How the Internet works… and why!

Asia Pacific Internet Leadership Program Taipei, TW

26 July 2016

Internet Fundamentals

• How did we get here?

• Layers and standards

• Internet Addresses– and routing

• Domain Names– and rootservers

How did we get here…• Initially, research project (’70-’80s)

– Open, cooperative, public domain– “Rough consensus and running code”

• Then, product of liberalisation (’90s)– Also, catalyst for deregulation– Commercial, competitive environment

• Now, public utility and critical infrastructure (since 2000 and beyond)– “Internet governance” is a recent afterthought

3

4

Before the Internet…

… and many more: Novell, Microsoft etc etc etc

ApplicationsApplications

NetworkNetwork

OSOS

HardwareHardware

?

5

Before the Internet…

6

With the Internet…

Internet Applications

TCP/IPTCP/IP

OSOS

HardwareHardware

… and many more: Novell, Microsoft etc etc etc

☺

7

After the Internet…

Internet

8

After the Internet…

Internet

So, why the Internet?• Open

– Free standards and implementations– Low barrier to entry

• Lightweight– “Dumb”: simple and efficient– Intelligence at the edges: in applications and devices

• Global– Uniform, “End-to-End”

• Neutral– By default

LayersandStandards

Layers – in the telephone network

Wires

Exchanges

Local Loop

Devices

Layers in networking – traditional...

Phone/Fax/SMSTV/VOD/conf“The Internet”

Applications

Fixed, Dialup/ISDNMobile/2G

Cable/ADSLInfrastructure

Voic

eVi

deo

Dat

aNetwork

Layers in the Internet…

13

Voice, email, IMVideo, TV, conf

WWW, +++DNS

Applications

802.11x/WiMaxMobile/4G/LTECable/xDSLxFTTH, ETTH

InfrastructureIn

tern

etNetwork

“Net

wor

k st

ack”

14

So, what is a standard?• Standards operate at different levels of the network “stack”

– in fact they define the stack

• A standard (or protocol) is simply an agreement– among members of a community,– on a set of guidelines or rules,– which allow cooperation (interoperability), – sometimes, in a forum such as ISO, ITU, W3C or IETF.

• An open standard is a standard which is– Developed through open and accessible processes – Freely accessible, implementable and usable– Available without barriers such as licenses and fees.– … “ideally”, at least.

Numbers

What’s an IP Address?• The fundamental Internet address

– Every device must have a numeric network address– Every address must be unique within the network– Every network must have a range (block) of addresses– IPv4 defined by an Internet standard (RFC 791, 1981)

• A finite “Common Resource”– Address pool is limited (eg 32-bit number = 4 billion addresses)– Managed in the common interest, according to policies

• Please learn to distinguish…– Domain names (rigf.asia) and email addresses (pwilson@apnic.net)– IP addresses (IPv4 vs IPv6)– Intellectual Property!

IP Addresses in use…

The InternetGlobal Routing Table

4.128/960.100/1660.100.0/20135.22/16…

Global Routing Table

4.128/960.100/1660.100.0/20135.22/16202.12.29.0/24…

Announce202.12.29.0/24

R

202.12.29.0/24

Traffic202.12.29.0/24

Internet address routing

The Internet

Net

Net

Net

NetNet

NetNet

Net

Net

Net

Net

Global Routing Table4.128/960.100/1660.100.0/20135.22/16…

Global routing table – IPv4

http://bgp.potaroo.net/as1221/bgp-active.html

IPv6

IPv4 vs IPv6• IPv4

– 32-bit* number: 232 = ~4 billion addresses– Example: 202.12.29.142– Existing supply is very nearly exhausted

• IPv6– 128-bit* number: 2128 = 340 billion billion billion billion – Example: FE38:DCE3:124C:C1A2:BA03:6735:EF1C:683D– Existing supply should/must last for many decades

• The transition– Underway since 2000– Much slower than expected– In reality, not needed while IPv4 addresses available

* bit = binary digit

36 million IPv4 addresses left…

http://www.potaroo.net/tools/ipv4/

Why IPv6 ?• IPv4 address supply is exhausted

– New networks require addresses– Stop-gap measures are damaging (NAT)

• The Internet is growing fast– Broadband: mobile and wifi– “Internet of Things”

• IPv6 is the only viable option we have now– Much larger address space than IPv4– Enable sustainable growth of the Internet– Support the emergence of new technologies

Private addresses and NAT

10.0.0.1 ..2 ..3 ..4

The Internet

202.12.29.1 … .2 … .3 … .4

*Network Address Translator – AKA home router, hotspot, etc

NAT*202.12.29.32

ISP202.12.29.0/24

Private addresses and NAT

Internet

10.0.0.202

202.12.29.32

NAT

?Extn 202

Phone Network

02 6262 9898

PABX

10.0.0.202

Carrier Grade NAT (CGN)

ISP

CGN

10.255.255.255 10.0.0.1

?

CGN Challenges

27

1TB per 1K subs per month!

Cable Television Laboratories, Inc. 2012

It has to be IPv6!

Internet

“Things”

Good news…

https://www.google.com/intl/en/ipv6/statistics.html

Good news…

https://stats.labs.apnic.net/ipv6

Good news…

Names

193.0.6.148

196.216.2.12001:42d0::200:2:1

192.149.252.752001:500:4:13::80

2001:13c7:7002:4000::10

202.12.29.211

2001:610:240:22::c100:68b

212.110.167.1572001:41c8:20::19

192.0.32.72620:0:2d0:200::7

People like names…

nixi.inrigf.asia

www.google.com

twitter.com

www.apnic.net

Intgovforum.orgwww.isoc.org

www.icann.org

Using the DNS

The Internet

www.apnic.net

www.apnic.net?

203.119.102.244

DNS

175.98.98.133 203.119.102.244

Domain Name System• Converts domain names to IP addresses

– Like a phone book– A “critical infrastructure service” on the Internet– A specialised directory service, essentially

• Highly distributed and reliable– Distributed servers– Distributed administration– Distributed authority (through “delegation”)– Redundancy/secondary services, caching etc– Security deployment via DNSSEC

– Estimate 1T+ queries per day

DNS hierarchy

whois

www

www www ww

w

.The “root”

net

org

com

asia

in… …TLDs

apnic

iana

….

rigf

nixiSLDs

www.apnic.net.

DNS authority• Root zone

– Managed by ICANN under USG authority

• TLDs – TLD names are delegated by ICANN– gTLDs to nonprofit and commercial Registry organisations– ccTLDs to authorities specified (mainly) by governments

• SLDs– SLD names are delegated/sold by the TLD registry– Most gTLDs have “open second level”– Most ccTLDs have .com/edu/org/gov/etc or .co/ac/or/go/etc– Some ccTLDs also have open second level e.g. yahoo.jp

• 3rd level– ccTLD: may be subject to registry policy e.g. yahoo.co.jp– Or else may be in the private domain of SLD holds

.

net

apnic

www

Domain name resolution - detail

.rigf.asianameserver

.asianameserver

Rootnameserver

198.41.0.4

“NS: 128.250.1.21”

“NS: 8.50.200.5”

“A: 132.234.250.31”

“A: 132.234.250.31”

www.rigf.asia?

Localresolverwww.rigf.asia?

210.80.58.34

132.234.250.31

*All IP addresses are fabricated

What’s in a nameserver?• Authority for a particular zone

– eg “rigf.asia”

• Zonefile records including– A: www = “203.12.45.91” (IPv4 address for this name)– AAAA: www = “2001:FC03::203:EFEF” (IPv6 address)– NS: www = “220.35.35.1” (delegation to another server)

• In real life, much more than this– Caches of recent queries– Secondary (backup) server configurations– Many more record types

What’s in a root nameserver?• The all-important “root zone file”

• NS (delegation) records for all TLDs– gTLDs such as: .com .org .asia etc– ccTLDs such as: .in .us .cn .ch .tv etc– IDN TLDs: . 网络 (Wǎngluò for net) and . 公司 (Gōngsī for com)

• In fact, there are 13 distinct root operators– Named A, B, C, … L and M– Each can have multiple secondaries– Each can have many “anycast” copies/clones/instances– Now there are many hundreds (500++) of individual root servers

globally

Root nameservers worldwide

http://root-servers.org

That’s all folks!

• How did we get here?

• Layers and standards

• Internet Addresses– and routing

• Domain Names– and rootservers

Questions?Thank you

dg@apnic.net