[9361] in Commercialization & Privatization of the Internet

home help back first fref pref prev next nref lref last post

Re: what has NSF done to follow congressional AUP mandate?

daemon@ATHENA.MIT.EDU (Hans-Werner Braun)
Thu Dec 30 12:46:56 1993

From: hwb@upeksa.sdsc.edu (Hans-Werner Braun)
To: com-priv@psi.com
Date: Thu, 30 Dec 93 9:46:12 PST
In-Reply-To:  

Some comments, probably too long to read:


The other day someone asked me whether I believe the current Internet
could evolve to the global and ubiquitous information infrastructure
from what it is today, assuming it would use today's structure and
rules of conduct, and we then discussed it for a while. I guess the
result was that I rather doubt it, as the gating factors are and will
not be so much technology, but instead driven by policies,
administration, and management considerations. While individual
Internet components are often well run, the way the global flow weave
is held together is not manageable in the long run, it depends very
heavily on the good will and high level of dedication of individuals
(that are also supported in their collaboration by their institutions).
However, we have now seen many times where people made policy decisions
(e.g., w.r.t. routing) that were probably sound from their point of
view, but sounded weird and unexplainable to outside parties at the
global level. Many people are making good attempts, but in reality
nobody is pulling the bigger picture together. These kind of things
will only proliferate in the future, like it or not, as people will
have their own monetary gains in mind, rather than the benefit to the
community. And we have seen that already in several environments. The
policy image that service providers implement, the management and
administration of the larger, national, and even global, environments,
is the principal issue in the future, not petty details like protocol X
versus protocol Y. For that matter, I had claimed many times by now
that we could have made "the network" work as well with a different set
of (non-IP) protocols, had NSF decided on a different strategic
direction back when Dennis Jennings ruled the NSFNET-world. Sure, IP
was a good choice, but to exceed the threshold of people paying
attention, at an age when the future of IP was often questioned, is was
imperative to actually *making* a strategic decision sticking to it.
And, when Steve Wolff took over, growing it more and more while
consistently claiming that the objective is the community and ubiquity
within it, rather than short sighted "own gain" objectives. The
technology was not mature enough then, and is not even today, to
encompass the needs of "random" policy requirements that people come up
with. Between two of the prime research institutions, say MIT and
Stanford, no doubt alot of R&E related traffic is flowing.  I am also
convinced, though I am solely speculating, that there is traffic
flowing between those two institutions for private monetary gain (is
that commercial?), perhaps even to help someone set up a private
company. That company perhaps eventually being J-RANDOM.COM, and
probably still communicating with MIT and Stanford, perhaps to recruit
staff? Point is, the network numbers and domain names have not all that
much to do with the kind of traffic flowing across it.  Just in the
same way that XYZ.COM and ZYX.COM can communicate while being fully AUP
compliant, depending on what they are doing. Since the traceroutes I
have seen in this discussion trail were all themselves in support of
networking activities, I claim they all were AUP compliant, and, while
there is of course a chance that there was some parallel
non-AUP-compliant traffic that we don't know about here, the
traceroutes themselves were irrelevant, as they were compliant. We all
also know that they were relevant in reality, I am just trying to make
a point that things aren't *that* easy. We have no facilities to find
out with existing technology whether traffic is AUP conforming or not.
Say, until someone declares a, say, "commercial traffic" bit in the IP
header.  Ooops, but that's not much different from the current
situation, as people may or may not conform. All we have in todays
routers for these kind of policy considerations, like it or not, are IP
network numbers and the exchange of knowledge about them among them.
Which makes the contents of this discussion trail unenforcible, and
rather bases things on good will, best effort, and well communicated
policies. Well communicated policies? How many on this list know the
"policy image" of regional-x, campus-y, backbone-z, and {any}-IX? E.g.,
the other week someone I talked to at an NSFNET backbone site did not
know (and I don't either, for that matter) how routing is distributed
among CIX members and its constituent networks, but he sure did know
that he was only getting a subset of the routes when the NSFNET
attachment stopped delivering routes, while he is having a backdoor
connection that eventually ends up at the CIX. Routing in the Internet
at large is still Very Messy, and we are not going to be able to clean
it up soon.  And it is a policy/administration/management problem, and
not really a technical one. Eventually it will have to translate to
technicalities, but that's really not the primary issue. So, again,
routing exchanges is the best we can do today, and it is very messy
already, and it is only marginally useful to administer policies,
especially those less well communicated that NSF's AUP. So what is
happening? NSFNET backbone clients are being told, and have been for a
number of years, that they have to comply with NSF's AUP in order to be
allowed access. Failing better (technical?) means of dealing with the
issue, it is then the problem of those service providers to communicate
things back to their clients, so they are aware of the means the
service provider has to fulfill the AUP requirements of the NSFNET. My
understanding is that, as long as a service provider is attached to the
NSFNET, it is the service provider's responsibility to ensure AUP
compliance, and I think they signed up to it years back. In the end it
just moves the problem a little, but certainly does not solve it. This
was all quite ok years back, but the Internet is getting quite
successful today, including in commercial realms, and including
regionals/etc. getting more commercially inclined, buying commercial
connectivity upgrades and so, but we still generally have not much
better technology than years back. And routing exchanges are very often
done based on "local" (service provider being in the center of their
universe) routing decisions, rather than a common good. This means that
we can forget about real-time enforcement of AUPs and many other
policies. However, we can let people know that they may get into deep
trouble if they violate policies, especially if the violation is
non-negligible and causes harm. Just like most people violate the law
by exceeding speed limits. Few are caught, and may be the police does
not even care about catching them if it does not cause a problem in
many cases, but if someone get caught they can be in deep trouble,
especially if the speeding caused an accident.

So, we are in a bit of a bizarre situation, and ranting and raving
about it won't help all that much. There is also another aspect. Let's
assume NSF would drop the AUP by, say, the beginning of the new year.
We have seen a tremendous traffic growth over the years, and that's
still keeping up. And it is not all just conventional stuff
(telnet/ftp/smtp/etc.) any more. It seems like it would be an
irresponsible move by NSF to just free up the AUP restrictions and say
everyone can do whatever they want on the network, and with whatever
amount of traffic. Hmmm, I remember that a several months back the
campus network of a major university was drowning in MUD traffic and
had to take action.  Later a major agency national backbone had to
disable MBONE routing as the multicast traffic was chewing up almost
half of their T1 bandwidth (with the few channels that the relatively
well managed MBONE is really using, ways not comparable to many random
point-point audio/video connections that are starting to happen). NSF
would probably do a disservice to and jeopardize its principal R&E
community, if the would not a little bit of a break on, until the
network is really ready for prime time. Hmmm, what's prime time? A well
defined revenue stream to service providers so that all the MUDers,
IRCers, audio/video-ers and all the other traffic sources provide
enough income so the service provider(s) can build ahead of demand?
$15M per year is approximately the same as $0M per year, compared to
the future requirements of the network provisioning, if we all want the
ubiquity and performance dimensions of the information infrastructure
to develop. In an environment that will clearly be less driven by the
current structure of administrations, but hard headed managers with
revenue streams. It won't be as much fun as IETF and COM-PRIV and
NSFNET, it will be big business and driven by dollars. And they will
make sure the policy/AUP/etc. shoes fit.

home help back first fref pref prev next nref lref last post