ブロードバンドの普及に伴う インターネット・トラフィックに関する調査 報告書
ブロードバンドの普及に伴う インターネット・トラフィックに関する調査 報告書
ブロードバンドの普及に伴う インターネット・トラフィックに関する調査 報告書
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
..............................................................................................................................................3......................................................................41.1 IX .......................................................................................................41.1.1 IX ............................................................................................41.1.2 ......................................................................41.1.3 ......................................................................................71.1.4 ..................................................................................................................71.1.5 IX .............................................................................................81.2 IX .............................................................................................................121.2.1 JPIX................................................................................................................................121.2.2 JPNAP............................................................................................................................121.2.3 NSPIXP2........................................................................................................................131.2.4 IX ..........................................................................................................................14........................................................................152.1 ...............................................................152.1.1 ....................................................................................................152.1.2 ...........................................................................................................162.2 .......................................................................................172.2.1 ............................................................................................................172.2.2 ................................................................................................172.3 ...........................................................20............................................................213.1 ISP ........................................................................213.2 ...............................................................................223.2.1 ............................................................................223.2.2 ....................................................................................233.2.3 SNMPSimple Network Management Protocol......................................................253.2.4 ....................................................................................................283.2.5 flow ...........................................................................................................293.3 ...................................................................................................48................................................................494.1 ISP ............................................494.2 IP .....................................514.3 ...................................................................524.3.1 SNMP ................................................................................................524.3.2 Flow export ..............................................................................534.3.3 IP ..............................................................534.4 3 .......................................................................................544.4.1 SNMP .......................544.4.2 IP ..........................554.4.3 ............................584.5 .......................................................................................601
IX .......................................................................................................................615.1 ...........................................................................615.1.1 ................................................................615.1.2 Constraint-Base Routing....................................625.1.3 BGPBorder Gateway Protocol..................................645.2 IX .....................................68DNS ...........................................................................................696.1 ...................................................................................696.1.1 ........................................................................................................696.1.2 DNS ..........................................................................................696.1.3 ............................................................................................................766.1.4 ............................................................................................766.2 ...................................................................................796.2.1 dnsprobe ............................................................................................................796.2.2 ........................................................................................................................806.2.3 ....................................................................................................................816.3 .......................................................................856.3.1 dnsprobe ............................................................................................856.3.2 ................................................................................................906.3.3 ............................................................................................................................936.4 ...............................................946.4.1 M ...........................................................................946.4.2 ............................................................................................946.4.3 ........................................................................................................................956.4.4 ................................................................972
Cooperative Association for Internet Data Analysis2003 3 3
45 42 IX rrdtool/MRTG 1.2 IX https://stats.linx.net/cgi-pub/combined?log=combined.bits IX 5
1.3 IX http://loadrunner.uits.iu.edu/mrtg-monitors/starlight/6
1.1.3 IX IX 1.4 IX IX IX 1.1.4 7
1.1.5 IX IX http://www.torontointernetxchange.net/ http://www.napoftheamericas.com/index2.htm \ 8
\ \ 9
\\ \ 11
1.2 IX IX JPIXhttp://www.jpix.co.jp/JPNAPhttp://www.jpnap.net/NSPIXP2https://nspixp.sfc.wide.ad.jp/ 100 ISP ISP IX ISP IX IX SNMPSimple Network Management ProtocolIX 1.2.1 JPIX JPIX 100 1.5 24 1.5 JPIX http://www.jpix.co.jp/jp/techncal/traffic.html1.2.2 JPNAP JPNAP 30 JPNAP 20Gbps 1.6 JPNAP http://www.jpnap.net/jpnap/fr-traffic.html12
1.2.3 NSPIXP2NSPIXP2 100 1.7 NSPIXP2 15Gbps NSPIXP2 1.7 NSPIXP2 http://nspixp.sfc.wide.ad.jp/Traffic/ 1.8 NSPIXP2 13
IX 1.9 NSPIXP2 1.2.4 IX IX IX IX IX 14
ADSL CATV DNS IX HD (High Definition) 2.1 2.1.1 (PDA) 10100kbps 1050Mbps LAN 110Mbps LAN (10Mbps ) 3Mbps (1Mbps ) 300kbps PHS (100kbps ) 30kbps LAN PDA 15
HD HD MPEG-2 HD 2030Mbps FTTH (100Mbps ) 30Mbps MPEG-2 HD SD (Standard Definition) 30Mbps2.1.2 CPU: PowerPC G4 400Mhz OS: Mac OS X 10.2.4 : QuickTime Streaming : QuickTime Streaming Server 4.1.3 : RTSP/UDP: 100MbpsMPEG4 3M (2.4Mbps)300k (306kbps)30k (48kbps)HD MPEG4 QuickTime FTTH 30M (20Mbps ) 24 2.1 16
2.2 2.2.1 UDP QuickTime Streaming MRTG (Multi Router Traffic Grapher) :30M 3M 300k 30k MRTG 2.2.2 2.1 9.5%17
30M 2.2 30M 30M 11.2%3M 2.3 3M 3M 1.0%18
300K 2.4 300K 300K 0.2%30K 2.5 30K 30K 0.4%19
30M 3M/300k 3M End-to-End UDP 30M 24 10% 50% 30k FTTH PHS ( 128kbps) 30k 10%last one mile HD HD FTTH 3M/300k 10HD 100Mbps QuickTime Streaming MRTG 5 5 2.3 QuickTime Streaming IP 20
2 1 SNMP 3.1 ISP ISP ISP MCI WorldCom RTTRound Trip Time (http://www.worldcom.com/global/about/network/latency/)AboveNet IX (http://west-boot.mfnx.net/traffic/nrt1/nspixp2.html) AboveNet NSPIXP2 ISP 3.1 AboveNet NSPIXP2 21
3.2 3.2.1 100Mbps 1 12Mbyte1 715Mbyte1 42Gbyte1 1Tbyte 3 3 IP 10000 IP ASAutonomous System22
3.2.2 pingtraceroutenetstatping ICMPInternet Control Message Protocoltraceroute IP TTLTime-To-Live ICMP TIME_EXCEEDED IP TTL 1 traceroute traceroute netstat23
Traceroute/Looking glass projecttraceroute ping traceroute/looking glass project traceroute 3.2 traceroute.org 24
3.2.3 SNMPSimple Network Management ProtocolSNMP SNMP MIBManagement Information BaseRFC1157 1RFC1441 2 SNMP SNMP 3.3 SNMP SNMP SNMP SNMP computer 3.1 SNMP 25
SNMP SNMP MIB SNMP snmpwalksnmpwalk snmp snmp snmpwalk 3.4 MIB 3.5 snmpwalk 26
MRTGMulti Router Traffic GrapherSNMP MRTGMulti Router Traffic GrapherRRDtoolRRDRound Robin Databasecricket SNMP SNMP SNMP SNMP MRTG SNMP NICNetwork Interface Card MRTG in/out 3.6 MRTG 27
3.2.4 tcpdump tcpdump libpcap tcpdump 17:47:57.645226 0800 62: 10.0.0.201.1967 192.168.0.130.21: S 192976724:192976724(0) win8192 mss 1460,nop,nop,sackOK (DF)17:47:57.652837 0800 60: 192.168.0.130.21 10.0.0.201.1967: S 2786713294:2786713294(0) ack192976725 win 17520 mss 1460 (DF)17:47:57.653074 0800 60: 10.0.0.201.1967 192.168.0.130.21: . ack 1 win 8760 (DF)17:47:57.712136 0800 113: 192.168.0.21 10.0.0.201.1967: P 1:60(59)ack 1 win 17520 (DF) [tos0x10]tcpdump tcpdump byte IP mac IP mac tcpdump tcpdump 28
3.2.5 flow flow Cisco Systems NetFlow IETF RFC3176 sFlow 2 NetFlow Cisco Systems N 1 UDP NetFlow CAIDA cflowd cflowd NetFlow UDP cflowd cflowd NetFlow Cisco IOS Extreme Networks Juniper Networks NetFlow sFlow 2001 9 InMon RFC3176 Foundry Networks Cisco Systems NetFlow NetFlow Cisco Systems 9 NetFlow 4 DataExport FlowCollectors NetFlow NetFlowServer 29
3.7 NetFlow DataExport UDP 3.8 NetFlow UDP NetFlow 5 NetFlow Export Version 5 Header Formatushort version; /* Current version=5*/ushort count; /* The number of records in PDU */ulong SysUptime; /* Current time in msecs since router booted */ulong unix_secs; /* Current seconds since 0000 UTC 1970 */ulong unix_nsecs; /* Residual nanoseconds since 0000 UTC 1970 */ulong flow_sequence; /* Sequence number of total flows seen */uchar engine_type; /* Type of flow switching engine (RPVIPetc)*/uchar engine_id; /* Slot number of the flow switching engine */ Flow 2 3 5 6 7 8 ID 30
FlowCollector DataExport UDP NetFlow Server 3.9 FlowCollector Server FlowCollector FlowAnalyzer TCP 3.10 Server 31
FlowAnalyzer FlowCollector FlowServer 3.11 FlowAnalyzer FlowAnalyzer FlowScan CAIDA FlowAnalzer 3.12 32
3.13 3.14 33
sFlow sflow 4 DataExport agent collector analyzer sflow 3.15 sFlow 3.16 sFlow 34
sFlow InMon Traffic ServerInMon 5tuples RFC3176 ASAutonomous System AS 3.17 AS 35
3.18 3.19 36
3.20 3.21 37
DoS 3.22 3.23 38
3.24 3.25 39
DoS 3.26 3.27 40
3.28 5tuples 3.29 41
Foundry IronView Network ManagerFoundry Networks DOS 3.30 2 VLAN 3.31 VLAN 42
3.32 IP MAC 3.33 43
HP Internet Usage ManagerHewlett Packard 3.34 44
ntopUNIX top RRDRound RobinDatabase 3.35 3.36 45
3.37 5tuples 3.38 46
GenieNRM 5tuples 3.39 3.40 47
3.3 MRTG 48
ISP 4.1 ISP ISP ISP NTT ISP 4.1 ISP 49
ISP ISP NTT ISP ISP ISP L2L2 L2 L3 IPInternet Protocol L3 IP NTT ISP ISP L2 L3 ISP ANTT ISDN ADSLB- NTT IP L3 NTT L3 B ISP XL2L3 C ISP Y L3 L3 ISP 50
4.2 IP IP IP IP IP IP IP BGP 4.2 BGP 51
4.3 3 SNMP Flow export IP 3 ISP 4.3.1 SNMP SNMP MIB IP MIB MIB SNMP SNMP SNMP community name Read only SNMP SNMP SNMP SNMP ISP SNMP SNMP ISP SNMP ISP ISP 52
SNMP 4.3.2 Flow export Flow export ISP Flow export Flow export Flow export PC Flow export ISP Flow export ISP 4.3.3 IP IP ISP port mirror IP PC HDD IP ISP 53
4.4 3 4.4.1 SNMP SNMP ISP ISP IX incomming outgoing 2 byte count ( byte )time stamp()4 1 0 24 5 ISP 6 ISP (Gbps)/ A B C A N/A 1.2 2.5 B 1.5 N/A 4.3 C 2.6 3.8 N/A N/A 4.1 54
ISP ISPSNMP ISP ISP ISP ISP (ISP)4.4.2 IP IP ISP ISP IX NetFlowsFlow Flow export port mirroringtcpdump 2 6 src ip address IP dst ip address IP src port numdst port numprotocoltime stamp4 1 0 24 2,016 5 55
RRS()IPaddress ISP 6 ISP ISP Gbps/ A B C A 2.2 1.2 2.5 B 1.5 3.7 4.3 C 2.6 3.8 3.2 N/A 4.2 (Mbps)Protocol + Port TCP 80 572TCP 25 62UDP 53 13 4.3 5 156
ISP ISPport mirroring Flow export ISP ISP HDD PC ISP (ISP)ISP NTT IP L3 RRSRegion Registry ServiceIP ISP IP RRS RRS DNS TLD ISP 1.2.3.57
4.4.3 IP ISP ISP NetFlowsFlow Flow export port mirroringtcpdump 2 inboundoutgoing 3 protocol + src port protocol + dst port 4 1 0 24 5 ISP 5 protocol + src port protocol + dst port ISP ISP 58
Gbps/ A B C A N/A 1.2 2.5 B 1.5 N/A 4.3 C 2.6 3.8 N/A N/A 4.4 5 1 ISP ISPport mirroring / flow export ISP ISP HDD PC ISP (ISP) ISP ISP 1.2.3.59
4.5 3 IP src ip addressdst ip address ISP 3 3 SNMP ISP IP IP IX ISP IP IP ISP IP ISP ISP ISP 3 ISP ISP 60
IX HD IPv6 P2P IP IX 5.1 5.1.1 IP DoS 5.1 61
2000 3 9 17 24 HTTPFTP 6 4 3 MPLSMulti Protocol Label SwitchingMPLS ISP 5.1.2 Constraint-Base RoutingIGPInterior Gateway Protocol IP OSPFOpen Shortest Path First CSPF CR-LDP CSPFConstrained Shortest Path First IP SPF OSPF SPF 2 62
CSPF CSPF RIPRouting Information ProtocolOSPF CR-LDPConstraint- based Routed Label Distribution ProtocolMPLS LDP LSRLabel Switching RouterDISCOVERY TCP LDP 2 1. LSR 2.CR-LDP ERExplicit Route MPLS 5.2 MPLS 63
LSR-1 LSR-1LSR-2LSR-3LSR-4 MPLS LSR-2LSR-3LSR-4 ER ER LABEL REQUEST LSR-2 ER LSR-3 LSR-3 ER LSR-4 LABEL MAPPING LABEL MAPPING LSR-3 LSR-3 LSR-2 LSR-2 LSR-1 LSP CR-LDP OSPF IGP 5.1.3 BGPBorder Gateway ProtocolRIP/OSPF ASBGPBorder Gateway Protocol BGP local impact/global impact BGP AS3 5.3 BGP BGP 10 BGP PathVector RIP OSPF BGP AS_PATH 256 AS_PATH AS BGP 64
Route FlappingRoute Flapping prefix UPDATE WITHDRAW BGP IX ISP peer IX up/down peer UPDATE/WITHDRAW peer flap prefix penalty penalty prefix Route Flap Dampening Route Flap Dampening ISP CiscoJuniper 5.4 Route Flap DampeningPunching HolePunching Hole AS100 133.11.23.4/24 IPv4 AS200AS300 /24 prefix AS200 AS300 133.11.23.4/24 Default Free ZoneAS200 AS300 AS300 AS200 BGP 6 prefix DFZ Punching Hole ISP DFZ flapping DFZ G.Labovits 40%G.Labovits G. Robert and Farnam Jahanian, “Internet Routing Instability”, IEEE/ACMTransactions on Networking, August, 1997 Punching Hole 65
InternetAS200AS300TransitAS100133.11.23.4/24 5.5 Punching HoleInvalid Origin ASInvalid Origin AS 133.27/16 AS5 originate AS1 AS5->AS3->AS2- AS_PATH AS4 133.27/16 prefix originate AS1 AS4->AS3->AS2 UPDATE AS1 AS1 133.27/16 AS4 Invalid Origin ASMOASMultiple Origin ASMOAS Zhao BGP Xiaoliang Zhao Dan Pei Lan Wang Dan MasseyAllison Mankin S. Felix, Wu Lixia Zhang “An Analysis of BGP Multiple Origin AS (MOAS)Conflicts”, ACM SIGCOMM Internet Measurement Workshop, August, 2001Nagahashi MOAS IRRInternet Routing RegistryKengo NAGAHASHI, Hiroshi ESAKI and Jun MURAI, "AnIntegrity Check for the Conflict Origin AS Prefixes in the Inter-domain Routing",IEICETransaction on Communications Special Issue on Internet Technology III, No.2,pp.526-533,Feb.2003. 5.6 Conflict Origin AS BGP local impact global impact ISP AS AS route flappingMOAS globalinternet 66
BGP local impactglobal impact global impact IXInternet Exchange RIPE NCC RISRouting Information ServiceOregon Route Viewer BGP RIPERoute Viewer 3 1 UPDATE/WITHDRAW global impact Local impact Route Flapping1 prefixMOAS reboot UPDATEWITHDRAW BGP BGP UPDATE/WITHDRAW 5.1 2003 5 19 0:00 23:00(GMT) UPDATE UPDATE/WITHDRAW UPDATE origin-AS prefix 80,809UPDATE73.9% 59,761 WITHDRAW 25,054 57.4% 14,392 local impact route flapping 14 UPDATE/WITHDRAW MOAS local impact global impact 5.2 UPDATE/WITHDRAW route flapping global impact BGP route flapping global impact 67
5.2 IX IX 60 IX ISP ISP PFI 68
DNS 13 DNS DNS DNS 6.1 DNS DNS 6.1.1 DNS DNS DNS DNS 6.1.2 DNS DNS DNS 6.1 DNS DNS DNS 13 DNS 13 6.1 Root DNS Serverlocationa.root-servers.net Herndon VA, USb.root-servers.net Marina Del Rey CA,USc.root-servers.net Herndon VA, USd.root-servers.net College Park MD, USe.root-servers.net Mountain View CA, USf.root-servers.net Palo Alto CA, US; San Francisco CA, USg.root-servers.net Vienna VA, USh.root-servers.net Aberdeen MD, USi.root-servers.net Stockholm, SEj.root-servers.net Herndon VA, USk.root-servers.net London, UKl.root-servers.net Los Angeles CA, USm.root-servers.net Tokyo, JP 6.1 DNS 69
6.1 DNS DNS 6 4 2 1 ccTLDDNS DNS JP DNS ccTLDDNS ccTLDDNS 600 DNS DNS DNS DNS DNS DNS DNS ccTLDDNS ccTLDDNS ccTLDDNS DNS DNS DNS RFC2870Root Name ServerOperational Requirements DNS RFC2870 70
Root Name Server Operational Requirements2. The Servers ThemselvesThe following are requirements for the technical details of the root servers themselves:2.1 It would be short-sighted of this document to specify particular hardware, operatingsystems, or name serving software. Variations in these areas would actually add overallrobustness.2.2 Each server MUST run software which correctly implements the IETF standards for theDNS, currently [RFC1035] [RFC2181]. While there are no formal test suites forstandards compliance, the maintainers of software used on root servers are expected totake all reasonable actions to conform to the IETF’s then current documentedexpectations.2.3 At any time, each server MUST be able to handle a load of requests for root data which isthree times the measured peak of such requests on the most loaded server in then currentnormal conditions. This is usually expressed in requests per second. This is intended toensure continued operation of root services should two thirds of the servers be taken outof operation, whether by intent, accident, or malice.2.4 Each root server should have sufficient connectivity to the internet to support thebandwidth needs of the above requirement. Connectivity to the internet SHOULD be asdiverse as possible.Root servers SHOULD have mechanisms in place to accept IP connectivity to the rootserver from any internet provider delivering connectivity at their own cost.2.5 Servers MUST provide authoritative responses only from the zones they serve. Theservers MUST disable recursive lookup, forwarding, or any other function that may allowthem to provide cached answers. They also MUST NOT provide secondary service forany zones other than the root and root-servers.net zones. These restrictions help preventundue load on the root servers and reduce the chance of their caching incorrect data.2.6 Root servers MUST answer queries from any internet host, i.e. may not block root nameresolution from any valid IP address, except in the case of queries causing operationalproblems, in which case the blocking SHOULD last only as long as the problem, and beas specific as reasonably possible.2.7 Root servers SHOULD NOT answer AXFR, or other zone transfer, queries from clientsother than other root servers. This restriction is intended to, among other things, preventunnecessary load on the root servers as advice has been heard such as "To avoid having acorruptible cache, make your server a stealth secondary for the root zone." The rootservers MAY put the root zone up for ftp or other access on one or more less criticalservers.2.8 Servers MUST generate checksums when sending UDP datagrams and MUST verifychecksums when receiving UDP datagrams containing a non-zero checksum.71
3. Security ConsiderationsThe servers need both physical and protocol security as well as unambiguous authenticationof their responses.3.1 Physical security MUST be ensured in a manner expected of data centers critical to amajor enterprise.3.1.1 Whether or not the overall site in which a root server is located has access control,the specific area in which the root server is located MUST have positive accesscontrol,i.e. the number of individuals permitted access to the area MUST be limited,controlled, and recorded. At a minimum, control measures SHOULD be eithermechanical or electronic locks. Physical security MAY be enhanced by the useof intrusion detection and motion sensors, multiple serial access points,security personnel, etc.3.1.2 Unless there is documentable experience that the local power grid is more reliablethan the MTBF of a UPS (i.e. five to ten years), power continuity for at least 48hours MUST be assured, whether through on-site batteries, on-site powergeneration, or some combination thereof. This MUST supply the server itself, aswell as the infrastructure necessary to connect the server to the internet. ThereMUST be procedures which ensure that power fallback mechanisms and suppliesare tested no less frequently than the specifications and recommendations of themanufacturer.3.1.3 Fire detection and/or retardation MUST be provided.3.1.4 Provision MUST be made for rapid return to operation after a system outage. ThisSHOULD involve backup of systems software and configuration. But SHOULDalso involve backup hardware which is pre-configured and ready to take overoperation, which MAY require manual procedures.72
3.2 Network security should be of the level provided for critical infrastructure of a majorcommercial enterprise.3.2.1 The root servers themselves MUST NOT provide services other than root nameservice e.g. remote internet protocols such as http, telnet, rlogin, ftp, etc. The onlylogin accounts permitted should be for the server administrator(s). "Root" or"privileged user" access MUST NOT be permitted except through an intermediateuser account.Servers MUST have a secure mechanism for remote administrative access andmaintenance. Failures happen; given the 24x7 support requirement (per 4.5), therewill be times when something breaks badly enough that senior wizards will have toconnect remotely. Remote logins MUST be protected by a secure means that isstrongly authenticated and encrypted, and sites from which remote login is allowedMUST be protected and hardened.3.2.2 Root name servers SHOULD NOT trust other hosts, except secondary serverstrusting the primary server, for matters of authentication, encryption keys, or otheraccess or security information. If a root operator uses kerberos authentication tomanage access to the root server, then the associated kerberos key server MUST beprotected with the same prudence as the root server itself. This applies to all relatedservices which are trusted in any manner.3.2.3 The LAN segment(s) on which a root server is homed MUST NOT also homecrackable hosts. I.e. the LAN segments should be switched or routed so there is nopossibility of masquerading. Some LAN switches aren’t suitable for securitypurposes, there have been published attacks on their filtering. While these can oftenbe prevented by careful configuration, extreme prudence is recommended. It is bestif the LAN segment simply does not have any other hosts on it.3.2.4 The LAN segment(s) on which a root server is homed SHOULD be separatelyfirewalled or packet filtered to discourage network access to any port other thanthose needed for name service.3.2.5 The root servers SHOULD have their clocks synchronized via NTP [RFC1305][RFC2030] or similar mechanisms, in as secure manner as possible. For thispurpose, servers and their associated firewalls SHOULD allow the root servers tobe NTP clients. Root servers MUST NOT act as NTP peers or servers.3.2.6 All attempts at intrusion or other compromise SHOULD be logged, and all suchlogs from all root servers SHOULD be analyzed by a cooperative security teamcommunicating with all server operators to look for patterns, serious attempts, etc.Servers SHOULD log in GMT to facilitate log comparison.3.2.7 Server logging SHOULD be to separate hosts which SHOULD be protectedsimilarly to the root servers themselves.3.2.8 The server SHOULD be protected from attacks based on source routing. The serverMUST NOT rely on address-or name-based authentication.3.2.9 The network on which the server is homed SHOULD have in-addr.arpa service.73
3.3 Protocol authentication and security are required to ensure that data presented by the rootservers are those created by those authorized to maintain the root zone data.3.3.1 The root zone MUST be signed by the Internet Assigned Numbers Authority(IANA) in accordance with DNSSEC, see [RFC2535] or its replacements. It isunderstood that DNSSEC is not yet deployable on some common platforms, butwill be deployed when supported.3.3.2 Root servers MUST be DNSSEC-capable so that queries may be authenticated byclients with security and authentication concerns. It is understood that DNSSEC isnot yet deployable on some common platforms, but will be deployed whensupported.3.3.3 Transfer of the root zone between root servers MUST be authenticated and be assecure as reasonably possible. Out of band security validation of updates MUST besupported. Servers MUST use DNSSEC to authenticate root zones received fromother servers. It is understood that DNSSEC is not yet deployable on some commonplatforms, but will be deployed when supported.3.3.4 A ’hidden primary’ server, which only allows access by the authorized secondaryroot servers, MAY be used.3.3.5 Root zone updates SHOULD only progress after a number of heuristic checksdesigned to detect erroneous updates have been passed. In case the update fails thetests, human intervention MUST be requested.3.3.6 Root zone updates SHOULD normally be effective no later than 6 hours fromnotification of the root server operator.3.3.7 A special procedure for emergency updates SHOULD be defined. Updates initiatedby the emergency procedure SHOULD be made no later than 12 hours afternotification.3.3.8 In the advent of a critical network failure, each root server MUST have a method toupdate the root zone data via a medium which is delivered through an alternative,non-network, path.3.3.9 Each root MUST keep global statistics on the amount and types of queriesreceived/answered on a daily basis. These statistics must be made available toRSSAC and RSSAC sponsored researchers to help determine how to better deploythese machines more efficiently across the74
4. CommunicationsCommunications and coordination between root server operators and between the operatorsand the IANA and ICANN are necessary.4.1 Planned outages and other down times SHOULD be coordinated between root serveroperators to ensure that a significant number of the root servers are not all down at thesame time. Preannouncement of planned outages also keeps other operators from wastingtime wondering about any anomalies.4.2 Root server operators SHOULD coordinate backup timing so that many servers are notoff-line being backed up at the same time. Backups SHOULD be frequently transferredoff site.4.3 Root server operators SHOULD exchange log files, particularly as they relate to security,loading, and other significant events. This MAY be through a central log coordinationpoint, or MAY be informal.4.4 Statistics as they concern usage rates, loading, and resource utilization SHOULD beexchanged between operators, and MUST be reported to the IANA for planning andreporting purposes.4.5 Root name server administrative personnel MUST be available to provide service 24hours a day, 7 days per week. On call personnel MAY be used to provide this serviceoutside of normal working hours. DNS DNS ccTLDDNS DNS DNS DNS DNS DNS ccTLDDNS 75
6.1.3 DNS UCSDUniversity of California, SanDiegoCAIDAhttp://www.caida.org/ DNS gTLDDNS http://www.caida.org/cgi-bin/dns_perf/main.pl DNS DNS 4 DNS 6.26.4 DNS 10 21 22 6.1.4 DNS DNS DNS 76
6.2 UCSD DNS 2002 6 6 7 6 77
6.3 UCSD DNS 2002 8 6 6.4 UCSD DNS 10 2122 2 DNS 78
6.2 dnsprobe dnsprobe DNS DNS Round Trip TimeRTT6.2.1 dnsprobe dnsprobe C UNIX OS Windows CYGWIN dnsprobe 6.5 6.5 DNS dnsprobe DNS DNS RTT dnsprobe IP dnsprobe 6.6 203.178.XXX.146 IP 13 DNS RTT 60 timed out DNS 6.5 dnsprobe 79
6.6 dnsprobe 6.2.2 dnsprobe DNS dnsprobe dnsprobe dnsprobe 2 6.7 nativeprobedialupprobe ISP PPP nativeprobe dialupprobe dialupprobe RTT nativeprobe dialupprobe 6.7 nativeprobe dialupprobe80
6.2.3 dialupprobe nativeprobe dialupprobe ccTLDDNS dialupprobe DNS DNS DNS DNS gTLDDNS ccTLDDNS gTLD global Top Level Domain comorgnet gov ccTLD country code TopLevel Domain JPKRFI 2002 4 243 ccTLD DNS ccTLDDNS DNS gTLDDNS DNS 6.1 DNS 13 10 2 1 gTLDDNS 6.2 DNS Root DNS Serverlocationa.gtld-servers.net Herndon VA, USb.gtld-servers.net Mountain View CA, USc.gtld-servers.net Dulles VA, USd.gtld-servers.net Herndon VA, USe.gtld-servers.net Los Angeles CA, USf.gtld-servers.net Seattle WA, USg.gtld-servers.net Mountain View CA, USh.gtld-servers.net Amsterdam, NLi.gtld-servers.net Stockholm, SEj.gtld-servers.net Tokyo, JPk.gtld-servers.net London, UKl.gtld-servers.net Atlanta GA, USm.gtld-servers.net Hong Kong, HK 6.2 gTLDDNS 243 ccTLDDNS 2002 4 1,110 ccTLDDNS 1,110 IPaddress DNS DNS 601 601 6.8 DNS ccTLDDNS 81
6.8 ccTLDDNS nativeprobe dialupprobe Los Angeles LAN DNS nativeprobe dialupprobe 6.9 CDFCumulative Distribution Function 6.10 DNS nativeprobe dialupprobe dialupprobe RTTnnativeprobe RTT n =αn − βn dialupprobe nativeprobe dialupprobe 2 dnsprobe PPP RTT DNS dnsprobe DNS RTT 82
10.9LAX root dialupLAX root nativeGCGC0.8HIDI0.7DH0.6KK0.50.40.30.20.1ELBFMAJELBMFAJ00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec) 6.9 nativeprobe dialupprobe Los Angeles 10.9CNS root dialupCNS root nativeGCGC0.8KIKI0.7HH0.6DD0.50.40.3JALBAJBL0.2EE0.1MFMF00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec) 6.10 nativeprobe dialupprobe 83
6.11 ISP DNS RTT ISPISP ISP DNS RTT dnsprobe RTT RTT(a)dnsprobe DNS RTT RTT(b) DNS RTT RTT(c) =RT T (a) =median(RT T (b)) ccTLDDNS DNS DNS 6.11 dialup probe 84
6.3 DNS 6.3.1 dnsprobe ccTLDDNS DNS ccTLDDNS DNS DNS DNS ccTLDDNS DNS DNS DNS ccTLDDNS DNS university,Oregon,USA university,PaloAlto,USA10.90.80.70.60.50.40.30.20.1rootccTLDFBELJAHDKMIGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDFBELJAHDKMIGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)datacenter,LosAngeles,USA university,Pittsburgh,USA10.90.80.70.60.50.40.30.20.1rootccTLDAJFMLBEKHDICG00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDDHJAKFLBEIMGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)85
university,Maryland,USA university,Cambridge,USA10.90.80.70.60.50.40.30.20.1rootccTLDHAJDFEBLKIMGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDGJAHDFBELKIMC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)dialup,Ottawa,Canada dialup,Cordoba,Mexico10.90.80.70.60.50.40.30.20.1rootccTLDJHDAKFILBMEGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDBHJACLFDEIKMG00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)isp,London,UK isp,Paris,France10.90.80.70.60.50.40.30.20.1rootccTLDIKHJADLBFEMGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDKIAJDHFEBLMGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)86
university,Zurich,Switzerland dialup,Parma,Italy10.90.80.70.60.50.40.30.20.1rootccTLDIKJHDAEFLBGMC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDIKJHDLFAEBGM00 200 400 600 800 1000 1200 1400 1600 1800 2000Cresponse time (msec)dialup,Torun,Poland dialup,Ukraine10.90.80.70.60.50.40.30.20.1rootccTLDIKJHDAFLBGEM00 200 400 600 800 1000 1200 1400 1600 1800 2000Cresponse time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDJAFEKID00 200 400 600 800 1000 1200 1400 1600 1800 2000HBLGCMresponse time (msec)dialup,Shanghai,China dialup,Beijing,China10.90.80.70.60.50.40.30.20.1rootccTLDLDAIKFMBJHEG00 200 400 600 800 1000 1200 1400 1600 1800 2000Cresponse time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDEFMKBL00 200 400 600 800 1000 1200 1400 1600 1800 2000HDresponse time (msec)JAIGC87
dialup,Seoul,Korea home,Tokyo,Japan10.90.80.70.60.50.40.30.20.1rootccTLDFLMBJDHEAKIG00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)C10.90.80.70.60.50.40.30.20.1rootccTLDMEFBLAJHDKIGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)university,Hamilton,NewZealand dialup,Canberra,Australia10.90.80.70.60.50.40.30.20.1rootccTLDLEBFMAHDJKIGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDMLFBJHDAE00 200 400 600 800 1000 1200 1400 1600 1800 2000Kresponse time (msec)IGCdialup,CapeTown,SouthAfrica dialup,Eldoret,Kenya10.90.80.70.60.50.40.30.20.1rootccTLD00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)JDHIALBKFGEMC10.90.80.70.60.50.40.30.20.1rootccTLD00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)DJFLAHKBIMCG88
dialup,Algiers,Algeria dialup,Salvador,Brazil10.90.80.70.60.50.40.30.20.1rootccTLD00 200 400 600 800 1000 1200 1400 1600 1800 2000Kresponse time (msec)IDJHAFELBGMC10.90.80.70.60.50.40.30.20.1rootccTLDDJHGA00 200 400 600 800 1000 1200 1400 1600 1800 2000EBFLKresponse time (msec)IMCdatacenter,SaoPaulo,Brazil home,BuenosAires,Argentina10.90.80.70.60.50.40.30.20.1rootccTLDJAHDBLFEIKGMC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)10.90.80.70.60.50.40.30.20.1rootccTLDAHJDEFLBKIMGC00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)dialup,Talca,Chile1rootC0.9ccTLDGM0.8I0.7K0.6B0.5EL0.4F0.3J0.2HD0.1A00 200 400 600 800 1000 1200 1400 1600 1800 2000response time (msec)89
6.3.2 DNS 6.1217 DNS 800600ABCDEFGHIJKLM40020000Mexico Brazil-1 Brazil-2 Argentina Chilecountry 6.12 observation from South America region600ABCDEF400GHIJKLM20000US(OR) US(CA) US(CA) US(PA) US(MD) US(MA) Canadacountry 6.13 observation from North America region90
800600ABCDEFGHIJKLM40020000NewZealandcountry 6.14 observation from Oceania regionAustralia1000ABCDEF800600GHIJKLM4002000SouthAfrica Kenya Algeria0country 6.15 observation from Africa region91
140012001000ABCDEFGHIJKLM8006004002000 Japan China-1 China-2 Korea0country 6.16 observation from Asia region800ABCDEF600GHIJKLM40020000U.K. France Switzerland Italy Poland Ukrainecountry 6.17 observation from Europe region92
6.3.3 DNS DNS DNS DNS DNS DNS DNS DNS DNS 93
6.4 M 6.4.1 M M AS7500 3 IX ISP ISP M M ISP 6.18 M 6.4.2 M AS7500 IX AS7500 AS7500 300 MRTG MRTG 94
6.19 MRTG M 6.4.3 2002 3 18 2003 3 31 AS7500 8 13 8 30 2002 10 22 95
6.20 M 2002 3 18 2003 3 31 6.21 M 2002 3 18 2003 3 31 96
6.4.4 2002 10 22 6.22 japan.internet.com 10 22 97
10 22 2 4 30 20 4 30 2 1 2 3 3 ICMP AS ICMP DNS 13 98
FM 6.23 2002 10 22 6.24 2002 10 22 99
Change language