Writing this post from my hotel room in Kathmandu. I found that many of the servers appear to be DNS resolvers which is unusual. Have a look at these weird DNS replies: dig @anuragbhatia.com . ns +short a.root-servers.net. b.root-servers.net. c.root-servers.net. d.root-servers.net. e.root-servers.net. f.root-servers.net. g.root-servers.net. h.root-servers.net. i.root-servers.net. j.root-servers.net. k.root-servers.net. l.root-servers.net. m.root-servers.net. dig @google.com . ns +short b.root-servers.net. c.root-servers.net. d.root-servers.net. e.root-servers.net. f.root-servers.net. g.root-servers.net. h.root-servers.net. i.root-servers.net. j.root-servers.net. k.root-servers.net. l.root-servers.net. m.root-servers.net. a.root-servers.net. This seems unusual and is the result of basically port 53 DNS hijack.

APNIC and RIPE NCC are doing a hackathon at APRICOT 2018. It just started today with some light interaction with various participating members yesterday. The theme of the hackathon is around IPv6. Many cool projects were suggested yesterday and teams started working today on certain shortlisted projects like: A tool for ranking CDNs - A tool based on RIPE Atlas data to rank CDNs based on latency across different regions.

And here goes first blog post of 2018. Last few months went busy with some major changes in personal life. :) I looked into Amazon’s India connectivity with various ASNs tonight. Here’s how it looks like. (Note: Jump to bottom most to skip traces and look at the summary data). Traceroutes Amazon India to Vodafone India traceroute to 118.185.107.1 (118.185.107.1), 30 hops max, 60 byte packets 1 ec2-52-66-0-128.ap-south-1.compute.amazonaws.com (52.66.0.128) 21.861 ms ec2-52-66-0-134.

A few weeks back an Indian ISP contacted me via a contact form on my blog. That ISP has been struggling with a targetted DDoS attack. For the reason of privacy as well as the stability of their network, I will not put their name or AS number. The attack on that ISP was much higher than their bandwidth levels. Their upstream did not really share the volume of attack but I could tell from the screenshots they shared was that it was distributed volumetric attack choking their upstream bandwidth.

It has been some time since I started pushing Indian community for hosting RIPE Atlas Probes. These probes are small devices designed to be hosted at end user’s connection and do pre-defined as well as user-defined measurement. Measurement includes ping, trace, DNS lookup, SSL check etc. Currently, there are 61 active RIPE Atlas probes. I would say it has +/- of 7-8 probes which go offline and come back online when I request hosts to check.