All the data required for such an exercise should be available here:

https://archive.org/details/internetcensus_gzip_1

You want the last file in the list, traceroute.gz.

Thanks to the anonymous author of the Carna Botnet, to Parth Shukla (AusCERT), and to Jason Scott (TEXTFILES) at the Internet Archive for bringing this all together.

Cheers,

Jon


On Mon, Dec 16, 2013 at 6:15 PM, Martin Kealey <martin@kurahaupo.gen.nz> wrote:

I have a question which I'm hoping the NZNOG community can help me with.

Within NZ, what is the maximum number of hops from APE to any consumer's
interface device? (smarty-phone, ADSL modem, whatever)? Or more
pragmatically, let's say the 99th percentile, as in, fewer than 1% of
customers are more than X hops away from APE.

If this information is already available, I'd appreciate a pointer,
otherwise...

If you are an ISP could you give me an indicative number of hops from APE to
your customers' CPE. If you can include a prefix length reflecting the
number of affected customers that would help too. (Ideally the maximum
across all your customers, but if you have a few oddball customers with
longer paths, just the 99% will do.)

If you're an ISP customer and would like to tell me your hop-count to APE
(counting from your CPE, not from your computer) and your ISP's name, that
would also be appreciated.

Replies off-list and I will summarize back to the list.


Here's the background:

I'm investigating ways of limiting traffic so that it does not leave New
Zealand, that can be configured on an application-by-application basis.

Obviously if one has an upstream to "global" and a separate upstream to APE
or WIX, then it's simple to filter traffic at those egresses.

However for the average end-user, it's difficult to get multiple VLANs to
their provider, let alone multiple physical links.


In an ideal world, one would simply set some QoS bits and your upstream
would understand them and do the filtering based on *their* egress, but in
practice I haven't heard of any suppliers offering such a service.

So I'm looking at DIY options ...

In particular, I'm looking at setting the TTL on outgoing packets. We know
how many hops it is from "our" hosts to APE, and I guestimate no more than 2
hops from a consumers border device (modem, whatever) to their client
devices;

So far it looks like setting the TTL so that it's down to 5 at APE will mean
most of NZ is reachable, and most of the rest of the world isn't, assuming
the international provider is as many hops from me as APE.

But I'd really like to get a firmer idea of "how much of NZ will be
unreachable given an egress hop limit of X?"

(The idea is to find X where the list of exception prefixes is small enough
to manage manually, while still blocking the majority of foreign traffic.)


What I'd like to find out from the NZNOG community is the distribution of
customers at various hop-counts from APE.

-Martin
_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog