|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical MD5 proliferation statistics
Packet Clearing House has routers at a several exchange points, which we use to collect local snapshots of the routes available at the exchanges. To do this, we peer with as many of the participants at each exchange as possible. We're mainly just collecting data, so route flaps aren't a huge problem for us. We haven't been tracking down existing peers and asking them to configure MD5 passwords on the sessions. We have been configuring MD5 passwords on sessions when asked, so we've got MD5 configured with peers who have asked for it, but not with peers who haven't. As of Tuesday night, we had 244 peering sessions, of which 24 had MD5 configured. We configured MD5 on four more sessions yesterday, bringing the total to 28, and have one request that hasn't been completed yet, for a total of 29. 29 out of 244 is roughly 12%. I'm going to make two broad assumptions here: that those peers who have configured MD5 with us have configured MD5 with all their peers, and that those who haven't configured MD5 with us have been asked to by 12% of their peers. I'm further going to assume that peers consistently configure MD5 when asked to, although I suspect that's a really bad assumption. Therefore, we can assume that 12% of ISPs have all their peers configured with MD5, and that the remaining 88% have 12% of their peers configured with MD5, for a total of 22% of peering sessions having MD5 passwords. I strongly suspect my assumption about the responsiveness of peers is wrong, and that the real number is somewhere between 12% and 22%. It's also possible that my sample isn't representative enough, which would lead to further problems with accuracy. I'm curious as to what sorts of response rates those who have been actively contacting peers to ask for MD5 configuration have been getting, as well as whether other networks that have not been being proactive about this have been seeing contact rates similar to ours. -Steve Gibbard Packet Clearing House
|