ATLAS Internet Observatory Bandwidth Bandwagon: An ISOC Briefing Panel November 11, 2009, Hiroshima, Japan



Similar documents
Internet Traffic and Content Consolidation

ATLAS Internet Observatory 2009 Annual Report

Trends in Internet Traffic Patterns Darren Anstee, EMEA Solutions Architect

Craig Labovitz, Scott Iekel-Johnson, Danny McPherson Arbor Networks Jon Oberheide, Farnam Jahanian University of Michigan

Internet Traffic Evolution

Internet Inter-Domain Traffic

Internet Traffic Trends A View from 67 ISPs

STATEMENT OF CRAIG LABOVITZ, PHD Co-Founder and CEO of DeepField Before the House Judiciary Committee Subcommittee on Regulatory Reform, Commercial

Internet Traffic Measurement

Traffic delivery evolution in the Internet ENOG 4 Moscow 23 rd October 2012

Delivering Managed Services Using Next Generation Branch Architectures

Content is king, but who rules?

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Performance of Cisco IPS 4500 and 4300 Series Sensors

IP interconnection issues

The Importance of High Customer Experience

The Other 50% of Internet Traffic. Craig Labovitz

Extreme Networks CoreFlow2 Technology TECHNOLOGY STRATEGY BRIEF

Open Source in Network Administration: the ntop Project

OPTICAL AND HIGHER LAYERS ARE CONVERGING WITH SDN

Verizon Business International Partner Services. Wholesale & Carrier Guide

Using IPM to Measure Network Performance

Welcome to SoftLayer. Welcome. How to Get Started. Portal Overview. Support Guidelines. Technical Resources. First 48 Hours

Multi Protocol Label Switching (MPLS) is a core networking technology that

Service Performance Management: Pragmatic Approach by Jim Lochran

464XLAT: Breaking Free of IPv4. T-Mobile.com NANOG 61 June 2014

Regional Interconnection Strategy for Africa. Regional Peering and Interconnection Economics

The Evolution of Ethernet

How To Stop A Ddos Attack On A Network From Tracing To Source From A Network To A Source Address

Bandwidth Management for Peer-to-Peer Applications

Port evolution: a software to find the shady IP profiles in Netflow. Or how to reduce Netflow records efficiently.

Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks

Chapter 9. Internet. Copyright 2011 John Wiley & Sons, Inc 10-1

MPLS/IP VPN Services Market Update, United States

CDN and Traffic-structure

Making the Internet fast, reliable and secure. DE-CIX Customer Summit Steven Schecter <schecter@akamai.com>

NETWORK ISSUES: COSTS & OPTIONS

Overview of recent changes in the IP interconnection ecosystem

Overlay Networks. Slides adopted from Prof. Böszörményi, Distributed Systems, Summer 2004.

AKAMAI WHITE PAPER. Delivering Dynamic Web Content in Cloud Computing Applications: HTTP resource download performance modelling

CSE 3214: Computer Network Protocols and Applications

The Opportunity for White-labeled IPTV & OTT TV for MNOs, MSOs and ISPs. Date: 19 January 2014

NEFSIS DEDICATED SERVER

Acceleration, Optimization, Security and the Data Center: Application Delivery s Next Step

How Cisco IT Protects Against Distributed Denial of Service Attacks

Netflix Open Connect. 2 Terabits from 6 racks

The Emerging 21 st Century Access Power Peering (*)

Cairo, May 18, 2009 INET. Olaf Kolkman

How Akamai Maps the Net:

An apparatus for P2P classification in Netflow traces

Measuring the Web: Part I - - Content Delivery Networks. Prof. Anja Feldmann, Ph.D. Dr. Ramin Khalili Georgios Smaragdakis, PhD

Executive Summary. Internet Traffic and Capacity

EXPLORER. TFT Filter CONFIGURATION

Measuring Broadband America. Walter Johnston, Chief ECC Federal Communications Commission NANOG

JUNOS DDoS SECURE. Advanced DDoS Mitigation Technology

THE INTERNET AND TRAFFIC MANAGEMENT A CABLE EUROPE FACTSHEET

Deploying Firewalls Throughout Your Organization

Protocols. Packets. What's in an IP packet

Internet Privacy Options

Video and Cloud: Disruptive Market Opportunities

IxLoad TM Adobe HDS Player Emulation

Figure 41-1 IP Filter Rules

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

Teridion. Rethinking Network Performance. The Internet. Lightning Fast. Technical White Paper July,

Honolulu, Hawaii January 17, 2012

IxLoad: Testing Microsoft IPTV

Copyright 2008 Link Technologies,Inc. A Proud Vendor Member of the

P4P: ISPs and P2P. Laird Popkin, Pando Networks Doug Pasko, Verizon Communications

Distributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015

Distributed Systems. 25. Content Delivery Networks (CDN) 2014 Paul Krzyzanowski. Rutgers University. Fall 2014

CISC 1600 Introduction to Multi-media Computing

HIGH-SPEED BRIDGE TO CLOUD STORAGE

Introduction Chapter 1. Uses of Computer Networks

New Models and Conflicts in the Interconnection and Delivery of Internet-mediated Content

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Southwest Arkansas Telephone Cooperative Network Management Practices

Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks

Video Streaming Without Interruption

The Internet Peering Playbook: Connecting to the Core of the Internet Second Edition Written by William B. Norton

The Ultimate Guide to Gaining Control of the WAN

Analysis of Communication Patterns in Network Flows to Discover Application Intent

Internet Service Providers: Peering and Charging

Deploying IPv6 at Scale As an ISP. Clinton Work Member of the TELUS team October 2015

The Value of Flow Data for Peering Decisions

Broadband Services Overview

WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO

The Ecosystem of Computer Networks. Ripe 46 Amsterdam, The Netherlands

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Certes Networks Layer 4 Encryption. Network Services Impact Test Results

Efficient evolution to all-ip

ROGERS DELIVERS THE SPEED, POWER AND RELIABILITY OF FIBRE RIGHT TO YOU.

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Data Center Content Delivery Network

Web Caching and CDNs. Aditya Akella

Why sample when you can monitor all network traffic inexpensively?

Three short case studies

Network Configuration Settings

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600

VIRTUALIZING THE EDGE

Transcription:

ATLAS Internet Observatory Bandwidth Bandwagon: An ISOC Briefing Panel November 11, 2009, Hiroshima, Japan Danny McPherson danny@arbor.net Chief Security Officer

ATLAS Observatory Details ISP / Content Providers ATLAS Centrally maintained servers Graphic not an accurate representation of current ATLAS deployments! Within a given ISP, commercial probe infrastructure! Monitors NetFlow / Jflow / etc and routing across possible hundreds of routers! Probes topology aware of ISP, backbone and customer boundaries! Routers typically include most of peering / transit edge! Some deployments include portspan / inline appliances! Deployments send anonymous XML file to central servers! Includes self-categorization of primary geographic region and type! Data includes coarse grain anonymized traffic engineering statistics! Largest Internet monitoring infrastructure in the world, first global traffic engineering study of Internet evolution! Global deployment across 110+ ISPs / Content Providers! Near real-time traffic and routing statistics (~15 Tbps)! Leverages commercial security / TE infrastructure! Participation voluntary, all data sources are anonymous! Introduced at NANOG 47, tech report forthcoming, Arbor blog provides ongoing related bits! Co-collaborators: Labovitz & Iekel-Johnson (Arbor), Oberheide & Jahanian (UoM) Karir (Merit Network)

Major Findings 1 Consolidation of Content Contributors! Content migrated out of enterprise / edge to aggregators! Consolidation of large Internet properties! Now only 150 origin ASNs now contribute 50% of traffic! Hyper-giants: 30 companies account for 30% of all traffic 2 Consolidation of Applications! Browser increasingly application front end (e.g., mail, video)! Applications migrate to HTTP or Flash ports / protocols (tcp/80)! Other ports / app groups decline (except games and VPN) 3 Evolution of Internet Core and Economic Innovation! Majority of traffic direct between consumer and content! Market shifts focus to higher value services (MSSP, VPN, CDN, etc)! Experimentation with paid transit, paid content! Disintermediation of middleman

Textbook Internet: Then & Now! Tier1 global core (modulo a few name changes over the years)! Disintermediation between content and eyeball networks! Flatter Internet, much more dense interconnection has routing, traffic, security, economic, implications

The ATLAS 10 : Then and Now Rank 2007 Top Ten % 2009 Top Ten % 1 Level(3) 5.77 Level(3) 9.41 2 Global Crossing 4.55 Global Crossing 5.7 3 ATT 3.35 Google 5.2 4 Sprint 3.2-5 Cogent 2.77-6 NTT 2.6 Comcast 3.12 7 Verizon 2.24-8 TeliaSonera 1.82-9 Savvis 1.35-10 AboveNet 1.23 -! 2007 Corresponds with expected tier-1 ISPs (e.g., Wikipedia)! Based on analysis of anonymous ASN (origin/transit) data (weighted average % of all Internet Traffic)! Top ten has NO direct relationship to Observatory participation! Tier1s still carry significant traffic volumes (and profitable services)! Google and Comcast Join the Top 10 in 2009

Consolidation of Content (Grouped Origin ASN)! In 2007, thousands of ASNs contributed 50% of content! In 2009, 150 ASNs contribute 50% of all Internet traffic! Approximates a power law distribution

What s Happening?! Commoditization of IP and Hosting / CDN! Drop price of wholesale transit! Drop price of video / CDN! Economics and scale drive enterprise to cloud! Consolidation! Bigger get bigger (economies of scale)! e.g., Google, Yahoo, MSFT acquisitions! Success of bundling / Higher Value Services! Triple and quad play, etc.! New economic models! Paid content (ESPN 360), paid peering, etc.! Difficult to quantify due to NDA / commercial privacy! Disintermediation! Direct interconnection of content and consumer! Driven by both cost and increasingly performance

Top ATLAS Global Applications Rank Application 2007 2009 Change 1 Web 41.68% 52.00% 24.76% 2 Video 1.58% 2.64% 67.09% 3 VPN 1.04% 1.41% 35.58% 4 Email 1.41% 1.38% -2.13% 5 News 1.75% 0.97% -44.57% * 6 P2P (*) 2.96% 0.85% -71.28% 7 Games 0.38% 0.49% 28.95% 8 SSH 0.19% 0.28% 47.37% 9 DNS 0.20% 0.17% -15.00% 10 FTP 0.21% 0.14% -33.33% Other 2.56% 2.67% 4.30% Unclassified 46.03% 37.00% -19.62% (*) 2009 P2P Value based on 18% Payload Inspection! Weighted average percentage Internet traffic! Limited payload based application classification dataset! P2P likely closer to 18%, and video significantly larger! Web (and video over HTTP) largest! Followed by P2P (which is also fastest shrinking)

Global P2P Trends! Graph of weighted average traffic using well-known P2P ports! Trend in both well-known ports and payload based analysis! Not enough data to graph payload based data decline! Most P2P uses random ports and 40% or more encrypted! Slight differences in rate of decline by region (i.e. Asia is slower)

P2P Replaced by Direct Download! Graph shows weighted average percentage Carpathia traffic! Carpathia Hosting represents more than 0.5% of all traffic! Provider to MegaUpload, MegaErotic, etc.! Mega became Carpathia customer November 2008! Leaseweb not considered here

Internet Size / Growth! Followed MINTS methodology for AGR! Used 10 known ISP totals (MRTG / Flow based) to extrapolate Internet total! Similar findings to MINTS and Cisco! Significant growth, but no Exaflood

Observatory Conclusions! Internet is at an inflection point! Transition from focus on connectivity to content! Old global Internet economic models are evolving! New entrants are reshaping definition / value of connectivity! New technologies are reshaping definition of network! Web / Desktop Applications, Cloud computing, CDN! Changes mean significant new commercial, security and engineering challenges! This is just the beginning

Inputs to Network Neutrality! Transit becoming commodity and price-war function, yet costs to traditional transit going up because of more local interconnection (average transit packet mile increases)! Disintermediation and lack of interconnection regulation change dynamics for new entrants considerably! Internet is NOT a traditional utility beyond local loop inherent per-subscriber variances:! E.g,. Refrigerator pulls ALL electricity from local sub-station that s deterministic; Internet user may pull 2%, or 95% of data from international sources someone has to bear cost of delivering those bits from expensive locations! Liken to mobile environment where cost recoup occurs at many levels (on/off-net, nights/weekends, national, international, sms v. mms v. voice v. data v. roaming) EXACT same capacity as data fixed all you can eat models are mindset! Convergence to IP (and tcp/80) makes inspection and discrimination for even security/abuse functions more complex

EOF Danny McPherson danny@arbor.net

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information