All Posts By

LINX

ICANN protects .home, .mail and .corp from registration

By | DNS, Internet Governance, News

ICANN has announced that it will not delegate new top-level domains .home, mail and .corp, effectively turning these domains into reserved strings. The move acts to protect organisations that already use these domains to indicate IT resources on their own local network.

These three domains have been found to have been widely used by organisations for internal use, even though they are not available from ICANN.Numerous representations have been made to ICANN that delegating these domains would cause “string collision”, including by ICANN’s own Security and Stability Advisory Committee. String collision occurs when the same domain is used by different parties, recognised by different DNS resolver trees, meaning that the user may not be directed to the resource they expect. This can pose a risk of phishing fraud. String collision is normally considered a risk of a split DNS root (i.e. someone trying to usurp ICANN’s job), but can also occur when individual organisations make “private” use of an unregistered domain on their own network.

For example, if .corp were available for registrations then someone that registered fileserver.corp might receive traffic that users expected to go to a fileserver on their own corporate network – a clear security risk. By preventing these top level domains being delegated, ICANN has removed that threat from corporate networks already making use of them.

Government conclusions on NIS implementation

By | News, Security

The UK Department for Digital, Culture, Media & Sport (DCMS) has published its response to the replies it received to last year’s public consultation on implementation of the Network Information Security Directive (NIS-D). Finding broad support from responders for its proposed approach, it intends to press ahead largely unchanged, but with altered thresholds and adjustments to the penalty regime.

In regard to Internet Exchange Points, the government has dropped port capacity as the criterion for identifying essential services; any particular threshold would quickly have become out of date. Instead, the qualifying criteria will be based market share and routing table coverage. An IXP operator will qualify as an essential service if it has:

  • “50% or more annual market share amongst UK IXP Operators in terms of interconnected autonomous systems”, or if it
  •  “offer[s] interconnectivity to 50% or more of Global Internet routes”

The thresholds for DNS providers have also been changed

  • Operators of TLD registries will qualify as operators of essential services if they service an average of 2 billion queries or more per day (threshold unchanged);
  • Operators of DNS resolvers will qualify as operators of essential services if they service an average of 2 million DNS clients per day (changed from 60 million DNS queries per day). Moreover, only resolvers for publicly accessibly services will count, which may exclude some public and academic sector operators.
  • Additionally, operators of authoritative DNS hosting will also be brought into scope of NIS-D, for operators who host 250,000 domain names or more, again for public services.

The penalty regime has been simplified as a straightforward maximum fine of £17 million. This replaces a two-tier structure of up to €20 million or 4% of global turnover for failure to implement appropriate security measures, and €10million or 2% of global turnover for other offences. For many, but not all, of the affected businesses this will be a reduction in their exposure.

Another change is that incident reporting will be viewed as a compliance operation, for the operator to register the existence of a security incident with the regulator, separate from incident response. This is intended to protect the existing co-operative relationship operators have with the National Cyber Security Centre and other government protective services.

The government has also made adjustments to the draft “high level security principles” with which operators will be required to comply, in some cases so as to make the expectation more specifically require a good outcome, rather than merely a good process.

The government has confirmed that it will proceed with the approach of using sector-specific regulators as the regulator for NIS-D, resulting in having multiple “Competent Authorities”. This was broadly welcomed by affected businesses. Accordingly, the NIS-D regulator for Digitial infrastructure (IXPs and DNS providers) will be Ofcom.

ECJ to rule on whether Facebook must actively seek out hate speech

By | Content Issues, News

The Austrian Supreme Court has asked the European Court of Justice to rule on whether Facebook should actively search for hate speech posted by users.  The original lawsuit against Facebook was filed by Eva Glawischnig, the former leader of the Austrian Green Party, in 2016, after Facebook refused to take down what she claimed were defamatory postings about her.

Last year, an Austrian appeals court ruled in favour of Glawischnig, ordering Facebook to remove the hate speech postings – both the original posts and any verbatim repostings of the same comments – not just in Austria but worldwide. The Austrian Supreme Court has asked the ECJ to look at two issues: 1. Whether Facebook needs to actively look for similar posts, instead of just reposts, and 2. Whether such content needs to be removed globally.

The case comes amidst concerted pressure in Europe for social media platforms to do more to tackle hate speech. A new hate speech law in Germany, known as the network enforcement act, requires companies to remove or block criminal content within 24 hours, or seven days for complex cases, of it being reported. The law has already attracted controversy, despite only being actively enforced since 1 January 2018, after Twitter deleted a post by the German justice minister, Heiko Maas, dating back to 2010 before he was appointed to the role, calling a fellow politician “an idiot”. Twitter has also deleted anti-Muslim and anti-migrant posts by the far-right Alternative for Germany (AfD) party and blocked a satirical magazine’s account after it parodied the AfD’s anti-Muslim comments. The German Government has said that an evaluation will be carried out within six months to examine how well the new law is working.

Meanwhile, the European Commission has kept up the pressure on tech companies calling for them “to step up and speed up their efforts to tackle these threats quickly and comprehensively” and reiterating that it would “if necessary, propose legislation to complement the existing regulatory framework.”

New LINX Bi-Di Optical Transceiver Product Goes LIVE as First Connexions Partner Upgrades

By | LINX News
Back in April 2017, The London Internet Exchange announced the availability of a new fibre product in the form of Bi-Directional Optical Transceivers, at their regional exchange IXManchester.
LINX member, reseller partner and data centre operator, TeleData, were keen to announce to fellow peers at the exchange last week, that they had successfully upgraded their 10G port to the new Bi-Di optic, being the first member at the exchange to do so.  As a LINX Connexions Partner, this upgrade immediately enables customers at their own data centre, Delta House in Manchester, to take LINX connections with greater capacity and it has also allowed an additional connection utilising fibres already in place, removing the need for extra cross connects.Matthew Edgley, Commercial Director of TeleData says:“The main thing for us and the customer was being able to provision an additional high capacity LINX port from our data centre, without expensive third-party cross connect fees that are charged to connect into the core LINX PoP at the other end; which could have made the customer connection cost prohibitive.  We provided the customer’s cross connect at TeleData free of charge as we’d rather promote and enable LINX connections and member expansion from our data centre, than put cost barriers in the way.”

“We hope this will encourage more potential LINX members to see the advantages and join the exchange via a Connexions partner and data centres such as ours.”

When joining LINX, most members connect using a fibre pair or cross connect. One fibre is dedicated to receiving data from network equipment and the other fibre will be dedicated to transmitting data to the network. The new product, Bi-Directional Optical Transceivers (or Bi-Di transceivers for short) allows both the transmitting and receiving of data on a single fibre resulting in the benefit of reduced interconnect cost for the member, whilst doubling the capacity of each cross connect.

TeleData customer and LINX member Boundless were the first to use the new Bi-Di optical link at their IXManchester location, Williams House, and have successfully migrated their peering over.

Chris Bewley, Technical Director from Boundless says:

“The use of Bi-Di transceivers has enabled us to take a new 10G port at IXManchester, giving us future regional peering capacity as we continue to grow our network. Previously, the cost of third-party cross connect fees at Williams House would have been prohibitive to us taking the new port in IXManchester.”

“The order process was straight forward and we are seeing good, stable connectivity to the exchange from our equipment in TeleData.”

LINX’s Bi-Directional Optical Transceiver service is currently only available at IXManchester, however, there is an expectation that this product will be rolled out to all LINX exchanges, including both London LANs, in the future.

For further information please email the LINX Member Relations team.

UK Government to set up new unit to tackle fake news

By | Content Issues, News

The UK government has announced that it will set up a new unit to counter “fake news” and disinformation. The government said that the “dedicated national security communications unit”, which is already being dubbed the “Ministry of Truth”, would be charged with “combating disinformation by state actors and others”. As yet, there is no further information on where the unit will be based or who will staff it.

The Digital, Culture, Media and Sport Committee is currently carrying out an inquiry into “fake news” and has requested information from Facebook and Twitter including on Russian activity during the EU referendum campaign.

IPO launches copyright lessons for seven-year olds

By | Content Issues, News

The UK’s Intellectual Property Office (IPO) has launched a new campaign to teach children about online copyright infringement. In a bid to make intellectual property “fun”, the IPO has produced a range of teaching materials for seven- to 11-year-olds, which centres on a series of cartoons following the adventures of Nancy and the Meerkats.

According to the BBC:

The five-minute cartoons tell the story of would-be pop star Nancy, a French bulldog, who battles her ideas-stealing, feline nemesis, Kitty Perry, and teaches friends, including Justin Beaver and a rather dim Welsh sheep called Ed Shearling, about the importance of choosing an original band name and registering it as a trademark.

The IPO, which believes learning to “respect” copyrights and trademarks is a “key life skill”, is spending £20,000 on the campaign, which is part-funded by the UK music industry.

New Partnership for Angola Cables and LINX

By | LINX News
Wholesale carrier Angola Cables has launched a remote peering service to improve the connectivity between the peering community at The London Internet Exchange (LINX) and the peering members at its own Internet exchange point.
Angola Cables is a partner in the development of data centers in Luanda and Fortaleza, Brazil, and in the building of the South Atlantic Cable System (SACS) undersea cable, the first direct subsea link between Africa and South America in the southern hemisphere.Earlier this month, Angola Cables confirmed progress in construction of the 6,500-km undersea cable with an official launch in Sangano, Angola (see “Angola Cables announces launch of South Atlantic Cable System”). When finished, the SACS will position Angola Cables as a global interconnection provider by linking to Angola Cable’s European system and eventually to the Middle and Far East.”Peering at LINX in London and offering a remote peering service is part of the ongoing development of our network to ensure that our customers and partners have access to the latest communication technology and retain us as their ideal partner for international connectivity and high-quality Internet services,” said Darwin Costa, Angola Cables Product Manager.

“Since joining LINX peering community as one of the first exchange points, we have seen a more than threefold increase in traffic. We anticipate gaining new remote peering customers from across Africa and also from South America, once the South Atlantic Cable System is complete.”

The London Internet Exchange (LINX) is one of the largest Internet exchanges in the world, connecting over 825 member ASNs from over 75 countries around the globe. They are located in 10 PoPs across the UK capital along with regional exchanges in Wales, Manchester and Scotland. LINX also operates an Internet exchange in the Ashburn metro area in the US just outside Washington DC, LINX NoVA.

Jennifer Holmes, Head of Sales at LINX said; “We are delighted to welcome Angola Cables as our newest reseller partner and are looking forward to a long and successful partnership with them. This arrangement will provide African networks with a cost-effective and convenient method of connecting to LINX and enables them to enjoy the many benefits that peering in London has to offer.”

The London Internet Exchange (LINX) announce new partnership with Colt Data Centre Services

By | LINX News
LINX have recently welcomed Colt Data Centre to their London network as a Transmission PoP. The new partnership offers Colt customers a valuable, new additional service and prospective LINX members an attractive new location to peer in West London.
A Transmission PoP is a facility physically based within a carrier neutral data centre that provides customers with direct access to LINX’s infrastructure and improved performance of their peering connectivity.Matthew Cantwell, Director of Product for Colt DCS commented:“We are delighted with the addition of a LINX transmission POP to our London West data centre. Along with a wide choice of alternative carriers, our customers see direct access to Internet Exchanges as a crucial element of their network strategy. We look forward to working closely with LINX to help our customers and prospects benefit from the capabilities of our site and connecting directly to the UK’s premier Internet exchange.”

As well as improved latency and resilience, Colt customers who become LINX members will also benefit from improved routing control, increased capacity and redundancy at lower cost. In addition, there is also the opportunity to peer with over 820 member ASNs from over 75 countries worldwide on LINX’s dual peering Local Area Networks (LANs) LON1 and LON2, a facility unique to the UK.

Jennifer Holmes, Head of Sales at LINX commented:

“We are really excited to be partnering with Colt for the launch of a new Transmission PoP in London. This will allow even more networks to connect to our peering platforms in the capital from a location that is rapidly growing in importance. It is a very positive step for the network community here.”

 

Michelle Reid of Telehouse Europe Presented with Special LINX Award

By | LINX News
At the 99th member meeting of the London Internet Exchange (LINX) on 20th November, Michelle Reid of Telehouse Europe was presented with the Conspicuous Contribution to LINX Award.
LINX launched its network services at Telehouse Europe in 1994, when the London Exchange was first formed. Michelle has worked closely with LINX during her entire career at Telehouse spanning more than 20 years, to further develop the exchange’s network services at the Telehouse London Docklands campus.As LINX has grown, so has Telehouse in London.  Telehouse launched Europe’s first purpose-built carrier neutral colocation facility, Telehouse North in 1990. Since then, the Docklands campus has expanded with the addition of three data centres, including the new Telehouse North Two data centre which opened last year.LINX CEO, John Souter, said;“It is to Michelle’s credit that she really understood the role that LINX plays generally, and how having LINX in their buildings plays such an important role in establishing the Telehouse Docklands campus into one of the most connected places on the planet. We are grateful for her faithful support, and think it appropriate to recognise her in this way.”

Michelle Reid from Telehouse Europe said;

“I am honoured to have received this award from LINX and to have played a role in supporting LINX over the years. Telehouse’s long-standing relationship with LINX has contributed towards the development of the highly connected data centre ecosystem at Telehouse Docklands. This in turn provides LINX members and our customers with a low latency and resilient environment to support the high volumes of Internet traffic flowing through the campus.”

First presented in 2006, the LINX Award has so far been given to seven recipients: Nigel Titley, Dr Richard Clayton, Clive Feather, NIX.CZ and CZ.NIC for the BIRD route server project, Raza Rizvi and former long-standing LINX Chairman, Grahame Davies.

Further information on the Conspicuous Contribution to LINX Award can be found on the LINX website: www.linx.net/communications/linxaward

ENDS

November 2017

 

Notes to Editors

About The London Internet Exchange (LINX)

LINX is one of the largest Internet exchanges in the world, connecting over 800 networks from over 75 countries around the globe. As a mutual membership organisation, whose members make up a large part of the global internet, the London based IXP is in a unique position to make a difference for all as it’s mantra ‘Working for the Good of the Internet’ indicates. LINX maintain a heavy London presence with over 10 PoPs across the capital along with regional exchanges in Wales, Manchester and Scotland. LINX also operates an Internet exchange in the Ashburn metro area in the US just outside Washington DC.

For more information about the London Internet Exchange visit www.linx.net or email marketing@linx.net

About Telehouse

Telehouse is the pioneering data centre colocation provider established in 1989.  It is an owner operator of global data centres, connectivity and managed ICT solutions to over 3000 corporations around the world. Telehouse is the data centre subsidiary of Japanese corporation KDDI, a leading Japanese mobile and fixed-line telecommunications and ICT solution provider with 106 offices in 28 countries around the world and a Global Fortune company.

Further Telehouse press information:  marketing@uk.telehouse.net

Route server Validation Goes Live in Manchester

By | LINX News
At its most recent membership meeting LINX99 in November, LINX updated the membership on the status of the route validation project.
At its membership meeting LINX96 in February 2017, The London Internet Exchange (LINX) announced the plans for deploying route validation at all its route servers. After the discussions with the membership in February LINX had agreed on a two stage approach, firstly invalid prefixes would be tagged and then after a short period the tagged prefixes would no longer be propagated. Any member who wished to receive all data would always have the option to request such data.LINX’s caution came from concerns that once initial validation was put in place the quantity of invalid prefixes was very large. To mitigate this risk LINX embarked upon an individual programme with their NOC team to contact all members who were announcing invalid prefixes or leaking routing tables to inform them of the route server project to help them correct the issue (namely correcting information held in PeeringDB, and other databases). Contacting members has had some impact on the number of invalid prefixes being announced, but surprisingly it is still around 20% of the total prefixes.

At its most recent membership meeting LINX99 in November, LINX updated the membership on the status of the route validation project. LINX informed that the next step was to start to implement the route tagging, as originally agreed with the members, and that this was due to start the same week as LINX99. After a short discussion with the members following the announcement it became clear that the members now preferred for LINX to go straight to a non-propagated approach. The majority of members present thought that a two staged implementation would not be effective as members would have to build their own filters based upon the LINX tagging. This work would then become redundant when LINX started not to propagate tagged prefixes and as a result most of them wouldn’t build their own filters. As for members who were announcing invalid prefixes, whilst the number of routes were high, the number of members that this represented was not as significant.

LINX CMO, Kurtis Lindqvist, posed the question directly to the room regarding which approach would LINX should take. It was agreed that the roll out should be by individual route servers with non-propagation being in place almost immediately after the tagging is announced. The first route server to go through this process is at IXManchester, with LINX enabled tagging of prefixes with communities based on the result of prefix validation, beginning on Tuesday 28th November. At this first step, LINX will be using the IRR object registered in PeeringDB to check for valid IRR entries for the announced prefixes. In addition, LINX check for a valid ASN origin.

On Wednesday 29th November, LINX changed the default configuration on rs1.man1 (quagga) and will no longer propagate any prefixes which do not pass the prefix validation. On Monday, 11th December, LINX will change the default configuration for rs2.man1 to match that of rs1.man1.

If for whatever reason, members want to continue to receive the unfiltered prefixes, they can opt-out of this change by opening a ticket with the LINX NOC, stating their IXManchester peering LAN IP address and ASN.

Similar changes will be applied to the LINX route servers on all LANs over the next few weeks. If members are using LINX route servers then they are encouraged to look out for further announcements on the LINX ops-announce mailing list.

The aim of this project is to capture and reduce all non-malicious errors and reduce member issues caused by prefix leaks. Validating against the IRR database means that it becomes very important that all members have correct and current information in PeeringDB. LINX has always stressed the importance to members of registering their information on PeeringDB, but as this project becomes live, it is now critical. LINX are urging all members to check and update their information to ensure that it is correct.

As a future improvement, LINX are also evaluating the use of additional checks, i.e. the use of RPKI to further improve the platforms.

Ends