Re: [arch-d] possible new IAB programme on Internet resilience

Dan York <> Wed, 01 January 2020 20:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2DDB81200A1 for <>; Wed, 1 Jan 2020 12:11:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id xfCCnPDetaWK for <>; Wed, 1 Jan 2020 12:11:37 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BF667120096 for <>; Wed, 1 Jan 2020 12:11:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=IZzQ330D6ccPl7Y6j1UdMZi1IXHlONWUX3553U4kq8Xzm73ED4Ec0klYrw4vG6jpOIHOpWdOZRJpwnaV9cfM/H8e2PWEofRwA7YBtG+NRhwymCokfLyNol9YKntS91iWR7v403ALCQe9Azz04d9TQ+BS2kbq3jTg6Sf3iZ3fnqvEgI/dlgOoOBtH8b0sqPjes/q25P04GcvWUBtp+++Y6ra8UIW92j375ZzMCuI7qnYdW7MnYSeNNLzdjGQeKKA+yzoOS2lhwfN4Z1uudS8/7kc/wB8JXqYKaCBAnk/xJbvZyYK3J0r9weaJQZiHhKfWylB7i2MCzn4Dmljpi4EJEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=faiNQ/XashnDNyxG2D2jfR+GmS+Mm7qBf7B8VIO5sH0=; b=mcUtQ+OtvDZcJdH4AClasOKJgk0gmQRgfU9Qj7N/jw0wArggUbDp4x07PQDIR1FvYPetKo6/PdWRQdaqwn+Gt9UyYdQR1v53sTd5RvlfORMkWYespf05XNo0AuaxelatQyfWfSdl9WuqFtcu029EWZxcj/1dWSnN15HK7B+nFhbFOCCiHNDHoCDD/qW3NQ/c/VWB4v9dtwfcAnDqE+p4Gi6xaVsZzXmd0Rf+EOvza9iEfYe7mNBQ0155m0rJo0KUrfP01ztCanVSbab5kS3A/3fTTWGTAAQYBLB4Vb3sqX0CV6G+wPH2o6HQC14nh7mIy9KuyZ0ZxZ8tMXY8yIKXXg==
ARC-Authentication-Results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=faiNQ/XashnDNyxG2D2jfR+GmS+Mm7qBf7B8VIO5sH0=; b=3sD5NV0GD0fykO4M7MP3mxqMQcCsnzXTvilWmsa6b7hAKc4BT+JXhwmXRjIeR7jrG2WGZZiuWf2FtylYIi82QoPclb9rsZn/aodKYWepFPezUSbuKlqt0E1qtZUteWqmz1MZvnldvRBcpx1Pw6rbxK2oJ2AUm1svuVS3S2hiIak=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2581.12; Wed, 1 Jan 2020 20:11:33 +0000
Received: from ([fe80::2c2d:4ecc:c8f0:115d]) by ([fe80::2c2d:4ecc:c8f0:115d%5]) with mapi id 15.20.2602.010; Wed, 1 Jan 2020 20:11:33 +0000
From: Dan York <>
To: Brian E Carpenter <>
CC: Lucy Lynch <>, "" <>
Thread-Topic: [arch-d] possible new IAB programme on Internet resilience
Date: Wed, 1 Jan 2020 20:11:33 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: [2601:198:4100:84b0:413e:b645:50a0:2e94]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6683c496-35f0-457c-fa42-08d78ef6cc52
x-ms-traffictypediagnostic: DM5PR06MB2489:
x-microsoft-antispam-prvs: <>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02698DF457
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39840400004)(396003)(376002)(346002)(366004)(136003)(199004)(189003)(76116006)(5660300002)(508600001)(54906003)(66556008)(64756008)(66476007)(66446008)(66946007)(316002)(6916009)(91956017)(2906002)(66574012)(36756003)(81156014)(8676002)(8936002)(2616005)(86362001)(53546011)(186003)(6486002)(33656002)(6512007)(6506007)(4326008)(71200400001)(81166006); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR06MB2489;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: wGnWeoRDi/lV0LiocFJh1jXrcTjMWEjQ49Cx/nzpci12fOXBjiw7HHHuJQeLuPluDK3tEU8zY8DnNeosTphlKuPis4SpCfLaXL3X4Wh+LMs2axjByqD1G2KRhKwGhPE/BLw9+Z7elNS72g8H34Eut15yzNGp8Hqq2yHt4A29Y6f1Cs39wOF889/5xjOJkE/waapHK69JYYjfVdDsIYn9TAMakNv+yFzs6ZGARG/2u22wZ5spYaDrLQDqK9fj31W6qVutXqbdIBFPawH51nuf29BnaLAYFI/R9TX9yQLWqvwZwueD2+/fDuztEaTQsGE9k8Oq5IxsO5N1OQ//GDeZl752mkQ53buEZef7gVN+0ttWrtH4QxH5fn96mwhs2dZEZA9Ous8yJJLPrZJMu7ZneRXawJPQRXkrAv0IPceRq7YhS8VUU6krESJ73tirN9gO
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_A26379AEE3EF472A8927CE55CF417FEBisocorg_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 6683c496-35f0-457c-fa42-08d78ef6cc52
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jan 2020 20:11:33.2215 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GBHXwWEzxmec72miiBcOOG+EWbdnMaDCmO1ATgyoOs/RQIU9Bo/WLQ6cc2rDQzsG
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR06MB2489
Archived-At: <>
Subject: Re: [arch-d] possible new IAB programme on Internet resilience
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 01 Jan 2020 20:11:40 -0000


On Jan 1, 2020, at 2:12 PM, Brian E Carpenter <<>> wrote:

Cherry-picking from your interesing message:

What if there winds up being a lack of diversity of paths through the “open” and “public” Internet? What if increasingly traffic winds up traveling through these proprietary global networks (to which you need to pay to connect and through that gain permission to send traffic - and only to that company’s platforms)?

Is this really new, from a technical viewpoint?

I’m not sure. I haven’t yet worked enough personally with these newer networks to be able to fully answer that question.  My knowledge comes from reading articles, going through tutorials, listening to talks / podcasts, and experimenting to the degree I can. But I don’t operate a network or data center where I could join in to one (or more) of them… so I have to defer to those who have that kind of more direct experience.

It reminds me very much of the early 1990s, when policy based BGP4 routing first became a thing, and acceptable use policies were applied by NSFNET, ESNET, and their equivalents in Europe and Asia. That was all about money, of course, except that it was public money.

Interesting thought. I guess the difference I could see was that in those days the networks were all using the same open standards-based protocols, even with AUP’s being applied. They were all weaving together a common network fabric, from what I saw as a network user at that time.

With these newer private networks, they may - or may not - be using the same protocols that the public Internet is using. You may or may not know. (And from a purely operational point-of-view, you may not care… a main reason for using the private network is to have low-latency connectivity to applications or content.)

In at least one of the cases (Amazon Outposts), my understanding is that the company comes and installs hardware in your data center that then connects your network back to Amazon’s AWS network. Is it all running open Internet protocols? Or are there proprietary protocols (or “extensions”) that are making the connectivity that much faster/better?  (And I honestly do not know.)  Do you only have connectivity to their platform(s)? Or do you have wider connectivity?

To me, this is part of the question - do these newer, global, private networks *increase* the overall resilience of the open, public Internet? Or do they *decrease* the overall resilience of the open, public Internet? Or do they not really have any effect? Or is it too soon to tell?

Interesting times,