Post on 15-Apr-2017
How the Internet works… and why!
Asia Pacific Internet Leadership Program Taipei, TW
26 July 2016
Internet Fundamentals
• How did we get here?
• Layers and standards
• Internet Addresses– and routing
• Domain Names– and rootservers
How did we get here…• Initially, research project (’70-’80s)
– Open, cooperative, public domain– “Rough consensus and running code”
• Then, product of liberalisation (’90s)– Also, catalyst for deregulation– Commercial, competitive environment
• Now, public utility and critical infrastructure (since 2000 and beyond)– “Internet governance” is a recent afterthought
3
4
Before the Internet…
… and many more: Novell, Microsoft etc etc etc
ApplicationsApplications
NetworkNetwork
OSOS
HardwareHardware
?
6
With the Internet…
Internet Applications
TCP/IPTCP/IP
OSOS
HardwareHardware
… and many more: Novell, Microsoft etc etc etc
☺
8
After the Internet…
Internet
So, why the Internet?• Open
– Free standards and implementations– Low barrier to entry
• Lightweight– “Dumb”: simple and efficient– Intelligence at the edges: in applications and devices
• Global– Uniform, “End-to-End”
• Neutral– By default
LayersandStandards
Layers – in the telephone network
Wires
Exchanges
Local Loop
Devices
Layers in networking – traditional...
Phone/Fax/SMSTV/VOD/conf“The Internet”
Applications
Fixed, Dialup/ISDNMobile/2G
Cable/ADSLInfrastructure
Voic
eVi
deo
Dat
aNetwork
Layers in the Internet…
13
Voice, email, IMVideo, TV, conf
WWW, +++DNS
Applications
802.11x/WiMaxMobile/4G/LTECable/xDSLxFTTH, ETTH
InfrastructureIn
tern
etNetwork
“Net
wor
k st
ack”
14
So, what is a standard?• Standards operate at different levels of the network “stack”
– in fact they define the stack
• A standard (or protocol) is simply an agreement– among members of a community,– on a set of guidelines or rules,– which allow cooperation (interoperability), – sometimes, in a forum such as ISO, ITU, W3C or IETF.
• An open standard is a standard which is– Developed through open and accessible processes – Freely accessible, implementable and usable– Available without barriers such as licenses and fees.– … “ideally”, at least.
Numbers
What’s an IP Address?• The fundamental Internet address
– Every device must have a numeric network address– Every address must be unique within the network– Every network must have a range (block) of addresses– IPv4 defined by an Internet standard (RFC 791, 1981)
• A finite “Common Resource”– Address pool is limited (eg 32-bit number = 4 billion addresses)– Managed in the common interest, according to policies
• Please learn to distinguish…– Domain names (rigf.asia) and email addresses (pwilson@apnic.net)– IP addresses (IPv4 vs IPv6)– Intellectual Property!
IP Addresses in use…
The InternetGlobal Routing Table
4.128/960.100/1660.100.0/20135.22/16…
Global Routing Table
4.128/960.100/1660.100.0/20135.22/16202.12.29.0/24…
Announce202.12.29.0/24
R
202.12.29.0/24
Traffic202.12.29.0/24
Internet address routing
The Internet
Net
Net
Net
NetNet
NetNet
Net
Net
Net
Net
Global Routing Table4.128/960.100/1660.100.0/20135.22/16…
Global routing table – IPv4
http://bgp.potaroo.net/as1221/bgp-active.html
IPv6
IPv4 vs IPv6• IPv4
– 32-bit* number: 232 = ~4 billion addresses– Example: 202.12.29.142– Existing supply is very nearly exhausted
• IPv6– 128-bit* number: 2128 = 340 billion billion billion billion – Example: FE38:DCE3:124C:C1A2:BA03:6735:EF1C:683D– Existing supply should/must last for many decades
• The transition– Underway since 2000– Much slower than expected– In reality, not needed while IPv4 addresses available
* bit = binary digit
36 million IPv4 addresses left…
http://www.potaroo.net/tools/ipv4/
Why IPv6 ?• IPv4 address supply is exhausted
– New networks require addresses– Stop-gap measures are damaging (NAT)
• The Internet is growing fast– Broadband: mobile and wifi– “Internet of Things”
• IPv6 is the only viable option we have now– Much larger address space than IPv4– Enable sustainable growth of the Internet– Support the emergence of new technologies
Private addresses and NAT
10.0.0.1 ..2 ..3 ..4
The Internet
202.12.29.1 … .2 … .3 … .4
*Network Address Translator – AKA home router, hotspot, etc
NAT*202.12.29.32
ISP202.12.29.0/24
Private addresses and NAT
Internet
10.0.0.202
202.12.29.32
NAT
?Extn 202
Phone Network
02 6262 9898
PABX
10.0.0.202
Carrier Grade NAT (CGN)
ISP
CGN
10.255.255.255 10.0.0.1
?
CGN Challenges
27
1TB per 1K subs per month!
Cable Television Laboratories, Inc. 2012
It has to be IPv6!
Internet
“Things”
Good news…
https://www.google.com/intl/en/ipv6/statistics.html
Good news…
https://stats.labs.apnic.net/ipv6
Good news…
Names
193.0.6.148
196.216.2.12001:42d0::200:2:1
192.149.252.752001:500:4:13::80
2001:13c7:7002:4000::10
202.12.29.211
2001:610:240:22::c100:68b
212.110.167.1572001:41c8:20::19
192.0.32.72620:0:2d0:200::7
People like names…
nixi.inrigf.asia
www.google.com
twitter.com
www.apnic.net
Intgovforum.orgwww.isoc.org
www.icann.org
Using the DNS
The Internet
www.apnic.net
www.apnic.net?
203.119.102.244
DNS
175.98.98.133 203.119.102.244
Domain Name System• Converts domain names to IP addresses
– Like a phone book– A “critical infrastructure service” on the Internet– A specialised directory service, essentially
• Highly distributed and reliable– Distributed servers– Distributed administration– Distributed authority (through “delegation”)– Redundancy/secondary services, caching etc– Security deployment via DNSSEC
– Estimate 1T+ queries per day
DNS hierarchy
whois
www
www www ww
w
.The “root”
net
org
com
asia
in… …TLDs
apnic
iana
….
rigf
nixiSLDs
www.apnic.net.
DNS authority• Root zone
– Managed by ICANN under USG authority
• TLDs – TLD names are delegated by ICANN– gTLDs to nonprofit and commercial Registry organisations– ccTLDs to authorities specified (mainly) by governments
• SLDs– SLD names are delegated/sold by the TLD registry– Most gTLDs have “open second level”– Most ccTLDs have .com/edu/org/gov/etc or .co/ac/or/go/etc– Some ccTLDs also have open second level e.g. yahoo.jp
• 3rd level– ccTLD: may be subject to registry policy e.g. yahoo.co.jp– Or else may be in the private domain of SLD holds
.
net
apnic
www
Domain name resolution - detail
.rigf.asianameserver
.asianameserver
Rootnameserver
198.41.0.4
“NS: 128.250.1.21”
“NS: 8.50.200.5”
“A: 132.234.250.31”
“A: 132.234.250.31”
www.rigf.asia?
Localresolverwww.rigf.asia?
210.80.58.34
132.234.250.31
*All IP addresses are fabricated
What’s in a nameserver?• Authority for a particular zone
– eg “rigf.asia”
• Zonefile records including– A: www = “203.12.45.91” (IPv4 address for this name)– AAAA: www = “2001:FC03::203:EFEF” (IPv6 address)– NS: www = “220.35.35.1” (delegation to another server)
• In real life, much more than this– Caches of recent queries– Secondary (backup) server configurations– Many more record types
What’s in a root nameserver?• The all-important “root zone file”
• NS (delegation) records for all TLDs– gTLDs such as: .com .org .asia etc– ccTLDs such as: .in .us .cn .ch .tv etc– IDN TLDs: . 网络 (Wǎngluò for net) and . 公司 (Gōngsī for com)
• In fact, there are 13 distinct root operators– Named A, B, C, … L and M– Each can have multiple secondaries– Each can have many “anycast” copies/clones/instances– Now there are many hundreds (500++) of individual root servers
globally
Root nameservers worldwide
http://root-servers.org
That’s all folks!
• How did we get here?
• Layers and standards
• Internet Addresses– and routing
• Domain Names– and rootservers
Questions?Thank you
dg@apnic.net