PING is a podcast for people who want to look behind the scenes into the workings of the Internet. Each fortnight we will chat with people who have built and are improving the health of the Internet.
The views expressed by the featured speakers are their own and do not necessarily reflect the views of APNIC.
Last refreshed: ⓘ
Follow this podcast in the Metacast mobile app to refresh it and see new episodes.
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
In this episode of PING, Robert Kisteleki from the RIPE NCC discusses the RIPE Atlas system -a network of over 13,000 measurement devices deployed worldwide in homes, exchange points, stub and transit AS, densely connected regions and sparse island states. Atlas began with a vision of the world at night -a powerful metaphor for where people are, and where technology reaches. Could a measurement system achieve sufficient density to "light up the internet" in a similar manner? Could network measur...
In this episode of PING, APNIC’s Chief Scientist, Geoff Huston , discusses "a day in the life of BGP" -Not an extraordinary day, not a special day, just the 8th of May. What happens inside the BGP system, from the point of view of AS4608, one ordinary BGP speaker on the edge of the network? What kinds of things are seen, and why are they seen? Geoff has been measuring BGP for almost it's entire life as the internet routing protocol, but this time looks at the dynamics at a more "micro" level tha...
In this episode of PING, Doug Madory from Kentik discusses his rundown of the state of play in secure BGP across 2024 and 2025. Kentik has it’s own internal measurements of BGP behaviour and flow data across the surface of the internet, which combined with the Oregon University curated routeviews archive means Doug can analyse both the publicly visible state of BGP from archives, and Kentik’s own view of the dynamics of BGP change, along side other systems like the worldwide RPKI model, and the ...
In this episode of PING, APNIC’s Chief Scientist, Geoff Huston , discusses the root zone of the DNS, and some emerging concerns in how much it costs to service query load at the root. In the absence of cacheing, all queries in the DNS (except ones the DNS system you ask is locally authoritative for anyway) have to be sent through the root of the DNS, to find the right nameserver to ask for the specific information. Thanks to cacheing, this system doesn't drown in the load of every worldwide quer...
In this episode of PING, We’re talking to Leslie Daigle from the Global Cyber Alliance (GCA) again, discussing GCA’s honeynet project . Leslie spoke with PING back in January 2024, and in this episode we re-visit things. Honeynets (or Honey farms) are deliberately weakly protected systems put online, to see what kinds of bad traffic exist out in the global Internet, where they come from and what kinds of attack they are mounting. In the intervening period GCA has continued to develop its honeyfa...
In this episode of PING, APNIC’s Chief Scientist, Geoff Huston , revisits changes underway in how the Domain Name System (DNS) delegates authority over a given zone and how resolvers discover the new authoritative sources. We last explored this in March 2024. In DNS, the word ‘domain’ refers to a scope of authority. Within a domain, everything is governed by its delegated authority. While that authority may only directly manage its immediate subdomains (children), its control implicitly extends ...
In this episode of PING, Professor Cristel Pelsser who holds the chair of critical embedded systems at UCLouvain Discusses her work measuring BGP and in particular the system described in the 2024 SIGCOMM “best paper” award winning research: “The Next Generation of BGP Data Collection Platforms” Cristel and her collaborators Thomas Alfroy, Thomas Holterbach, Thomas Krenc and K. C. Claffy have built a system they call GILL, available on the web at https://bgproutes.io This work also features a ne...
In this episode of PING, APNIC’s Chief Scientist, Geoff Huston , discusses the history and emerging future of how Internet protocols get more than the apparent link bandwidth by using multiple links and multiple paths. Initially, the model was quite simple, capable of handling up to four links of equal cost and delay reasonably well, typically to connect two points together. At the time, the Internet was built on telecommunications services originally designed for voice networks, with cabling la...
Last month, during APRICOT 2025 / APNIC 59 , the Internet Society hosted its first Pulse Internet Measurement Forum (PIMF). PIMF brings together people interested in Internet measurement from a wide range of perspectives — from technical details to policy, governance, and social issues. The goal is to create a space for open discussion, uniting both technologists and policy experts. In this second special episode of PING, we continue our break from the usual one-on-one podcast format and present...
In this episode of PING, APNIC’s Chief Scientist, Geoff Huston , discusses the surprisingly vexed question of how to say ‘no’ in the DNS. This conversation follows a presentation by Shumon Huque at the recent DNS OARC meeting, who will be on PING in a future episode talking about another aspect of the DNS protocol. You would hope this is a simple, straightforward answer to a question, but as usual with the DNS, there are more complexities under the surface. The DNS must indicate whether the labe...
At the APRICOT/APNIC59 meeting held in Petaling Jaya in Malaysia last month, The internet society held it's first PIMF meeting. PIMF, or the Pulse Internet Measurement Forum is a gathering of people interested in Internet measurement in the widest possible sense, from technical information all the way to policy, governance and social questions. ISOC is interested in creating a space for the discussion to take place amongst the community, and bring both technologists and policy specialists into t...
In this episode of PING, APNIC’s Chief Scientist, Geoff Huston explores bgp "Zombies" which are routes which should have been removed, but are still there. They're the living dead of routes. How does this happen? Back in the early 2000s Gert Döring in the RIPE NCC region was collating a state of BGP for IPv6 report, and knew each of the 300 or so IPv6 announcements directly. He understood what should be seen, and what was not being routed. He discovered in this early stage of IPv6 that some rout...
In this episode, Job Snijders discusses RPKIViews , his long term project to collect the "views" of RPKI state every day, and maintain an archive of BGP route validation states. The project is named to reflect route views , the long-standing archive of BGP state maintained by the University of Oregon, which has been discussed on PING . Job is based in the Netherlands, and has worked in BGP routing for large international ISPs and content distribution networks as well as being a board member of t...
In his first episode of PING for 2025, APNIC’s Chief Scientist, Geoff Huston returns to the Domain Name System (DNS) and explores the many faces of name servers behind domains. Up at the root, (the very top of the namespace, where all top-level domains like .gov or .au or .com are defined to exist) there is a well established principle of 13 root nameservers. Does this mean only 13 hosts worldwide service this space? Nothing could be farther from the truth! literally thousands of hosts act as on...
Welcome back to PING, at the start of 2025. In this episode, Gautam Akiwate , (now with Apple, but at the time of recording with Stanford University) talks about the 2021 Advanced Network Research Prize winning paper, co-authored with Stefan Savage, Geoffrey Voelker and Kimberly Claffy which was titled "Risky BIZness: Risks Derived from Registrar Name Management". The paper explores a situation which emerged inside the supply chain behind DNS name delegation, in the use of an IETF protocol calle...
APNIC's Geoff Huston discusses the move to Post-Quantum Cryptography (PQC), driven by the theoretical threat of quantum computers using Shor's algorithm to break current RSA and ECC encryption. He details how NIST is pushing for new algorithms to protect long-term secrets, highlighting the "collect now, decrypt later" risk. However, Geoff questions the relevance of PQC for DNSSEC, which secures real-time data integrity rather than 20-year secrets, and raises concerns about the economic viability of quantum attacks on low-value data like DNS.
This time on PING, Peter Thomassen from SSE and DEsec.io discusses his analysis of the failure modes of CDS and CDNSKEY records between parent and child in the DNS. These records are used to provide in-band signalling of the DS record, fundamental to the maintenance of a secure path from the trust anchor to the delegation through all the intermediate parent and grandparent domains. Many people use out-of-band methods to update this DS information, but the CDS and the CDNSKEY records are designed...
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston discusses the slowdown in worldwide IPv6 uptake. Although within the Asia-Pacific footprint we have some truly remarkable national statistics, such as India which is now over 80% IPv6 enabled by APNIC Labs measurements, And Vietnam which is not far behind on 70% the problem is that worldwide, adjusted for population and considering levels of internet penetration in the developed economies, the pace of uptake overall has no...
In this episode of PING, Vanessa Fernandez and Kavya Bhat, two students from the National Institute of Technology Karnataka (NITK) discuss the student led, multi-year project to deploy IPv6 at their campus. Kavya & Vanessa have just graduated, and are moving into their next stages of work and study in computer sciences and network engineering. Across 2023 and 2024 they were able to attend IETF118 and IETF119 and present on their project and it’s experiences to the IPv6 working groups and off...
In his regular monthly spot on PING, APNIC’s Chief Scientist, Geoff Huston , discusses a large pool of IPv4 addresses left in the IANA registry, from the classful allocation days back in the mid 1980s. This block, from 240.0.0.0 to 255.255.255.255 encompasses 268 million hosts, which is a significant chunk of address space: it's equivalent to 16 class-A blocks, each of 16 million hosts. Seems a shame to waste it, how about we get this back into use? Back in 2007 Geoff Paul and myself submitted A...
In this episode of PING, Nowmay Opalinski from the French Institute of Geopolitics at Paris 8 University discusses his work on resilience, or rather the lack of it, confronting the Internet in Pakistan. As discussed in his blog post , Nowmay and his colleagues at the French Institute of Geopolitics (IFG), University Paris 8 , and LUMS University Pakistan used a combination of technical measurement from sources such as RIPE Atlas , in a methodology devised by the GEODE project, combined with inte...
In his regular monthly spot on PING, APNIC’s Chief Scientist, Geoff Huston , discusses another use of DNS Extensions: The EDNS0 Client Subnet option ( RFC 7871 ). This feature, though flagged in its RFC as a security concern, can help route traffic based on the source of a DNS query. Without it, relying only on the IP address of the DNS resolver can lead to incorrect geolocation, especially when the resolver is outside your own ISP’s network. The EDNS Client Subnet (ECS) signal can help by encod...
In this episode of PING, Joao Damas from APNIC Labs explores the mechanics of the Labs measurement system. Commencing over a decade ago, with an "actionscript" (better known as flash) mechanism, backed by a static ISC Bind DNS configuration cycling through a namespace, the Labs advertising measurement system now samples over 15 million end users per day, using Javascript and a hand crafted DNS system which can synthesise DNS names on-the-fly and lead users to varying underlying Internet Protocol...
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston re-visits the question of DNS Extensions, in particular the EDNS0 option signalling maximum UDP packet size accepted, and it’s effect in the modern DNS. Through the APNIC Labs measurement system Geoff has visibility of the success rate for DNS events where EDNS0 signalling triggers DNS “truncation” and the consequent re-query in TCP as well as the impact of UDP fragmentation even inside the agreed limit, as well as the abi...
In this episode of PING, Caspar Schutijser and Ralph Koning from SIDN Labs in the Netherlands discuss their post-quantum testbed project. As mentioned in the previous PING episode about Post Quantum Cryptography (PQC) in DNSSEC with Peter Thomassen from SSE and Jason Goertzen from Sandbox AQ it's vital we understand how this technology shift will affect real-world DNS systems in deployment. The SIDN Labs system has been designed to be a "one stop shop" for DNS operators to test configurations of...
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston continues his examination of DNSSEC. In the first part of this two-part story, Geoff explored the problem space, with a review of the comparative failure of DNSSEC to be deployed by zone holders, and the lack of validation by the resolvers. This is visible to APNIC labs from carefully crafted DNS zones with validly and invalidly signed DNSSEC states, which are included in the Labs advertising method of user measurement. Th...
This time on PING, Peter Thomassen from deSEC and Jason Goertzen from Sandbox AQ discuss their research project on post quantum cryptography in DNSSEC, funded by NLNet Labs. Post Quantum cryptography is a response to the risk that a future quantum computer will be able to implement Shor's Algorithm -a mechanism to uncover the private key in the RSA public-private key cryptographic mechanism, as well as Diffie-Hellman and Elliptic Curve methods. This would render all existing public-private based...
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston discusses DNSSEC and it's apparent failure to deploy at scale in the market after 30 years: Both as the state of signed zone uptake (the supply side) and the low levels of verification seen by DNS client users (the consumption side) there is a strong signal DNSSEC isn't making way, compared to the uptake of TLS which is now ubiquitous in connecting to websites. Geoff can see this by measurement of client DNSSEC use in the ...
This time on PING, Philip Paeps from the FreeBSD Cluster Administrators and Security teams discusses their approach to systems monitoring and measurement. Its eMail. “Short podcast” you say, but no, there’s a wealth of war-stories and “why” to explore in this episode. We caught up at the APNIC57/APRICOT meeting held in Bangkok in February of 2024. Philip has a wealth of experience in systems management and security and a long history of participation in the free software movement. So his ongoing...
In his regular monthly spot on PING, APNIC’s Chief Scientist Geoff Huston discusses the question of subnet structure, looking into the APNIC Labs measurement data which collects around 8 million discrete IPv6 addresses per day, worldwide. Subnets are a concept which "came along for the ride" in the birth of Internet Protocol, and were baked into the address distribution model as the class-A, class-B and class-C subnet models (there are also class-D and class-E addresses we don't talk about much)...
