[e2e] Time for a new Internet Protocol
pekka.nikander at nomadiclab.com
Wed May 16 04:45:15 PDT 2007
A couple of comments to two of your messages, also related to Vadim's
"observations" about your economics-related undertones.
On 15 May 2007, at 16:48, David P. Reed wrote:
> [Source routing] is not a security hole anymore than the ability to
> send a packet to an arbitrary destination (the *core* function of
> IP) is a hole - ...
I agree. But the I simultaneously claim that given the current
economic reality, the core function of IP, the ability to send a
packet to an arbitrary destination, *is* indeed a "security hole".
If we had a different economic model, it might not be such a "hole",
and certainly it was the "right" communication model in the early
days of the Internet.
Given the prevalence of botnets and that almost everyone has a flat
rate and therefore doesn't really care about outgoing traffic, the
very communication model has become a "security hole". Or, rather,
it is the primary technological contributor to making it easy for the
naturally-selfish fraction of the human society to behave in a
socially undesirable manner. The Internet is no more a village, and
therefore we are suffering from our own specific form of the tragedy
of the commons.
> ... if that packet triggers a vulnerability in that destination,
> it's not the addressability that is the hole...
The "hole" is that mere appearance of the packet at the destination
is a "vulnerability", given that it is economically feasible to send
hugely larger amounts of packets than the destination can easily handle.
The real question is about balancing the desires of the prospective
senders and receivers. The current network design gives all power to
the sender: any sender can send any sh*t to any receiver, independent
of whether the receiver wants to have it or not, at *almost* no
cost. In practical terms, the marginal cost of receiving more
packets (including filtering undesired packets out) is hugely larger
than the marginal cost of sending some more (unwanted) packets.
On 15 May 2007, at 17:57, David P. Reed wrote:
> A motivation for TCP and then IP, TCP/IP, UDP/IP, RTP/IP, etc. was
> that network vendors had too much control over what could happen
> inside their networks.
And then gave the control to the users, assuming that all the users
have aligned interests. That works in a village but not in the
current urban sprawl Internet with its ghettos and poverty.
If we attempt to do the power shift again (and I agree we should!),
we have to aim for a socially more sustainable form of networking. A
form of networking that balances the power both between the end-user
and the connectivity provider, and between the sender and the
receiver. A network that is traffic-neutral but still gives the ISPs
enough of technical knobs to be able to compete through operational
excellence. A network that requires consent both from the sender and
receiver before any (larger amounts) of traffic get through, in a
manner that leaves the control to the end-users.
> Through a series of tragic events (including the dominance of
> routerheads* in the network community) the Internet is gradually
> being taken back into the control of providers who view their goal
> as limiting what end users can do, based on the theory that any
> application not invented by the pipe and switch owners is a waste
> of resources. They argue that "optimality" of the network is
> required, and that any new application implemented at the edges
> threatens the security and performance they pretend to provide to
That's not a series of tragic events but economics 101. It is
natural that the service providers will always try to achieve market
positions where they can set prices based on the end-user utility
rather than the production cost. From the social utility point of
view, price differentiation is a thorny question. In one hand, as
long as it leads to a situation where the same service is *also*
offered at a cost which is lower than the average production cost;
e.g., the way airlines sell the cheapest seats at just slightly
higher than the marginal cost, we can see the overall social utility
increasing. On the other hand, if it allows the service providers to
set the average prices above the average production cost, the only
net effect is that the service providers will become richer and the
general public will suffer.
More complications are caused by the extremely minimal marginal costs
that we are discussing here. Indeed, from a social utility point of
view one might argue that the optimal network load is one where all
links are fully utilised but nowhere there is any congestion or
queues. If you/we are really going to create a new Internet
Protocol, I challenge you/us to create one that make such a load goal
more achievable than the current situation. :-)
> I call for others to join me in constructing the next Internet, not
> as an extension of the current Internet, because that Internet is
> corrupted by people who do not value innovation, connectivity, and
> the ability to absorb new ideas from the user community.
I would not call the currently prevailing tendency of many (but not
all) people of trying to maximise their monetary income as an
opposite of valuing innovation, connectivity, and new user-originated
ideas. As Vadim wrote, the ISPs must live under pretty harsh
competition conditions. That doesn't mean that many people working
for the ISPs might still privately value innovation, connectivity,
and new ideas very much.
Another aspect here are those individuals that behave in an
antisocial way (spammers etc). That is a major cause driving the
ISPs towards closing the Internet. So, it is not only about greed,
but also about the network design and the misaligned balance of power
created by the very paradigm.
> But that need not matter. If necessary, we can do this
> inefficiently, creating a new class of routers that sit at the edge
> of the IP network and sit in end user sites. We can encrypt the
> traffic, so that the IP monopoly (analogous to the ATT monopoly)
> cannot tell what our layer is doing, and we can use protocols that
> are more aggressively defensive since the IP layer has indeed
> gotten very aggressive in blocking traffic and attempting to
> prevent user-to-user connectivity.
Already a couple of years ago I came to the conclusion that in the
longer run the only economically sensitive QoS policy is to charge
less for the traffic whose QoS requirements the users willingly tell
the operator. If you make "best effort" the most expensive traffic
class (and charge it a market price), you create a natural incentive
for your users to tell their real QoS requirements to you, allowing
you to actually better serve your customers than you otherwise would be.
Turn the information asymmetries to your benefit instead of trying to
fight against them.
a wannabe-economist routerhead
More information about the end2end-interest