RIPE Atlas!                               A “Real Big” Measurement NetworkDaniel KarrenbergChief Scientist
RIPE TTM (used for DNSMON)                              2
Light Map             3
Intuition: 1000 Probes                          4
Intuition: 5000 Probes                          5
Intuition: 10k Probes                         6
Intuition: 20k Probes                         7
Intuition: 50k Probes                         8
Intuition: 10k Probes & 1 AS                                9
Ambitious Community Effort   Instead of building small, separate,     individual & private infrastructures,               ...
Ambitious Community Effort•  Individual   Benefits  -  Lessexpensive than rolling your own  -  More vantage points availabl...
Intuition -> Plan•    For accurate maps we need more probes•    Deploying very many TTM boxes too expensive•    Smaller pr...
Probe Deployments                     13
Probe Deployments                     14
Probe Deployments                     15
Probe Capabilities•    Version 0      -  Ping to fixed targets (IPv4 & IPv6) ✔      -  Traceroute to 1st two upstream hops ...
What you see is what you get                                17
Hosting = Credits = Measurements                                    18
Host Applications                     19
Hosting = Credits = Measurements                                    20
Hosting = Credits = Measurements                                updated hourly on                                         ...
Sponsorship = Credits = Measurements                                        22
Sponsorship = Credits = Measurements                                        23
Sponsorship = Credits = MeasurementsFor sponsorships see me during the meeting,or contact me: <daniel.karrenberg@ripe.net>...
Questions?
Spare Slides / Anticipated Questions     Spare Slides                                                         26
Why Hardware and not Software Probe ?•    Comparable and Reliable Measurements      -  Known and uniform environment      ...
Is this the RIPE Botnet ?•    No•    Architecture is security conscious -> MAT WG•    Probes do not offer services, no ope...
Private Measurements ?•    We are not offering this as a service for private and     confidential measurements•    All resu...
Relation to Other RIPE NCC Services ?My personal vision, to be discussed in MAT WG and with current users:•    TTM will be...
Measurement nodes – “Probes”•    Probe (v1 / generation 1):      -  Lantronix XPortPro      -  Very low power usage      -...
RIPE Atlas - Overall Architecture                                     32
RIPE Atlas - Security aspects•    Probes have hardwired trust material!     (registration server addresses / keys)•    The...
Upcoming SlideShare
Loading in …5
×

RIPE Atlas

1,305 views

Published on

Presentation given by Daniel Karrenberg in February 2011 at DomainPulse in Vienna

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,305
On SlideShare
0
From Embeds
0
Number of Embeds
17
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

RIPE Atlas

  1. 1. RIPE Atlas! A “Real Big” Measurement NetworkDaniel KarrenbergChief Scientist
  2. 2. RIPE TTM (used for DNSMON) 2
  3. 3. Light Map 3
  4. 4. Intuition: 1000 Probes 4
  5. 5. Intuition: 5000 Probes 5
  6. 6. Intuition: 10k Probes 6
  7. 7. Intuition: 20k Probes 7
  8. 8. Intuition: 50k Probes 8
  9. 9. Intuition: 10k Probes & 1 AS 9
  10. 10. Ambitious Community Effort Instead of building small, separate, individual & private infrastructures, build one huge common infrastructure that serves both the individual goals and the community goals. 10
  11. 11. Ambitious Community Effort•  Individual Benefits -  Lessexpensive than rolling your own -  More vantage points available -  More data available•  Community Benefits -  Unprecedented situational awareness -  Wealth of data, … 11
  12. 12. Intuition -> Plan•  For accurate maps we need more probes•  Deploying very many TTM boxes too expensive•  Smaller probes •  Easily deployable•  USB powered•  24 x 365 capable 12
  13. 13. Probe Deployments 13
  14. 14. Probe Deployments 14
  15. 15. Probe Deployments 15
  16. 16. Probe Capabilities•  Version 0 -  Ping to fixed targets (IPv4 & IPv6) ✔ -  Traceroute to 1st two upstream hops ✔•  Version 1 -  Ping& Traceroute to variable targets -  DNS queries to variable targets•  Version 2 -  Your ideas ?•  Upgrades are automatic 16
  17. 17. What you see is what you get 17
  18. 18. Hosting = Credits = Measurements 18
  19. 19. Host Applications 19
  20. 20. Hosting = Credits = Measurements 20
  21. 21. Hosting = Credits = Measurements updated hourly on 21
  22. 22. Sponsorship = Credits = Measurements 22
  23. 23. Sponsorship = Credits = Measurements 23
  24. 24. Sponsorship = Credits = MeasurementsFor sponsorships see me during the meeting,or contact me: <daniel.karrenberg@ripe.net> 24
  25. 25. Questions?
  26. 26. Spare Slides / Anticipated Questions Spare Slides 26
  27. 27. Why Hardware and not Software Probe ?•  Comparable and Reliable Measurements -  Known and uniform environment -  Tamper resistant•  24 x 365 -  Install and Forget -  Not dependent on host system, needs little power•  Security -  Not attractive nor easy target for botnet herders -  Not introducing potential weakness in host systems 27
  28. 28. Is this the RIPE Botnet ?•  No•  Architecture is security conscious -> MAT WG•  Probes do not offer services, no open ports•  Probes are no interesting targets -  Very special environment -  Not really powerful either•  Infrastructure is designed with security in mind•  Measurements will be rate limited …. 28
  29. 29. Private Measurements ?•  We are not offering this as a service for private and confidential measurements•  All results should benefit the community, also those of individually configured measurements -  Modalitiesto be discussed -> MAT WG -  Embargo periods -  Aggregation -  Anonymisation•  If you want to keep it very secret, run your own. 29
  30. 30. Relation to Other RIPE NCC Services ?My personal vision, to be discussed in MAT WG and with current users:•  TTM will become part of RIPE ATLAS -  Powerful class of probes -  “Beacon” probes (some interest already) -  RIPE Atlas framework of operation and services•  DNSMON will become a class of RIPE Atlas measurements 30
  31. 31. Measurement nodes – “Probes”•  Probe (v1 / generation 1): -  Lantronix XPortPro -  Very low power usage -  8MB RAM, 16MB flash -  Runs uClinux -  No FPU, no MMU, virtually no UI -  A reboot costs <15 (<5) seconds -  An SSH connection costs ~30 seconds -  We can remotely update the firmware -  Form factor of the finished probe is “just right” 31
  32. 32. RIPE Atlas - Overall Architecture 32
  33. 33. RIPE Atlas - Security aspects•  Probes have hardwired trust material! (registration server addresses / keys)•  The probes don’t have any open ports, they only initiate connections -  This works fine with NATs too•  Probes don’t listen to local traffic, there are no passive measurements running -  There’s no snooping around 33

×