[e2e] Time for a new Internet Protocol

Pekka Nikander pekka.nikander at nomadiclab.com
Wed May 16 04:45:15 PDT 2007


A couple of comments to two of your messages, also related to Vadim's  
"observations" about your economics-related undertones.

On 15 May 2007, at 16:48, David P. Reed wrote:
> [Source routing] is not a security hole anymore than the ability to  
> send a packet to an arbitrary destination (the *core* function of  
> IP) is a hole - ...

I agree.  But the I simultaneously claim that given the current  
economic reality, the core function of IP, the ability to send a  
packet to an arbitrary destination, *is* indeed a "security hole".   
If we had a different economic model, it might not be such a "hole",  
and certainly it was the "right" communication model in the early  
days of the Internet.

Given the prevalence of botnets and that almost everyone has a flat  
rate and therefore doesn't really care about outgoing traffic, the  
very communication model has become a "security hole".  Or, rather,  
it is the primary technological contributor to making it easy for the  
naturally-selfish fraction of the human society to behave in a  
socially undesirable manner.  The Internet is no more a village, and  
therefore we are suffering from our own specific form of the tragedy  
of the commons.

> ... if that packet triggers a vulnerability in that destination,  
> it's not the addressability that is the hole...

The "hole" is that mere appearance of the packet at the destination  
is a "vulnerability", given that it is economically feasible to send  
hugely larger amounts of packets than the destination can easily handle.

The real question is about balancing the desires of the prospective  
senders and receivers.  The current network design gives all power to  
the sender: any sender can send any sh*t to any receiver, independent  
of whether the receiver wants to have it or not, at *almost* no  
cost.  In practical terms, the marginal cost of receiving more  
packets (including filtering undesired packets out) is hugely larger  
than the marginal cost of sending some more (unwanted) packets.

On 15 May 2007, at 17:57, David P. Reed wrote:

> A motivation for TCP and then IP, TCP/IP, UDP/IP, RTP/IP, etc. was  
> that network vendors had too much control over what could happen  
> inside their networks.

And then gave the control to the users, assuming that all the users  
have aligned interests.  That works in a village but not in the  
current urban sprawl Internet with its ghettos and poverty.

If we attempt to do the power shift again (and I agree we should!),  
we have to aim for a socially more sustainable form of networking.  A  
form of networking that balances the power both between the end-user  
and the connectivity provider, and between the sender and the  
receiver.  A network that is traffic-neutral but still gives the ISPs  
enough of technical knobs to be able to compete through operational  
excellence.  A network that requires consent both from the sender and  
receiver before any (larger amounts) of traffic get through, in a  
manner that leaves the control to the end-users.

> Through a series of tragic events (including the dominance of  
> routerheads* in the network community) the Internet is gradually  
> being taken back into the control of providers who view their goal  
> as limiting what end users can do, based on the theory that any  
> application not invented by the pipe and switch owners is a waste  
> of resources.  They argue that "optimality" of the network is  
> required, and that any new application implemented at the edges  
> threatens the security and performance they pretend to provide to  
> users.

That's not a series of tragic events but economics 101.  It is  
natural that the service providers will always try to achieve market  
positions where they can set prices based on the end-user utility  
rather than the production cost.  From the social utility point of  
view, price differentiation is a thorny question.  In one hand, as  
long as it leads to a situation where the same service is *also*  
offered at a cost which is lower than the average production cost;  
e.g., the way airlines sell the cheapest seats at just slightly  
higher than the marginal cost, we can see the overall social utility  
increasing.  On the other hand, if it allows the service providers to  
set the average prices above the average production cost, the only  
net effect is that the service providers will become richer and the  
general public will suffer.

More complications are caused by the extremely minimal marginal costs  
that we are discussing here.  Indeed, from a social utility point of  
view one might argue that the optimal network load is one where all  
links are fully utilised but nowhere there is any congestion or  
queues.  If you/we are really going to create a new Internet  
Protocol, I challenge you/us to create one that make such a load goal  
more achievable than the current situation. :-)

> I call for others to join me in constructing the next Internet, not  
> as an extension of the current Internet, because that Internet is  
> corrupted by people who do not value innovation, connectivity, and  
> the ability to absorb new ideas from the user community.

I would not call the currently prevailing tendency of many (but not  
all) people of trying to maximise their monetary income as an  
opposite of valuing innovation, connectivity, and new user-originated  
ideas.  As Vadim wrote, the ISPs must live under pretty harsh  
competition conditions.  That doesn't mean that many people working  
for the ISPs might still privately value innovation, connectivity,  
and new ideas very much.

Another aspect here are those individuals that behave in an  
antisocial way (spammers etc).  That is a major cause driving the  
ISPs towards closing the Internet.  So, it is not only about greed,  
but also about the network design and the misaligned balance of power  
created by the very paradigm.

> But that need not matter.   If necessary, we can do this  
> inefficiently, creating a new class of routers that sit at the edge  
> of the IP network and sit in end user sites.   We can encrypt the  
> traffic, so that the IP monopoly (analogous to the ATT monopoly)  
> cannot tell what our layer is doing, and we can use protocols that  
> are more aggressively defensive since the IP layer has indeed  
> gotten very aggressive in blocking traffic and attempting to  
> prevent user-to-user connectivity.

Already a couple of years ago I came to the conclusion that in the  
longer run the only economically sensitive QoS policy is to charge  
less for the traffic whose QoS requirements the users willingly tell  
the operator.  If you make "best effort" the most expensive traffic  
class (and charge it a market price), you create a natural incentive  
for your users to tell their real QoS requirements to you, allowing  
you to actually better serve your customers than you otherwise would be.

Turn the information asymmetries to your benefit instead of trying to  
fight against them.

--Pekka Nikander
   a wannabe-economist routerhead

More information about the end2end-interest mailing list