Shortcuts through Colocation Facilities

Network overlays, running on top of the existing Internet substrate, are of perennial value to Internet end-users in the context of, e.g., real-time applications. Such overlays can employ traffic relays to yield path latencies lower than the direct paths, a phenomenon known as Triangle Inequality Violation (TIV). Past studies identify the opportunities of reducing latency using TIVs. However, they do not investigate the gains of strategically selecting relays in Colocation Facilities (Colos). In this work, we answer the following questions: (i) how Colo-hosted relays compare with other relays as well as with the direct Internet, in terms of latency (RTT) reductions; (ii) what are the best locations for placing the relays to yield these reductions. To this end, we conduct a large-scale one-month measurement of inter-domain paths between RIPE Atlas (RA) nodes as endpoints, located at eyeball networks. We employ as relays Planetlab nodes, other RA nodes, and machines in Colos. We examine the RTTs of the overlay paths obtained via the selected relays, as well as the direct paths. We find that Colo-based relays perform the best and can achieve latency reductions against direct paths, ranging from a few to 100s of milliseconds, in 76% of the total cases; 75% (58% of total cases) of these reductions require only 10 relays in 6 large Colos.Comment: In Proceedings of the ACM Internet Measurement Conference (IMC '17), London, GB, 201

From Single Lane to Highways: Analyzing the Adoption of Multipath TCP in the Internet

Multipath TCP (MPTCP) extends traditional TCP to enable simultaneous use of multiple connection endpoints at the source and destination. MPTCP has been under active development since its standardization in 2013, and more recently in February 2020, MPTCP was upstreamed to the Linux kernel. In this paper, we provide the first broad analysis of MPTCPv0 in the Internet. We probe the entire IPv4 address space and an IPv6 hitlist to detect MPTCP-enabled systems operational on port 80 and 443. Our scans reveal a steady increase in MPTCP-capable IPs, reaching 9k+ on IPv4 and a few dozen on IPv6. We also discover a significant share of seemingly MPTCP-capable hosts, an artifact of middleboxes mirroring TCP options. We conduct targeted HTTP(S) measurements towards select hosts and find that middleboxes can aggressively impact the perceived quality of applications utilizing MPTCP. Finally, we analyze two complementary traffic traces from CAIDA and MAWI to shed light on the real-world usage of MPTCP. We find that while MPTCP usage has increased by a factor of 20 over the past few years, its traffic share is still quite low.Comment: Proceedings of the 2021 IFIP Networking Conference (Networking '21). Visit https://mptcp.io for up-to-date MPTCP measurement result

Quantifying Irregular Geographic Exposure on the Internet

In this work, we examine to what extent the Internet\u27s routing infrastructure needlessly exposes network traffic to nations geographically irrelevant to packet transmission. We quantify what countries are geographically logical to see on a network path traveling between two nations through the use of convex hulls circumscribing major population centers, and then compare that to the nation states observed in over 14.5 billion measured paths. Our results show that 49% of paths unnecessarily expose traffic to at least one nation. We further explore what nations, regions, and ASes expose and benefit from this geographically illogical traffic. As an example, we see that 23% of source/destination pairs located outside of the United States send their traffic through the US, but only 8% of those paths are geographically logical. Finally, we examine what happens when countries exercise both legal and physical control over ASes transiting traffic, gaining access to traffic outside of their geographic borders, but carried by organizations that fall under a particular country\u27s legal jurisdiction. When considering both the physical and legal countries that a path traverses, our results show that over 57% of paths expose traffic to a geographically irrelevant country

NetCluster: A clustering-based framework to analyze internet passive measurements data

Internet measured data collected via passive measurement are analyzed to obtain localization information on nodes by clustering (i.e., grouping together) nodes that exhibit similar network path properties. Since traditional clustering algorithms fail to correctly identify clusters of homogeneous nodes, we propose the NetCluster novel framework, suited to analyze Internet measurement datasets. We show that the proposed framework correctly analyzes synthetically generated traces. Finally, we apply it to real traces collected at the access link of Politecnico di Torino campus LAN and discuss the network characteristics as seen at the vantage point

Quantifying the Effects of Circuitous Routes on the Latency of Intra-Africa Internet Traffic: A Study of Research and Education Networks

Despite an increase in the number of Internet eXchange Points (IXP) in Africa, as well as proliferation of submarine and terrestrial fibre optic cable systems, the level of peering among Africa’s Internet service providers remains low. Using active network measurements, this work characterizes the level of interconnectivity and peering among Africa’s National Research and Education Networks (NRENs),and examines the performance of traffic exchange in terms of latencies. This paper shows that over 75% of Africa’s inter-university traffic follows circuitous inter-continental routes, and is characterised by latencies that are more than double those of traffic exchanged within the continent

A Longitudinal View at the Adoption of Multipath TCP

Multipath TCP (MPTCP) extends traditional TCP to enable simultaneous use ofmultiple connection endpoints at the source and destination. MPTCP has beenunder active development since its standardization in 2013, and more recentlyin February 2020, MPTCP was upstreamed to the Linux kernel. In this paper, weprovide an in-depth analysis of MPTCPv0 in the Internet and the first analysisof MPTCPv1 to date. We probe the entire IPv4 address space and an IPv6 hitlistto detect MPTCP-enabled systems operational on port 80 and 443. Our scansreveal a steady increase in MPTCPv0-capable IPs, reaching 13k+ on IPv4(2$\times$ increase in one year) and 1k on IPv6 (40$\times$ increase). MPTCPv1deployment is comparatively low with $\approx$100 supporting hosts in IPv4 andIPv6, most of which belong to Apple. We also discover a substantial share ofseemingly MPTCP-capable hosts, an artifact of middleboxes mirroring TCPoptions. We conduct targeted HTTP(S) measurements towards select hosts and findthat middleboxes can aggressively impact the perceived quality of applicationsutilizing MPTCP. Finally, we analyze two complementary traffic traces fromCAIDA and MAWI to shed light on the real-world usage of MPTCP. We find thatwhile MPTCP usage has increased by a factor of 20 over the past few years, itstraffic share is still quite low.<br

How to Catch when Proxies Lie: Verifying the Physical Locations of Network Proxies with Active Geolocation

Internet users worldwide rely on commercial network proxies both to conceal their true location and identity, and to control their apparent location. Their reasons range from mundane to security-critical. Proxy operators offer no proof that their advertised server locations are accurate. IP-to-location databases tend to agree with the advertised locations, but there have been many reports of serious errors in such databases. In this study we estimate the locations of 2269 proxy servers from ping-time measurements to hosts in known locations, combined with AS and network information. These servers are operated by seven proxy services, and, according to the operators, spread over 222 countries and territories. Our measurements show that one-third of them are definitely not located in the advertised countries, and another third might not be. Instead, they are concentrated in countries where server hosting is cheap and reliable (e.g. Czech Republic, Germany, Netherlands, UK, USA). In the process, we address a number of technical challenges with applying active geolocation to proxy servers, which may not be directly pingable, and may restrict the types of packets that can be sent through them, e.g. forbidding traceroute. We also test three geolocation algorithms from previous literature, plus two variations of our own design, at the scale of the whole world