On Tuesday, December 14, 2021, an event called Internet Measurement Day – Czech Republic took place; it was organized for the Czech Internet community by ICANN and RIPE NCC in cooperation with the CZ.NIC Association.
The main purpose of the online meeting was to present various methods and tools for measuring the Internet infrastructure. After the introductory speeches by Ondřej Filip from the CZ.NIC association, Gabriella Schittek from ICANN and Chris Buckridge from RIPE NCC, Ondřej Caletka gave a presentation of RIPE Atlas.
The purpose of this tool is to provide information about Internet accessibility using probes located in the network on the servers of volunteers (especially operators). Data from Atlas is publicly available and ready for further possible use by the community of data enthusiasts, as well as others. Data for Atlas is obtained from so-called probes and anchors, which are more robust probes designed for placement in datacenters. Compared to simpler probes, they also have functions designed for servers – DNS and HTTP(s) servers.
RIPE NCC has newly introduced software probes that volunteers can install on their (virtual) servers, routers and devices. Currently, they support CentOS 7 and 8, Debian (9 and 10) and Raspbian, Docker and, last but not least, Turris routers.
Source: Ondřej Caletka, presentation at the Internet Measurement Day
If you want to become a measuring volunteer, all you have to do is get a hardware probe or install a software probe, set up a RIPE NCC access account, earn credits, register the probe, and then just measure and use the measurements from the probe to monitor the network and solve any problems. The credit system is designed to avoid overloading the infrastructure – a measuring volunteer can obtain credits by hosting the probe as a member of the RIPE NCC, hosting an anchor, or sponsoring the probes.
After a sample measurement, Ondřej Caletka introduced RIPE NCC virtualization tools. Should a user find them unsatisfactory, they can download raw data and work with it at will. Or they can use the data uploaded to Google BigQuery for quick processing during troubleshooting.
RIPE Atlas offers three categories of data, namely measurement results, metadata from measurements and probe status data. More information about measurement can be obtained on the RIPE NCC website. Of course, you can additionally ask for even more.
The next presentation was given by Riccardo Stagni from RIPE NCC on the use of RPKI (Resource Public Key Infrastructure). In the introduction, he explained the functioning of the BGP protocol and its limits (“routing by rumour”) and continued with the options to help solve relatively frequent incidents in which RPKI deployment can be used. RPKI typically consists of two elements – the signing ROA (Route Origin Authorization) and the authenticator (other networks). RPKI is not bullet-proof, but it is one of the pieces of the safer Internet puzzle. And as such a piece, it was implemented in the unique FENIX security project operated by NIX.CZ.
Source: Riccardo Stagni, presentation at the Internet Measurement Day
Christian Teuschel spoke about the RIPEstat application (which celebrates its tenth anniversary). RIPEstat is an open data platform for utilizing the RIPE NCC database. It contains data from more than 35 different datasets such as INR and IRR databases of RIPE NCC, BGP routing data, RIPE Atlas, M-Lab and blocklists. From around these parts, it contains data from the Czech measuring tool meter.net.
Source: Christian Teuschel, presentation at the Internet Measurement Day
Alain Durand from ICANN presented activities related to ITHI (Identifier Technology Health Indicators), a long-term project that aims to create a set of indicators that will be measured and tracked over time, helping determine whether the identifier system as a whole is improving or deteriorating. The information collected is to be anonymized and subjected to further analysis by ICANN in order to remedy a potential trouble.
Source: Alain Durand, presentation at the Internet Measurement Day
A measurement system that uses the Turris router was introduced in the presentation by Michal Hrušecký from CZ.NIC. The measuring tool in the Turris router has the same name as its software brother Netmetr, it is integrated into the router’s web interface, and the user can set up regular measurements, view results and monitor possible deviations from the normal state. Anonymized data produced by this project is published as open data.
Michal Hrušecký also introduced Turris Sentinel, which is supposed to “measure” online attacks. The Sentinel system is built on mini-pots running on Turris, which lure the attacker into entering logins and then terminate the connection. The TOP 5 common passwords an attacker uses to try and hack into the system are:
The TOP 5 usernames were:
Source: Michal Hrušecký, presentation at the Internet Measurement Day
In the next presentation, Maciej Andziński showed the “CZ DNS crawler“ tool, which was developed in cooperation with CSIRT.CZ at CZ.NIC Labs, and which is used to navigate large DNS zones without putting too much strain on the network infrastructure. At the input, it gets a list of domains and at the output it “dumps” data on DNS, WEB and MAIL for each domain. More about this tool can be found in the blogpost by Ladislav Lhotka from CZ.NIC. For the fans of data and graphs, CZ.NIC prepared a website that serves as an entry point for graphs and statistics on most of the activities of the Association.
Source: Maciej Andziński, presentation at the Internet Measurement Day
The final presentation was given by Karel Tomala from the Czech Telecommunication Office (CTO), who introduced NetTest, a measuring tool for the needs of the office, which looks at the measurement of Internet infrastructure, or publicly available Internet access services in public electronic communications networks, through the lens of the Open Internet Regulation.
NetTest itself is a tool designed for end users that offers simple measurement, repeated measurement and certified measurement, which was conceived for the needs of service quality claims under the Electronic Communications Act. The measurement data is also published as open data.
Source: Karel Tomala, presentation at the Internet Measurement Day
Unfortunately, NetTest has some limitations that will pose challenges for CTO in the future. The first is the inaccuracy of measurements at higher speeds. Currently, CTO recommends using this tool only to measure speeds up to 500 Mbit/s on download and 250 Mbit/s on upload. It is not for the “gigabit society” that awaits us according to the objectives set out in the European Commission’s proposal. Another problem is that NetTest can show service outages, but in the case of deviations, its measurement is only indicative, according to the CTO claims.
It is great that the organizers arranged this event. Measuring Internet infrastructure, working with big data and interpreting it should be a topic for operators, interest groups, regulators and politicians in the future. As the workshop showed, the problem is that each of the relevant entities looks at the same infrastructure differently, measures it differently and interprets the results differently. Which in turn makes it difficult, for example, to announce grant calls. A unified data fund on the Czech Internet infrastructure, including data from state-owned and operated networks, would improve, for example, the evaluation of white spots and the targeting of subsidies to allocated uncovered regions.
The presentations and the footage of the workshop are available on the event website.