ipv6 matrix project - general presentation

IPv6 Matrix Project - http://www.ipv6matrix.org

IPv6 Matrix Project

Tracking IPv6 connectivity Worldwide

http://www.ipv6matrix.org

Dr. Olivier MJ Crépin-Leblond – [email protected]<Date/Location>


We are running out of IP addressesWorld Connectivity vs Population

Population Size

6 767 805 208

N° Internet Users

1 733 993 741

Population Size

N° Internet Users

Middle East Connectivity vs Population

Population Size

202 687 005

N° Internet Users

57 425 046

Population Size

N° Internet Users

6.7 Billion people on earth

1.7 Billion Internet users

More ways to access the Internet

“Internet Protocol”


We are running out of IP addresses

When we reach this point, it will be too late since there will be no more “free” IPv4 addresses!

Real time data collected 1 Mar 2010

today

http://www.potaroo.net/tools/ipv4/index.html


We are running out of IP addresses

In the future, communication will go everywhere


IPv6 Adoption

The Question is: where are we now?


IPv6 Matrix Project

� ISOC England was awarded a Community Grants Programme award in November 2009

� Design and implementation of an “IPv6 Crawler,” software on a computer that would crawl through the DNS at regular intervals in order to detect:� IPv6 DNS servers

� IPv6 compliant Web servers� IPv6 compliant SMTP mailers

� IPv6 compliant NTP servers.


Project Rationale

� Today, the vast majority of internet traffic is generated by a small number of data sources – i.e. the world’s busiest Web Sites

� Without IPv6 accessible content, IPv6 has no chance of being used - ever.

� Take the 1 Million most popular Web site list from alexa.com as a starting point for the domains to be tested. Add more domains later.

� This is equivalent to testing about 6.3 million hosts worldwide

� Use GeoIP database to estimate real host location


Teams

� London, UK:

� Project Management and support

� Hardware supply and installation

� Data Centre and IPv6 connectivity

� Nile University, Egypt:

� Programming


IPv6 Matrix Project: London

� Two servers: a back end Crawler, and a front end Web server.

� They function entirely independently of each other.

� The Crawler works through connectivity tests and generates huge quantities of data which are stored as text-based data files.

� The Web server integrates this data into an SQL database which can then be interrogated by Web pages to make the results available worldwide.


Crawler

CENTOS 5 Linux / updatedOperating

System

2 x hot-swappable redundant

535W.

PSU

146 Gb hardware SATA 2-disk

RAID (hot swappable)

HD Storage

4 Gb DDR2 SDRAMRAM

2 x Dual Core Intel(R)

Xeon(TM) CPU 3.60GHz

CPU

194.33.63.250 / 1 Gb/s (GIH

private address space)

IPv4 address

(eth1) /

speed

shell.ipv6matrix.orgName (eth1)

2a00:19e8:20:1::a2 / 100 Mb/sIPv6 address

(eth0) /

speed

212.124.204.162 / 100 Mb/sIPv4 address

(eth0) /

speed

turtle.ipv6matrix.org ;

crawler.ipv6matrix.org

turtle.ipv6matrix.com ;

crawler.ipv6matrix.com

turtle.ipv6matrix.net ;

crawler.ipv6matrix.net

Name (eth0)

HP DL360pModel

Crawler (back

end)


Web Server

Ubuntu 4.4 Linux / updatedOperating System

Single 500WPSU

2 x 1 Tb fast SATAHD Storage

4 Gb DDR2 SDRAMRAM

2 x Dual Core Intel(R) Xeon(TM)

CPU 3.40GHz

CPU

194.33.63.251 / 1 Gb/s (GIH

private address space)

IPv4 address

(eth1) /

speed

tusk.ipv6matrix.orgName (eth1)

2a00:19e8:20:1::aa / 100 Mb/sIPv6 address

(eth0) /

speed

212.124.204.170 / 100 Mb/sIPv4 address

(eth0) /

speed

elephant.ipv6matrix.org ;

www.ipv6matrix.org

elephant.ipv6matrix.com ;

www.ipv6matrix.com

elephant.ipv6matrix.net ;

www.ipv6matrix.net

Name (eth0)

HP DL140Model

Web Server

(front end)


Router

MN-16ESW 16 port / 100

Mb/s

Interface card /

speed

2 / 100 Mb/sEthernet Ports /

speed

64 MbDRAM

Advanced IP Services IOSOperating

System

CISCO 2811Model

Router


Local Network


Software flowchart


Web Site

Structure


www.ipv6matrix.org Web Site


Using the filter

Use the filter to select by Top Level Domain, or by type of service tested.


Europe Data snapshot

� Europe Map + figures

� (Web+NTP / WEB only)

Sept 2010

4.23%

2.39%

1.34%

1.91% 1.49%

2.20%

4.39%0.74%

0.20%

0.00%

4.29%

2.03%

1.47%

6.68%

3.20%

0.23% 0.56%

0.63%

3.40%

4.34%

0.41%

10.74%0.67%

2.32% 2.80% 3.48%

1.12%

0.84%

0.24% 0.64% 0.18%0.99%

0.26%

0.47%

0.80% 0.06%

0.14%

0.64%

0.12%

0.41%

2.29%

1.73%

0.42%0.11%

4.01%

0.43%

0.55%

0.35% 0.11%

0.10%

2.79%

0.09%

1.34%

13.42%16.38%

1.55%

IPv6 Host Penetration

DNS+WWW+

SMTP+NTP

WWW only

Low sample

6.57%

1.74%

10.10%

0.30%


Asia Data snapshot

0.20%

0.09%

1.52%2.52%

1.50%

0.39%

0.20%

0.65%

7.38%

8.59%

3.03%3.16%

1.01%

1.31%

0.25%

2.78%

1.89% 0.09%

0.89%

0.56%

1.46%

1.18%

0.52%

0.87%

0.18%

0.06%

0.11%

1.03%

0.09%

0.15%

3.09%

0.00% 0.11%0.42%

1.58%

0.00%

0.14%

3.03%

0.48%

0.56%

0.00%1.94%

0.51%

0.00%

Sept 2010

Low sample

WWW only

DNS+WWW+

SMTP+NTP


25.00%50.00%


Africa Data snapshot

Low sample

WWW only

DNS+WWW+

SMTP+NTP


Sept 2010

36.63%

8.82%

5.56%

8.33%

0.79%0.34%

14.29%

1.85%

0.00%

0.00%


Compare Historical data on

African Internet Connectivity

June 1994 May 1997

Source: Internetology - http://www.nsrc.org/codes/bymap/ntlgy/ntlgy.htm


Dual IPv4/IPv6 general Statistics

Use the filters to check for data specific

to a single Top Level Domain, or to a set

of Top Level Domains.

It is also possible to filter by type of

service tested.


Data Archives

Selecting Data Archives provides

a link to the detailed information

Table.

Click on “Search”, to go

directly to the Top Level Domain,

or scroll down to the desired

Top Level Domain.


Data Archives

� Example Data in Data Archives (stop

at date)

Click on the “+” to the left of the

Top Level Domain to gain

access the sub-menu containing

the dates of all the data runs,

and so on, to reveal results.

year-month-day__hour-min-sec


Data Archives - results

Click on the links to open a

new window containing

all of the detailed results

formatted in a table.


Data Archives - resultsBasic IPv4/IPv6 connectivity table

Domain penetration summary table

Geographical IP database

Type of IPv6 access (tunnels etc.)

Trace path, hop count, MTU IPv4 & IPv6

Ping count IPv4 and IPv6

Reverse IPv4 and IPv6

SOA for Nameserver

Service detection for SMTP, HTTP and HTTPs

TLS detection for SMTP


Detailed Data for .AEClicked on tcp80_WWW_ae: connection to http port


Search for IPv6 address

Performing a search using the search menu: ipv6 not equal to n/a

shows all of the ipv6 compatible domains in the table.

The Web site is

accessible on

IPv4

The Web site

is not accessible

on IPv6


Example 1: Ping delays for IPv6

� Country specific results? /P1

� (examples from the report / finding

errors etc.)

It is possible to combine

search items togetherIn this case, we looked at the UK

ping table, and combined a search

for domains which have a web site

who address is pure IPv6.

Search for site with no IPv4 address

and an IPv6 address starting with “2”.

At present, all valid, routable IPv6

addresses start with “2”.


Example 2: fake IPv6 AAAA record

� Country specific results? /P2

� (examples from the report / finding

errors etc.)

Perform a search for ipv6 field starting with ::ffff

These “ipv6” addresses are AAAA records

which pretend to denote an IPv6 address,

but are actually IPv4 addresses.

There are plenty of examples of such mis-

configuration in the DNS.

Worse problems are caused by commas in domain

names, ie. www.domain,com as well as IP

addresses returning localhost 127.0.0.1 or ::1 etc.

Comma!


Machine readable output

Command directly to SQL database

http://www.ipv6matrix.org:4444/getTable?crawl=2010-07-18_12-24-48&tld=com&table=WWW_com

It is therefore possible to use an entirely new user interface with the back end database


Problems / Possible Errors

� Lots of errors in the DNS – commas, no A, no AAAA record, looping MX, etc.

� Firewalls and security software:

� Blocking of network segments

� detecting denial of service attack (DoS) by error:

• Unusual UDP traffic. Trace-path / ping, SMTP, HTTP, Secure HTTP, NTP port testing.

� Internet snapshot from one location only

� Less accurate results with small input data size (small number of domains tested)

� Disputed accuracy of Geographical IP database


Future Work – funding required

� Add more domains to be tested

� Add more features to be tested

� Current front end Web Pages are only an example of possible analysis

� Develop new data visualisation

� Perform further analysis

� Perform historical/time analysis from archives

� Develop an engine to write automated reports

� Duplicate Crawler to other regions


Thank you

CTMInternational

Contact: Dr. Olivier MJ Crépin-Leblond – [email protected]

ipv6 matrix project - general presentation

Technology

ipv6 crawler

ipv6 adoption

project management

project rationale

ipv6 accessible content

ntp web

web sitepage

web pages