 
Download PDF (PDF – 910KB)


 
 
 

Vol 13, No 2 Forum

From the Editor

Monday, June 28th, 2010

Protocol changes are never easy, especially when they involve something as fundamental as the Internet Protocol (IP). This journal has published numerous articles about the depletion of IPv4 addresses and several articles about IPv6, including methods for a gradual transition from v4 to v6. A lot of energy has gone into the development, promotion, and deployment of IPv6, but in reality only a small fraction of the global Internet currently supports IPv6. Meanwhile, the Internet Assigned Numbers Authority (IANA) and the Regional Internet Registries (RIRs) will “soon” (12 to 24 months from now is predicted) run out of IPv4 addresses to allocate. Although this situation has some serious implications for new entrants to the Internet Service Provider (ISP) market, it does not spell the end of the Internet as we know it. Numerous Network Address Translation (NAT) solutions are already widely deployed, and the IETF is discussing other solutions. One example is Address Sharing as explained by Geoff Huston in our first article.

Changes to the Domain Name System (DNS) are also underway. The Domain Name System Security Extensions (DNSSEC) are being gradually deployed in the global Internet. As with any complex technology, implementation of DNSSEC is not without problems. Our second article, by Torbjörn Eklöv and Stephan Lagerholm, is a step-by-step guide for those considering implementing DNSSEC in their network.

By now you will be aware that we have implemented a renewal system for subscribers and will not be automatically extending your subscription unless you contact us via e-mail or use the online tool to renew your subscription. You can find your subscription ID and expiration date either on the back page of your copy or on the envelope that it came in. In order to access your record, click the “Subscriber Services” link on our webpage at www.cisco.com/ipj, and enter your e-mail address and the subscription ID. The system will send you a link that allows direct access to your record, and you will be able to update your address and renew your subscription. If you no longer have access to the e-mail you used when you subscribed, or have forgotten your subscription ID, just send a message to ipj@cisco.com and we will make the necessary changes for you.

–Ole J. Jacobsen, Editor and Publisher
ole@cisco.com

NAT++: Address Sharing in IPv4

Monday, June 28th, 2010

by Geoff Huston, APNIC

In this article I examine the topic that was discussed in a session at the 74th meeting of the Internet Engineering Task Force (IETF) in March 2009, about Address Sharing (the SHARA BOF)[0], and look at the evolution of Network Address Translation (NAT) architectures in the face of the forthcoming depletion of the unallocated IPv4 address pool.

(more…)

Operational Challenges When Implementing DNSSEC

Sunday, June 27th, 2010

by Torbjörn Eklöv, Interlan Gefle AB, and Stephan Lagerholm, Secure64 Software Corp.

As a reader of The Internet Protocol Journal, you are probably familiar with the Domain Name System (DNS) “cache poisoning” techniques discovered a few years ago. And you have most likely heard that Domain Name System Security Extensions (DNSSEC)[0, 13, 14, 15] is the long-term cure. But you might not know exactly what challenges are involved with DNSSEC and what experience the early adopters have gathered and documented. Perhaps you waited with your own rollout until you could gather more documentation about operational experiences when rolling out DNSSEC.

(more…)

Book Review

Sunday, June 27th, 2010

The Art of Scalability

The Art of Scalability: Scalable Web Architecture, Processes, and Organizations for the Modern Enterprise, by Martin L. Abbott and Michael T. Fisher, ISBN-13: 978-0-13-703042-2, Pearson Education, 2010.

It is often claimed that the primary lesson of the Internet is one of “scaling.” So the title of this book bodes well for relevance to Internet designers. A reader would likely expect discussion of hashing algorithms, fast-path coding, protocol latencies and chattiness, distributed redundancy design, and similar guidance for handling a billion users. The reader would largely be wrong, although some of the book is dedicated to technical performance. What is easily missed in the title is the word “organizations.” It does not mean organization of modules. It means organizations within a company.

(more…)

Fragments

Sunday, June 27th, 2010

Call for Candidates for Itojun Service Award
Less than 10% of IPv4 Addresses Remain Unallocated, says NRO
ISOC Funds Projects to Support Internet Access, Security, and Policy Development
RIPE Community Statement on the Internet Address Management System
Upcoming Events
Call for Papers

(more…)