PING

APNIC
  • 5.0 (4)
  • TECH NEWS
  • UPDATED BIWEEKLY

PING is a podcast for people who want to look behind the scenes into the workings of the Internet. Each fortnight we will chat with people who have built and are improving the health of the Internet. The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.

  1. 4D AGO

    The socialised cost of online abuse

    This time on PING I'm talking to Alban Kwan from the Trusted Notifier Network (TNN). I caught up with Alban at the APRICOT/APNIC61 meeting held recently in Jakarta, where Alban was attending the policy and governance sessions with a particular interest in the problem of online abuse mitigation. Alban is interested in bridging the gap between the business and technical communities in this problem space. When it comes to crafting a response, business tends to focus on brand integrity and the real world cost of mitigation when their products and services are abused, used for spam or fraud or suffer inbound attacks against them. The technical community tends to be focused on things like network traffic level views of problems, found in deep packet inspection, running honey nets, looking at firewall logs and in turn, tends to drive security activities in network technology. It's a very real cultural divide. We've discussed the more technical, packet-level distributed threats on previous episodes of ping. We've talked with Adli Wahid from APNIC and with Leslie Daigle from Global Cyber Alliance, discussing honey nets which present as low barrier attack targets and can measure the levels of abuse coming to unprotected websites and online services and help pinpoint where they come from. In addition, Leslie has raised her concern that we need a conversation in wider civil society about the governance issues to address this problem because technology alone can't solve what's clearly a societal problem. TNN is part of that civil society response to online abuse, albeit in a slightly different form, focussed on communication between the involved parties and a concept of a higher trust channel, a better signal-to-noise ratio which reduces real world cost and preserves business reputation. Alban has an interesting analytical model of how to think about the problem and I think it's interesting to look at his engagement with business process and how people build mutuality and trust dealing with abuse problems of any kind.

    45 min

  2. APR 29

    CIDR inside

    In this episode of PING, APNIC Chief Scientist Geoff Huston discusses the tortuous history of The CIDR report Classless Inter-Domain Routing or CIDR, is a mechanism defined in the 90s, to replace the former model of fixed sized networks defined in RFC791 called class-A class-B or class-C (there were actually class-D and class-E but for now we can ignore them) -the "Classless" part means no longer obeying the fixed bit-pattern at the "top" of the address (in the top 3 bits) which defined which class you were in, the classes defining how many addresses were in that block: a Class-A was 17 million, a Class B was 65,000 and a Class C was 256. This worked fine for the early life of the Internet, but under the stresses of exponential growth in the 1990s a new method for allocating addresses was defined, which exploited this "classless" model and allowed people to be given sizes between 17 million and 65,000 or between 65,000 and 256. -Which in turn fixed two problems: access to addresses into the future (through the Regional Internet Registry model of justified need for addressing) and the scaling problems of the routing mechanism. Routing has roots which reach back into the 1950s when a class of methods for describing how to exchange information about paths in a system called "Bellman Ford" was defined. This mechanism came all the way into the future alongside the growth of the Internet and replaced other models of routing which had emerged in networks such as DECnet from Digital Equipment corperation, and we now know as the ubiquitous BGP4 for Border Gateway Protocol, version 4 (a very good name, for the 4th version of something which was modified from the equally well named BGP3, to add in CIDR models of prefixes. The CIDR report grew out of the need to understand who was causing the stress inside BGP, a public commons of everyones routing assertions, where if you did what was entirely rational for you to engineer better routes by announcing more of them, you made every other BGP4 speaker incur a cost. The report helped identify who was the "noisy" BGP speaker, which Autonomous Systems (AS) were responsible and how much more effective could they be, and still achieve their engineering outcome. It was an early version of "nudge" theory, using naming-and-shaming to publicly expose the damage any BGP speaker did to the commons, in a public record. Geoff has been running the CIDR report continuously for over 2 decades, following on from the work of Tony Bates and Phil Smith at Cisco. But, carried into the modern era, after so much discussion of the declining importance of BGP routing on the Internet in a world of "names based" steering for content, how relevant IS the CIDR report?

    49 min

  3. APR 15

    IP Networking in Deep Space

    This episode of PING is an interview with Marc Blanchet from Viagenie in Quebec, Canada. Marc has been active in Internet Procotols and the IETF for decades, most recently focussed on Internet Protocol communications in deep space. Marc presented at the recent APRICOT/APNIC61 meeting held in Jakarta. We've got used to the idea of IP working in Low Earth Orbit, with the rise of Starlink as a high speed service which in many cases out-performs terrestrial services available in rural and remote locations. And, we've had IP services mediated via GeoSynchronous orbit satellites like DirecTV, which are now significantly less popular because of one overriding problem: the very long end-to-end delay. People find the half-second of round-trip time to a GEO satellite unacceptable. But, in space, things get much worse. Marc's work looks at space contexts which go far beyond these orbital "shells" around earth, into the distances to the Moon, to the Asteroid belt, and beyond to other planets. The delay component in these networks isn't just an inconvenience, it has very real implications for rount-trip-time effects on a protocol like TCP, which demands a stream of "ACK" signals to manage the sender and receivers models of bandwidth and delay and retransmission. Marc has been working on how to simulate the effects of these very long delays using earth bound Virtual Hosts and code, using the Linux TUN device, and TC-NETM along with code developed by his team. This allows them to programatically define an experiment in delay, loss, re-ordering terms, which can span hours of packet-in-flight time, and look at how switches and routers, intermediate elements of an end-to-end IP exchange can work. Code patches to these systems to represent delay as a 64 bit quantity now mean it's theoretically possible to test IP out to the edge of the galaxy, if you had a way to keep machines running that long. If we look at what we actually want from IP networks in deep space, TCP isn't the right choice for how to get applications to work: There is a much better choice in QUIC, a more modern session-layer like protocol which can deploy over unreliable transport like UDP, and which integrates transport-layer security and IP address agility into the same model. As Marc discusses in this episode. IP in space is already a reality, with deployment of mobile telephony 4G base stations to the moon, and Chinese researchers experimenting with QUIC. The IETF is actively exploring the protocol options in the TIPTOP working group.

    49 min

  4. APR 1

    What does “BCP” really mean?

    In this episode of PING, APNIC Chief Scientist Geoff Huston discusses an emerging concern about how the IETF interprets the concept of ‘Best Current Practice‘ (BCP). In his previous episode, Geoff explored emerging questions around DNS provisioning over IPv6, including experimental observations on its performance characteristics. Towards the end of the discussion, we turned to how the Internet Engineering Task Force documents standards and protocols through Best Current Practice (BCP) publications. In the traditional view, BCPs are intended to provide clear, implementation-focused guidance that remains neutral across different operational contexts. This includes networks of all scales — from home environments to enterprise, national, and international infrastructure. These systems rely on a shared understanding of protocol behaviour, and BCPs help define the set of practical, interoperable choices available for deployment today. To be designated as a BCP, an IETF RFC undergoes additional review and scrutiny. This is similar to the ‘Standard’ (STD) designation, which elevates an RFC beyond a general publication and gives it greater weight in operational and procurement contexts. While RFCs are not legally binding, they are frequently referenced in national regulations, procurement frameworks, and service specifications. In contrast, Experimental and Informational RFCs explicitly indicate that they are not intended for such use. BCPs, along with Proposed Standards and Standards, carry greater normative weight due to the more rigorous processes required for their approval, making them more suitable as references for real-world deployment and decision-making. An emerging perspective suggests that BCPs may be treated as aspirational as well as definitional — potentially describing behaviours that are not yet widely deployed, or in some cases not deployed at all. This represents a subtle shift from the traditional view of BCPs as documenting established, operational practice. This tension has surfaced in discussions around the DNS/IPv6 draft mentioned in the earlier PING episode. The conversation involves multiple parts of the IETF process, including the DNSOP Working Group, the DNS Directorate (which reviews DNS-related work across Working Groups) and the Internet Engineering Steering Group (IESG), responsible for final document review and status approval before publication as an RFC. These discussions reflect an evolving question: Should BCPs remain a record of established operational consensus, or can they also serve to guide and shape future practice? Advocacy is an important part of the IETF process. But it’s important to distinguish between advocating for a new path in systems and specifying what the current best choice is in the specification of systems behaviour.

    27 min

  5. MAR 18

    bgproutes.io: A next-generation BGP data collection platform

    This episode of PING features Thomas Alfroy and Thomas Holterbach from the University of Strasbourg, talking about bgproutes.io - A new approach to BGP data collection and analysis. We've featured bgproutes.io on PING before, when we discussed GILL and DFOH with Professor Cristal Pelsser from Louvain University. At that stage, the project was in an early stage and we focussed on the machine learning and approaches to selecting the "Most valuable Vantage Point" or MVP in the data sources available. This time, the two Thomases discuss the operational deployment of the service, and how they have designed the system to provide fast visibility to data in a 3 month window, and an API for selection of prefixes and origin-AS of interest, to show the BGP transactions seen in the wild. They've been designing "dashboards" to show both the data and a sense of what logic determined the inferences made about the data. bgproutes.io has been written to process the newer BGP Monitoring protocol (BMP) which provides visibility of the discrete states of the individual BGP speakers who peer at the BMP collection point. So, considering an IX this means that a single feed can supply 50 or more distinct views of BGP. This has permitted the project to grow to over 300 points of view worldwide. The service is complementary to those from University of Oregon routeviews or the RIPE RIS project, and includes data from these sources along with PCH and CGTF Thomas Alfroy presented at the Sydney SIGCOMM meeting where the system was described in the 2024 SIGCOMM ‘best paper’ award-winning research: “The Next Generation of BGP Data Collection Platforms“. Thomas Holterbach is no stranger to the APNIC community having spend time at the IIJ Research Laboratory in Tokyo.

    27 min

  6. MAR 4

    Measuring The Use Of DNS Over IPv6

    In this episode of PING, APNIC Chief Scientist Geoff Huston discusses running advertising-based experiments and a problem of interest in the modern DNS. DNS fundamentally requires end users, their chosen resolver provider, and the authoritative servers for the names they query to cooperate in a coordinated exchange over IP protocols to answer DNS questions. The specifics of how these queries are encoded and transmitted become complex very quickly, but a particular issue is emerging in how we define, in normative and strongly binding terms, the way the protocol is expected to behave. This will shape future deployment decisions, implementation choices, and operational dependencies. The question centres on the use of IPv6 within the DNS ecosystem as a whole. Can we yet say that IPv6-only DNS can be relied upon in operational practice? And if so, should that position be written into the guidance an RFC may define, were it to be elevated to the status of a Best Current Practice (BCP) or BCP document? Geoff is exploring how to measure this by exploiting a DNS model known as ‘glueless’. In this approach, the additional ‘glue’ records that are typically passed around behind the scenes to keep DNS resolution working are not provided by the authoritative server to the resolver. As a result, the resolver is forced to issue further queries, which can in turn be constrained to use IPv6 only. These queries are conducted without many of the usual measurement artefacts — such as error introduced when users close a browser session prematurely, or when attention drifts away from the web page that triggered an advertisement-based test. Some interesting variances are emerging when you look at this data by geographic region and origin-AS. DNS fundamentally requires all of the end users, their chosen resolver provider and the authoritative servers of the names they ask about, to cooperate in a dance over IP protocols to answer DNS questions. The specifics of how these questions encode and are passed around get complex very quickly but a specific problem is emerging in how we define "normatively", with strong force, the ways this protocol works. This is going to affect future deployment, code, and operational dependencies. The question relates to the use of IPv6, inside the DNS system at large. Can we yet declare that IPv6 only DNS can be used reliably, and should we write it into the operational practices an RFC can define if it's elevated to the status of a Best Current Practice or BCP document? Geoff is exploring measurement of this question, by exploiting a model of DNS which is called "glueless" -the extra "glue" which is typically passed around behind the scenes to make DNS work, is not given by the authoritative server to the resolver, and this forces the DNS resolver to ask more questions, which can be in turn forced to be delivered over IPv6 only. These questions are run with none of the usual concerns about the error rate due to drop off by users closing a browser session, and the problems in measurement seen with end users, whose minds may wander away from the web page triggering the advert. Some interesting variances are emerging when you look at this data by geographic region and origin-AS.

    53 min

  7. FEB 18

    Internet measurement in Thailand

    This episode of PING features two members of the Thai academic and research community and was recorded last year at IETF 122 in Bangkok. With a population of more than 70 million, Thailand has around 80 publicly funded universities and a further 70 or more private institutions, and undertakes substantial research in telecommunications and computing. A leading example is the Asian Institute of Technology (AIT), which has run the AINTEC conference across the Asia Pacific. Both of our guests on this episode are associated with AINTEC. First, we hear from Sukumal Kitisin of Kasetsart University, a state-funded institution. She has been working on an Internet measurement programme for the Thai Consumer Council (TCC). The project leverages well-known tools such as Ookla Speedtest and OpenSignal to capture end-user experiences of mobile Internet services in Thailand. These measurements support modelling of broadband speeds and service quality, which the TCC can then use to present consumer evidence to the national telecommunications regulator, the National Broadcasting and Telecommunications Commission (NBTC). While we are often accustomed to discussing measurement using Atlas probes and other ‘insider’ approaches, this work represents a consumer-friendly, simple, and defensible method for capturing the lived experience of real-world users. Secondly, we hear from Adisorn Lertsinsrubtavee, Director of the Internet Education and Research Laboratory (InterLab) at AIT. Adisorn describes a decade-long measurement effort known as HAZEMON, which focuses on low-bandwidth Internet of Things (IoT) devices used to measure suspended particulate matter such as smoke and fumes from diesel and charcoal fires, as well as carbon monoxide and carbon dioxide. Thailand sits at the heart of a South East Asian climate system that is heavily affected by forest fires and persistent smog, with serious health implications. PM2.5 particles can penetrate deep into the lungs and cause lasting respiratory and other health problems as they are absorbed into the body. Monitoring these levels enables the project to model pollutant density, identify significant events such as forest fires, and support on-the-ground responses by firefighting teams and health professionals. The measurwement system uses small, low-energy computing platforms with off-the-shelf particulate sensors, integrated with low-bandwidth radio systems and powered by solar or battery sources where mains electricity is unavailable. These units are deployed across forests and urban areas, with data federated back to AIT for analysis.

    21 min

  8. FEB 4

    BGP in review for 2025

    In this episode of PING, APNIC Chief Scientist Geoff Huston returns with his annual review of BGP, reflecting on developments across 2025. Geoff has been publishing this year-in-review analysis of BGP dynamics for more than a decade, and this time he has uncovered some genuinely surprising shifts. His 2025 analysis has been published in two parts on the APNIC Blog. Border Gateway Protocol (BGP) is the mechanism by which network operators announce their Internet address space to the rest of the world and, in turn, learn about the addresses announced by others. Operators participating in the global default-free zone receive all publicly announced routes, each expressed as an IP prefix and associated with its originating Autonomous System Number (ASN). Every BGP speaker has a unique ASN, and all routing information is exchanged and interpreted through this fundamental identifier. In effect, the ASN is the basic unit of interdomain routing. BGP also carries path information that describes how routing announcements traverse the network. This data informs routing policy decisions — which paths to prefer, and through which commercial or technical relationships. While the protocol itself is well understood, the system as a whole is anything but simple. When more than 100,000 ASes are continuously exchanging routing information, complexity is unavoidable. Speaking BGP is about telling things and learning things, but it’s also about deciding what to do with what has been learned. This is the work behind a router, and involves holding all the information and performing routing decisions on it, so the ‘size’ of the information shared and learned has a direct impact on the ‘cost’ of operating as a BGP speaker (cost here ultimately means memory and CPU). For most of the Internet’s history, BGP growth has been relentless, forcing operators to continually ask whether their current routing infrastructure can accommodate future growth. All technology adoption has a life cycle, and is often referred to as the ‘technology adoption curve’. New technologies start out expensive and scarce, become cheaper and widely adopted, and eventually reach a point of saturation where growth slows and replacement becomes the dominant driver. For much of its existence, the Internet has remained firmly in the rapid growth phase of this curve, with sustained increases in users, networks, and routing information. Geoff has detected changes in the pace of growth for both IPv4 and IPv6, which suggest the underlying economics behind investment in Internet, and growth in customers has reached it’s saturation point: We are entering a time where BGP growth may not have the same dynamics we’ve been used to, and questions about capital investment in BGP routing and underlying Internet Addressing are not the same.

    58 min
See All (50)

Ratings & Reviews

5
out of 5
4 Ratings

About

PING is a podcast for people who want to look behind the scenes into the workings of the Internet. Each fortnight we will chat with people who have built and are improving the health of the Internet. The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.

Information

  • Creator
    APNIC
  • Years Active
    2021 - 2026
  • Episodes
    50
  • Rating
    Clean
  • Copyright
    © Copyright 2026 PING
  • Show Website
    PING

You Might Also Like