SlideShare uma empresa Scribd logo

RIPE Atlas

RIPE NCC
RIPE NCC

Presentation given by Daniel Karrenberg in February 2011 at DomainPulse in Vienna

Tecnologia
1 de 33
Baixar para ler offline
RIPE Atlas! A “Real Big” Measurement Network Daniel Karrenberg Chief Scientist
RIPE TTM (used for DNSMON) 2
Light Map 3
Intuition: 1000 Probes 4
Intuition: 5000 Probes 5
Intuition: 10k Probes 6
Intuition: 20k Probes 7
Intuition: 50k Probes 8
Intuition: 10k Probes & 1 AS 9
Ambitious Community Effort Instead of building small, separate, individual & private infrastructures, build one huge common infrastructure that serves both the individual goals and the community goals. 10
Ambitious Community Effort •  Individual Benefits -  Lessexpensive than rolling your own -  More vantage points available -  More data available •  Community Benefits -  Unprecedented situational awareness -  Wealth of data, … 11
Intuition -> Plan •  For accurate maps we need more probes •  Deploying very many TTM boxes too expensive •  Smaller probes •  Easily deployable •  USB powered •  24 x 365 capable 12
Probe Deployments 13
Probe Deployments 14
Probe Deployments 15
Probe Capabilities •  Version 0 -  Ping to fixed targets (IPv4 & IPv6) ✔ -  Traceroute to 1st two upstream hops ✔ •  Version 1 -  Ping& Traceroute to variable targets -  DNS queries to variable targets •  Version 2 -  Your ideas ? •  Upgrades are automatic 16
What you see is what you get 17
Hosting = Credits = Measurements 18
Host Applications 19
Hosting = Credits = Measurements 20
Hosting = Credits = Measurements updated hourly on 21
Sponsorship = Credits = Measurements 22
Sponsorship = Credits = Measurements 23
Sponsorship = Credits = Measurements For sponsorships see me during the meeting, or contact me: <daniel.karrenberg@ripe.net> 24
Questions?
Spare Slides / Anticipated Questions Spare Slides 26
Why Hardware and not Software Probe ? •  Comparable and Reliable Measurements -  Known and uniform environment -  Tamper resistant •  24 x 365 -  Install and Forget -  Not dependent on host system, needs little power •  Security -  Not attractive nor easy target for botnet herders -  Not introducing potential weakness in host systems 27
Is this the RIPE Botnet ? •  No •  Architecture is security conscious -> MAT WG •  Probes do not offer services, no open ports •  Probes are no interesting targets -  Very special environment -  Not really powerful either •  Infrastructure is designed with security in mind •  Measurements will be rate limited …. 28
Private Measurements ? •  We are not offering this as a service for private and confidential measurements •  All results should benefit the community, also those of individually configured measurements -  Modalitiesto be discussed -> MAT WG -  Embargo periods -  Aggregation -  Anonymisation •  If you want to keep it very secret, run your own. 29
Relation to Other RIPE NCC Services ? My personal vision, to be discussed in MAT WG and with current users: •  TTM will become part of RIPE ATLAS -  Powerful class of probes -  “Beacon” probes (some interest already) -  RIPE Atlas framework of operation and services •  DNSMON will become a class of RIPE Atlas measurements 30
Measurement nodes – “Probes” •  Probe (v1 / generation 1): -  Lantronix XPortPro -  Very low power usage -  8MB RAM, 16MB flash -  Runs uClinux -  No FPU, no MMU, virtually no UI -  A reboot costs <15 (<5) seconds -  An SSH connection costs ~30 seconds -  We can remotely update the firmware -  Form factor of the finished probe is “just right” 31
RIPE Atlas - Overall Architecture 32
RIPE Atlas - Security aspects •  Probes have hardwired trust material! (registration server addresses / keys) •  The probes don’t have any open ports, they only initiate connections -  This works fine with NATs too •  Probes don’t listen to local traffic, there are no passive measurements running -  There’s no snooping around 33

Recomendados

RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
RIPE Atlas - A Real Big Measurement Network
RIPE Atlas - A Real Big Measurement NetworkRIPE Atlas - A Real Big Measurement Network
RIPE Atlas - A Real Big Measurement NetworkRIPE NCC
 
Tools for Measurements and Analysis
Tools for Measurements and AnalysisTools for Measurements and Analysis
Tools for Measurements and AnalysisRIPE NCC
 
Zero to ten million daily users in four weeks: sustainable speed is king
Zero to ten million daily users in four weeks: sustainable speed is kingZero to ten million daily users in four weeks: sustainable speed is king
Zero to ten million daily users in four weeks: sustainable speed is kingplumbee
 
Routing Security
Routing SecurityRouting Security
Routing SecurityRIPE NCC
 
Routing Security
Routing SecurityRouting Security
Routing SecurityRIPE NCC
 

Recomendados

RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
RIPE Atlas - A Real Big Measurement Network
RIPE Atlas - A Real Big Measurement NetworkRIPE Atlas - A Real Big Measurement Network
RIPE Atlas - A Real Big Measurement NetworkRIPE NCC
 
Tools for Measurements and Analysis
Tools for Measurements and AnalysisTools for Measurements and Analysis
Tools for Measurements and AnalysisRIPE NCC
 
Zero to ten million daily users in four weeks: sustainable speed is king
Zero to ten million daily users in four weeks: sustainable speed is kingZero to ten million daily users in four weeks: sustainable speed is king
Zero to ten million daily users in four weeks: sustainable speed is kingplumbee
 
Routing Security
Routing SecurityRouting Security
Routing SecurityRIPE NCC
 
Routing Security
Routing SecurityRouting Security
Routing SecurityRIPE NCC
 
Secure Routing
Secure RoutingSecure Routing
Secure RoutingRIPE NCC
 
Routing Security
Routing SecurityRouting Security
Routing SecurityRIPE NCC
 
RIPE Atlas, A “Real Big” Measurement Network"
RIPE Atlas, A “Real Big” Measurement Network"RIPE Atlas, A “Real Big” Measurement Network"
RIPE Atlas, A “Real Big” Measurement Network"RIPE NCC
 
In-situ MapReduce for Log Processing
In-situ MapReduce for Log ProcessingIn-situ MapReduce for Log Processing
In-situ MapReduce for Log ProcessingQian Lin
 
Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)packetloop
 
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Savvius, Inc
 
From ensembles to computer networks
From ensembles to computer networksFrom ensembles to computer networks
From ensembles to computer networksCSIRO
 
Executing for Every Screen: Build, launch and sustain products for your custo...
Executing for Every Screen: Build, launch and sustain products for your custo...Executing for Every Screen: Build, launch and sustain products for your custo...
Executing for Every Screen: Build, launch and sustain products for your custo...Steven Hoober
 
Asterisk Deployments
Asterisk DeploymentsAsterisk Deployments
Asterisk DeploymentsAsterisk Community
 
Mongo for the Mission Critical Enterprise
Mongo for the Mission Critical EnterpriseMongo for the Mission Critical Enterprise
Mongo for the Mission Critical EnterpriseMongoDB
 
What Does Big Data Mean and Who Will Win
What Does Big Data Mean and Who Will WinWhat Does Big Data Mean and Who Will Win
What Does Big Data Mean and Who Will WinBigDataCloud
 
What is Reactive programming?
What is Reactive programming?What is Reactive programming?
What is Reactive programming?Kevin Webber
 
Lean & agile with MongoDB
Lean & agile with MongoDBLean & agile with MongoDB
Lean & agile with MongoDBJohannes Brandstetter
 
Embedded is not special
Embedded is not specialEmbedded is not special
Embedded is not specialAnne Nicolas
 
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...SL Corporation
 
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016Zabbix
 
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ People
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ PeopleArtem Kolyshkin - Nexus: How We Do Scrum with 150+ People
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ PeopleAgile Lietuva
 
Nagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
Nagios Conference 2012 - Jason Cook - Nagios and Mod-GearmanNagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
Nagios Conference 2012 - Jason Cook - Nagios and Mod-GearmanNagios
 
Optimizing Performance in Qt-Based Applications
Optimizing Performance in Qt-Based ApplicationsOptimizing Performance in Qt-Based Applications
Optimizing Performance in Qt-Based Applicationsaccount inactive
 
Big data hadoop-no sql and graph db-final
Big data hadoop-no sql and graph db-finalBig data hadoop-no sql and graph db-final
Big data hadoop-no sql and graph db-finalramazan fırın
 
Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 

Mais conteúdo relacionado

Semelhante a RIPE Atlas

Secure Routing
Secure RoutingSecure Routing
Secure RoutingRIPE NCC
 
Routing Security
Routing SecurityRouting Security
Routing SecurityRIPE NCC
 
RIPE Atlas, A “Real Big” Measurement Network"
RIPE Atlas, A “Real Big” Measurement Network"RIPE Atlas, A “Real Big” Measurement Network"
RIPE Atlas, A “Real Big” Measurement Network"RIPE NCC
 
In-situ MapReduce for Log Processing
In-situ MapReduce for Log ProcessingIn-situ MapReduce for Log Processing
In-situ MapReduce for Log ProcessingQian Lin
 
Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)packetloop
 
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Savvius, Inc
 
From ensembles to computer networks
From ensembles to computer networksFrom ensembles to computer networks
From ensembles to computer networksCSIRO
 
Executing for Every Screen: Build, launch and sustain products for your custo...
Executing for Every Screen: Build, launch and sustain products for your custo...Executing for Every Screen: Build, launch and sustain products for your custo...
Executing for Every Screen: Build, launch and sustain products for your custo...Steven Hoober
 
Mongo for the Mission Critical Enterprise
Mongo for the Mission Critical EnterpriseMongo for the Mission Critical Enterprise
Mongo for the Mission Critical EnterpriseMongoDB
 
What Does Big Data Mean and Who Will Win
What Does Big Data Mean and Who Will WinWhat Does Big Data Mean and Who Will Win
What Does Big Data Mean and Who Will WinBigDataCloud
 
What is Reactive programming?
What is Reactive programming?What is Reactive programming?
What is Reactive programming?Kevin Webber
 
Embedded is not special
Embedded is not specialEmbedded is not special
Embedded is not specialAnne Nicolas
 
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...SL Corporation
 
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016Zabbix
 
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ People
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ PeopleArtem Kolyshkin - Nexus: How We Do Scrum with 150+ People
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ PeopleAgile Lietuva
 
Nagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
Nagios Conference 2012 - Jason Cook - Nagios and Mod-GearmanNagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
Nagios Conference 2012 - Jason Cook - Nagios and Mod-GearmanNagios
 
Optimizing Performance in Qt-Based Applications
Optimizing Performance in Qt-Based ApplicationsOptimizing Performance in Qt-Based Applications
Optimizing Performance in Qt-Based Applicationsaccount inactive
 
Big data hadoop-no sql and graph db-final
Big data hadoop-no sql and graph db-finalBig data hadoop-no sql and graph db-final
Big data hadoop-no sql and graph db-finalramazan fırın
 

Semelhante a RIPE Atlas (20)

Secure Routing
Secure RoutingSecure Routing
Secure Routing
 
Routing Security
Routing SecurityRouting Security
Routing Security
 
RIPE Atlas, A “Real Big” Measurement Network"
RIPE Atlas, A “Real Big” Measurement Network"RIPE Atlas, A “Real Big” Measurement Network"
RIPE Atlas, A “Real Big” Measurement Network"
 
In-situ MapReduce for Log Processing
In-situ MapReduce for Log ProcessingIn-situ MapReduce for Log Processing
In-situ MapReduce for Log Processing
 
Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)
 
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?
 
From ensembles to computer networks
From ensembles to computer networksFrom ensembles to computer networks
From ensembles to computer networks
 
Executing for Every Screen: Build, launch and sustain products for your custo...
Executing for Every Screen: Build, launch and sustain products for your custo...Executing for Every Screen: Build, launch and sustain products for your custo...
Executing for Every Screen: Build, launch and sustain products for your custo...
 
Asterisk Deployments
Asterisk DeploymentsAsterisk Deployments
Asterisk Deployments
 
Mongo for the Mission Critical Enterprise
Mongo for the Mission Critical EnterpriseMongo for the Mission Critical Enterprise
Mongo for the Mission Critical Enterprise
 
What Does Big Data Mean and Who Will Win
What Does Big Data Mean and Who Will WinWhat Does Big Data Mean and Who Will Win
What Does Big Data Mean and Who Will Win
 
What is Reactive programming?
What is Reactive programming?What is Reactive programming?
What is Reactive programming?
 
Lean & agile with MongoDB
Lean & agile with MongoDBLean & agile with MongoDB
Lean & agile with MongoDB
 
Embedded is not special
Embedded is not specialEmbedded is not special
Embedded is not special
 
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
10 Tricks to Ensure Your Oracle Coherence Cluster is Not a "Black Box" in Pro...
 
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
Mikhail Serkov - Zabbix for HPC Cluster Support | ZabConf2016
 
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ People
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ PeopleArtem Kolyshkin - Nexus: How We Do Scrum with 150+ People
Artem Kolyshkin - Nexus: How We Do Scrum with 150+ People
 
Nagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
Nagios Conference 2012 - Jason Cook - Nagios and Mod-GearmanNagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
Nagios Conference 2012 - Jason Cook - Nagios and Mod-Gearman
 
Optimizing Performance in Qt-Based Applications
Optimizing Performance in Qt-Based ApplicationsOptimizing Performance in Qt-Based Applications
Optimizing Performance in Qt-Based Applications
 
Big data hadoop-no sql and graph db-final
Big data hadoop-no sql and graph db-finalBig data hadoop-no sql and graph db-final
Big data hadoop-no sql and graph db-final
 

Mais de RIPE NCC

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in TechRIPE NCC
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfRIPE NCC
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISRIPE NCC
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopRIPE NCC
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfRIPE NCC
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsRIPE NCC
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing SecurityRIPE NCC
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfRIPE NCC
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasRIPE NCC
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasRIPE NCC
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet InfrastructureRIPE NCC
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenRIPE NCC
 

Mais de RIPE NCC (20)

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet Registry
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate Action
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in Tech
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement Tools
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the Baltics
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing Security
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE Atlas
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement Services
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in Sweden
 

Último

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Último (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

RIPE Atlas

  • 1. RIPE Atlas! A “Real Big” Measurement Network Daniel Karrenberg Chief Scientist
  • 2. RIPE TTM (used for DNSMON) 2
  • 10. Ambitious Community Effort Instead of building small, separate, individual & private infrastructures, build one huge common infrastructure that serves both the individual goals and the community goals. 10
  • 11. Ambitious Community Effort •  Individual Benefits -  Lessexpensive than rolling your own -  More vantage points available -  More data available •  Community Benefits -  Unprecedented situational awareness -  Wealth of data, … 11
  • 12. Intuition -> Plan •  For accurate maps we need more probes •  Deploying very many TTM boxes too expensive •  Smaller probes •  Easily deployable •  USB powered •  24 x 365 capable 12
  • 16. Probe Capabilities •  Version 0 -  Ping to fixed targets (IPv4 & IPv6) ✔ -  Traceroute to 1st two upstream hops ✔ •  Version 1 -  Ping& Traceroute to variable targets -  DNS queries to variable targets •  Version 2 -  Your ideas ? •  Upgrades are automatic 16
  • 17. What you see is what you get 17
  • 18. Hosting = Credits = Measurements 18
  • 20. Hosting = Credits = Measurements 20
  • 21. Hosting = Credits = Measurements updated hourly on 21
  • 22. Sponsorship = Credits = Measurements 22
  • 23. Sponsorship = Credits = Measurements 23
  • 24. Sponsorship = Credits = Measurements For sponsorships see me during the meeting, or contact me: <daniel.karrenberg@ripe.net> 24
  • 26. Spare Slides / Anticipated Questions Spare Slides 26
  • 27. Why Hardware and not Software Probe ? •  Comparable and Reliable Measurements -  Known and uniform environment -  Tamper resistant •  24 x 365 -  Install and Forget -  Not dependent on host system, needs little power •  Security -  Not attractive nor easy target for botnet herders -  Not introducing potential weakness in host systems 27
  • 28. Is this the RIPE Botnet ? •  No •  Architecture is security conscious -> MAT WG •  Probes do not offer services, no open ports •  Probes are no interesting targets -  Very special environment -  Not really powerful either •  Infrastructure is designed with security in mind •  Measurements will be rate limited …. 28
  • 29. Private Measurements ? •  We are not offering this as a service for private and confidential measurements •  All results should benefit the community, also those of individually configured measurements -  Modalitiesto be discussed -> MAT WG -  Embargo periods -  Aggregation -  Anonymisation •  If you want to keep it very secret, run your own. 29
  • 30. Relation to Other RIPE NCC Services ? My personal vision, to be discussed in MAT WG and with current users: •  TTM will become part of RIPE ATLAS -  Powerful class of probes -  “Beacon” probes (some interest already) -  RIPE Atlas framework of operation and services •  DNSMON will become a class of RIPE Atlas measurements 30
  • 31. Measurement nodes – “Probes” •  Probe (v1 / generation 1): -  Lantronix XPortPro -  Very low power usage -  8MB RAM, 16MB flash -  Runs uClinux -  No FPU, no MMU, virtually no UI -  A reboot costs <15 (<5) seconds -  An SSH connection costs ~30 seconds -  We can remotely update the firmware -  Form factor of the finished probe is “just right” 31
  • 32. RIPE Atlas - Overall Architecture 32
  • 33. RIPE Atlas - Security aspects •  Probes have hardwired trust material! (registration server addresses / keys) •  The probes don’t have any open ports, they only initiate connections -  This works fine with NATs too •  Probes don’t listen to local traffic, there are no passive measurements running -  There’s no snooping around 33