Hi all,
We are a group of researchers at University of California, Riverside who
have been working on measuring the transnational network performance (and
have previously asked questions on the mailing list). Our work has now led
to a publication in Sigmetrics 2020 and we are eager to share some
i
Maybe... I dunno get rid of the Great Firewall of China?
https://en.wikipedia.org/wiki/Great_Firewall
On Mon, Mar 2, 2020 at 7:59 AM Pengxiong Zhu wrote:
> Hi all,
>
> We are a group of researchers at University of California, Riverside who
> have been working on measuring the transnational
My guess is that it’s all the DDoS traffic coming from China saturating the
links.
From: NANOG Email List on behalf of Pengxiong Zhu
Date: Monday, March 2, 2020 at 8:58 AM
To: NANOG list
Cc: Zhiyun Qian
Subject: China’s Slow Transnational Network
Hi all,
We are a group of researchers at Un
It’s the Government doing mandatory content filtering at the border. Their
hardware is either deliberately or accidentally poor-performing.
I believe providing limited and throttled external connectivity may be
deliberate; think of how that curtails for one thing; streaming video?
-Ben.
-Ben
It also gives local competitors a leg up by helping domestic apps perform
better simply by being hosted domestically (or making foreign players host
inside China).
> On Mar 2, 2020, at 11:27, Ben Cannon wrote:
>
>
> It’s the Government doing mandatory content filtering at the border. Their
On Sun, 01 Mar 2020 21:00:05 -0800, Pengxiong Zhu said:
> There are a few things noteworthy regarding the phenomenon. First of all,
> all traffic types are treated equally, HTTP(S), VPN, etc., which means it
> is discriminating or differentiating any specific kinds of traffic.
This sentence is mi
On Mon, Mar 2, 2020 at 11:46 AM Pengxiong Zhu wrote:
> Those are good insights. Our first guess is censorship too, and we
> discussed the possibilities of censorship side effects in Section 5.1
> *Censorship*.
>
> My guess is that it’s all the DDoS traffic coming from China saturating
>> the link
On 21/02/2020 23:37, Owen DeLong wrote:
> What’s next? Why not simply eliminate port numbers altogether in favor
> of a single 16-bit client-side unique session identifier.
I see what you did there.
--
Tom
Poor network performance between the Chinese networks and the rest of the
world is not a bug ; it's an intentional feature. The government of China
has constructed these multiple systems to both control what information is
or is not received by their citizens, but also to ensure that domestic
inter
Anyone know why Google announces only aggregates via peering and
disaggregate prefixes over transit?
For example, I had a customer complaining about a path that was taking
the long way instead of via peering and when I looked I saw:
Only 172.217.0.0/16 over Any2 LAX
That plus 172.217.14.0/24
In part, it might be because people you’re not paying may be less tolerant of
anti-social behavior than people you are paying.
It does seem rather odd that Google would prefer to receive their traffic over
transit, but I’m not going to try and second guess that decision.
Owen
> On Mar 2, 2020
> find out direct evidence of mandatory content filtering at the border
You seem to be implying that you don't believe/can't see the GFW, which
seems surprising. I've personally had issues with traffic crossing it
getting RST'd (luckily I was fortunate enough to cross through a GFW
instance which
On 3/2/20 12:44 PM, Owen DeLong wrote:
In part, it might be because people you’re not paying may be less tolerant of
anti-social behavior than people you are paying.
I'm not sure how I was being offensive but OK.
No voice service on my line, or TV. Just gigabit internet.
Also: I think ipv6 isn't working for me cuz it's being dropped by a switch
I'm using!
I will swap that out / remove that and try ipv6 again
-- Dan
On Thu, Feb 27, 2020, 9:10 AM Hiers, David wrote:
> We find that they usually impose pr
Yes, the sentence is missing a ‘not’. Sorry about that. It’s not
discriminating or differentiating any specific kinds of traffic.
On Mon, Mar 2, 2020 at 10:56 AM Valdis Klētnieks
wrote:
> On Sun, 01 Mar 2020 21:00:05 -0800, Pengxiong Zhu said:
>
> > There are a few things noteworthy regarding th
Those are good insights. Our first guess is censorship too, and we
discussed the possibilities of censorship side effects in Section 5.1
*Censorship*.
My guess is that it’s all the DDoS traffic coming from China saturating the
> links.
>
In fact, Great Canon (GC) [55] is such an in-path system. B
Yes, we agree. The poor transnational Internet performance effectively puts
any foreign business that does not have a physical presence (i.e., servers)
in China at a disadvantage.
The challenge is to find out direct evidence to prove mandatory content
filtering at the border, if the government is a
In fact, the three large carriers provide 98.5% of China’s total
transnational bandwidth. We observe this across all the three large
carriers, as well as one smaller carrier, CERNET(China Education and
Research Network).
Best,
Pengxiong Zhu
Department of Computer Science and Engineering
University
Network Engineer for a small ISP here. Our customers seem to be having
connectivity issues with Take-Two Software, specifically NBA 2k20. Traceroute
makes it to Akamai Prolexic before being dropped. Does anyone have contact info
for someone at Take-Two?
Thanks,
Tim Nowaczyk
--
Timothy Nowacz
In fact, Great Canon (GC) [55] is such an in-path system. But it
is known for intercepting a subset of traffic (based on protocol
type) only. What’s more, GC has been activated only twice in
history (the last one in 2015 [55]).
---
AT&T security says otherwis
I believe Owen was referring here to Google's actions: that the disagg is
the antisocial behaviour and that transit providers (the people they are
paying) would be more tolerant of that antisocial behaviour than would be
peers (the people they are not paying).
On Mon., Mar. 2, 2020, 13:19 Seth Mat
Yes… That’s correct.
Owen
> On Mar 2, 2020, at 2:20 PM, Hugo Slabbert wrote:
>
> I believe Owen was referring here to Google's actions: that the disagg is the
> antisocial behaviour and that transit providers (the people they are paying)
> would be more tolerant of that antisocial behaviour
On 3/2/20 2:20 PM, Hugo Slabbert wrote:
I believe Owen was referring here to Google's actions: that the disagg
is the antisocial behaviour and that transit providers (the people they
are paying) would be more tolerant of that antisocial behaviour than
would be peers (the people they are not pay
Did you compare CERNET with commodity networks? (My anecdotal observations
from a couple years ago suggest that Internet2 to CERNET is very good when
other paths are poor to unusable.)
--David Burns
On Mon, Mar 2, 2020 at 7:58 AM Pengxiong Zhu wrote:
> Hi all,
>
> We are a group of researchers
>
> You seem to be implying that you don't believe/can't see the GFW
No, that's not what I meant. I thought mandatory content filtering at the
border means traffic throttling at the border, deliberately or accidentally
rate-limiting the traffic, now
I think he was referring to GFW and the side ef
Yes, CERNET has indeed smaller slowdown period(4 hours) than commodity
networks(12 hours), but still has slowdown.
Best,
Pengxiong Zhu
Department of Computer Science and Engineering
University of California, Riverside
On Mon, Mar 2, 2020 at 2:36 PM David Burns wrote:
> Did you compare CERNET w
DDoS traffic is coming from China to the outside world, which
should saturate the upstream link of China, however, what we observed is
that the upstream link has high and stable performance, while the
downstream link of China, which is traffic coming from the outside world to
China, is suffering fr
Most of the performance hit is because of commercial actions, not
censorship.
When there is a tri-opoly, with no opportunity of competition, its easily
possible to set prices which are very different than market conditions.
This is what is happening here.
Prices are set artificially high, so thei
- On Mar 2, 2020, at 5:37 PM, Seth Mattinen se...@rollernet.us wrote:
> I suppose that one went over my head.
>
> To clarify I am the one with peering in LAX and I'm only seeing the big
> aggregates via the Any2 Easy servers. At the moment I can only infer
> that Google announces aggregate
On Mar 2, 2020, at 17:38, Seth Mattinen wrote:
> On 3/2/20 2:20 PM, Hugo Slabbert wrote:
>> I believe Owen was referring here to Google's actions: that the disagg is
>> the antisocial behaviour and that transit providers (the people they are
>> paying) would be more tolerant of that antisocial
On 3/2/20 3:02 PM, Randy Carpenter wrote:
I would say it would be best to see if you can get a direct peer with Google
via the IX. I have done this with some of the ISPs I work with. It was no
additional cost since the physical connections are already in place and
actually was highly recommend
You hit the nail on the head. Google only seems to announce a subset of their
routes to the route servers, but does announce all routes (for some definition
of “all”) to direct peers. I notice this every time I turn up a new IX and
traffic heads off onto my backbone instead of the local IX.
I d
On 3/2/20 3:09 PM, Patrick W. Gilmore wrote:
Your routers, your decision.
But how much traffic are you sending TO Google? Most people get the vast
majority of traffic FROM Google. They send you videos, you send them
ACKs. Does it matter where the ACKs go?
A customer is complaining that dat
NANOG,
Looking for anyone from XO or Legacy Concentric web hosting services (now
VDMS). I have a mutual customer that is getting caught at some form of Web App
firewall coming from a specific IP range.
Thank you!
James W. Breeden
Managing Partner
[logo_transparent_background]
Arenal Group: A
On Mar 2, 2020, at 6:30 PM, Seth Mattinen wrote:
> On 3/2/20 3:09 PM, Patrick W. Gilmore wrote:
>> Your routers, your decision.
>> But how much traffic are you sending TO Google? Most people get the vast
>> majority of traffic FROM Google. They send you videos, you send them ACKs.
>> Does it mat
On 3/2/20 4:32 PM, Patrick W. Gilmore wrote:
That said, I fear this is going to be a problem long term. A blind “no /24s”
filter is dangerous, plus it might solve all traffic issues. It is going to
take effort to be sure you don’t get bitten by the Law Of Unintended
Consequences.
As soon as
It may be worthwhile for you to consider adding 15169 to your "Don't accept
$tier1 prefixes from other peers" policy in your inbound policy chain.
I've found that there's a set of $LARGE_ENOUGH networks that, even though
they're not literal $tier1 providers, benefit from that same level of
filteri
37 matches
Mail list logo
