似乎中国的网络经过日本# Security - 系统安全
m*d
1 楼
从美国 trace route 一个 中国的 ip
居然发现中间有日本的 routers
这也太不妥了吧, 怎么中国和美之间没有
直接的网络
居然发现中间有日本的 routers
这也太不妥了吧, 怎么中国和美之间没有
直接的网络
h*h
2 楼
It depends on a lot of factors, since IP is connectionless in nature,
it can choose any intermediate nodes based on
1> source address
2> destination address
3> ISP policy
4> BGP AS-PATH
5> Hops
6> you name it
【在 m*********d 的大作中提到】
: 从美国 trace route 一个 中国的 ip
: 居然发现中间有日本的 routers
: 这也太不妥了吧, 怎么中国和美之间没有
: 直接的网络
it can choose any intermediate nodes based on
1> source address
2> destination address
3> ISP policy
4> BGP AS-PATH
5> Hops
6> you name it
【在 m*********d 的大作中提到】
: 从美国 trace route 一个 中国的 ip
: 居然发现中间有日本的 routers
: 这也太不妥了吧, 怎么中国和美之间没有
: 直接的网络
m*d
3 楼
Most packets' routes depend on router's routing table.
Unless you have control over where your packet can go (I doubt),
your packets will go the shortest route to the
destination.
I indeed tracerouted an ip address in Beijing and
the intermediate hops from my school to Beijing is only
3 and they are all belong to a Japanese network.
It is quite uncomfortable to see that lots of the packets from U.S. to China
will go through Japan since unencrypted packets are so vulnarable.
【在 h**h 的大作中提到】
: It depends on a lot of factors, since IP is connectionless in nature,
: it can choose any intermediate nodes based on
: 1> source address
: 2> destination address
: 3> ISP policy
: 4> BGP AS-PATH
: 5> Hops
: 6> you name it
Unless you have control over where your packet can go (I doubt),
your packets will go the shortest route to the
destination.
I indeed tracerouted an ip address in Beijing and
the intermediate hops from my school to Beijing is only
3 and they are all belong to a Japanese network.
It is quite uncomfortable to see that lots of the packets from U.S. to China
will go through Japan since unencrypted packets are so vulnarable.
【在 h**h 的大作中提到】
: It depends on a lot of factors, since IP is connectionless in nature,
: it can choose any intermediate nodes based on
: 1> source address
: 2> destination address
: 3> ISP policy
: 4> BGP AS-PATH
: 5> Hops
: 6> you name it
m*e
4 楼
Internet _is_ untrusted. What makes you think it's safer for us to
talk directly to USA than through Japan? Use end-to-end encryption
if you want security.
【在 m*********d 的大作中提到】
: Most packets' routes depend on router's routing table.
: Unless you have control over where your packet can go (I doubt),
: your packets will go the shortest route to the
: destination.
: I indeed tracerouted an ip address in Beijing and
: the intermediate hops from my school to Beijing is only
: 3 and they are all belong to a Japanese network.
: It is quite uncomfortable to see that lots of the packets from U.S. to China
: will go through Japan since unencrypted packets are so vulnarable.
talk directly to USA than through Japan? Use end-to-end encryption
if you want security.
【在 m*********d 的大作中提到】
: Most packets' routes depend on router's routing table.
: Unless you have control over where your packet can go (I doubt),
: your packets will go the shortest route to the
: destination.
: I indeed tracerouted an ip address in Beijing and
: the intermediate hops from my school to Beijing is only
: 3 and they are all belong to a Japanese network.
: It is quite uncomfortable to see that lots of the packets from U.S. to China
: will go through Japan since unencrypted packets are so vulnarable.
m*d
5 楼
Well, it is "better" not to go through a hostile nation.
What if there is a war between PRC and Japs?
End to End encryption can only protect privacy but
not availability.
Internet _is_ untrusted. What makes you think it's safer for us to
talk directly to USA than through Japan? Use end-to-end encryption
if you want security.
【在 m*****e 的大作中提到】
: Internet _is_ untrusted. What makes you think it's safer for us to
: talk directly to USA than through Japan? Use end-to-end encryption
: if you want security.
What if there is a war between PRC and Japs?
End to End encryption can only protect privacy but
not availability.
Internet _is_ untrusted. What makes you think it's safer for us to
talk directly to USA than through Japan? Use end-to-end encryption
if you want security.
【在 m*****e 的大作中提到】
: Internet _is_ untrusted. What makes you think it's safer for us to
: talk directly to USA than through Japan? Use end-to-end encryption
: if you want security.
m*e
6 楼
You think any nation uses Internet for military purposes?
And what if there is war between China and USA?
【在 m*********d 的大作中提到】
: Well, it is "better" not to go through a hostile nation.
: What if there is a war between PRC and Japs?
: End to End encryption can only protect privacy but
: not availability.
:
: Internet _is_ untrusted. What makes you think it's safer for us to
: talk directly to USA than through Japan? Use end-to-end encryption
: if you want security.
And what if there is war between China and USA?
【在 m*********d 的大作中提到】
: Well, it is "better" not to go through a hostile nation.
: What if there is a war between PRC and Japs?
: End to End encryption can only protect privacy but
: not availability.
:
: Internet _is_ untrusted. What makes you think it's safer for us to
: talk directly to USA than through Japan? Use end-to-end encryption
: if you want security.
m*d
7 楼
Very wrong.
Internet was started by U.S. navy for military purpose initially.
U.S. government is tapping internet communications everywhere.
(Why do you think they prohibit exporting encryption software and algorithms?).
Every other governments also use it for their advantage.
U.S. army now are using local wireless internet for field combat.
Endless military uses.
If there is a war between PRC and U.S.A., then I don't see
the point of staying in U.S.A., let alone sending email.
Internet backbone
【在 m*****e 的大作中提到】
: You think any nation uses Internet for military purposes?
: And what if there is war between China and USA?
Internet was started by U.S. navy for military purpose initially.
U.S. government is tapping internet communications everywhere.
(Why do you think they prohibit exporting encryption software and algorithms?).
Every other governments also use it for their advantage.
U.S. army now are using local wireless internet for field combat.
Endless military uses.
If there is a war between PRC and U.S.A., then I don't see
the point of staying in U.S.A., let alone sending email.
Internet backbone
【在 m*****e 的大作中提到】
: You think any nation uses Internet for military purposes?
: And what if there is war between China and USA?
h*h
8 楼
I will probably not worry about that. Alternative route is definitely
there, it may be just a backup circuit, which is much more expensive
and less easier to use. As a rule of thumb, IP packet is best of effort
delivery, that's why it take path through jp.
Overall, it is because China is not as advanced as JP in terms of
economics, technology. If China is as strong as US, or just better than
JP, I guess those fat pipe will come out between US and CN directly,
then you will see packets between US
【在 m*********d 的大作中提到】
: Very wrong.
: Internet was started by U.S. navy for military purpose initially.
: U.S. government is tapping internet communications everywhere.
: (Why do you think they prohibit exporting encryption software and algorithms?).
: Every other governments also use it for their advantage.
: U.S. army now are using local wireless internet for field combat.
: Endless military uses.
: If there is a war between PRC and U.S.A., then I don't see
: the point of staying in U.S.A., let alone sending email.
: Internet backbone
there, it may be just a backup circuit, which is much more expensive
and less easier to use. As a rule of thumb, IP packet is best of effort
delivery, that's why it take path through jp.
Overall, it is because China is not as advanced as JP in terms of
economics, technology. If China is as strong as US, or just better than
JP, I guess those fat pipe will come out between US and CN directly,
then you will see packets between US
【在 m*********d 的大作中提到】
: Very wrong.
: Internet was started by U.S. navy for military purpose initially.
: U.S. government is tapping internet communications everywhere.
: (Why do you think they prohibit exporting encryption software and algorithms?).
: Every other governments also use it for their advantage.
: U.S. army now are using local wireless internet for field combat.
: Endless military uses.
: If there is a war between PRC and U.S.A., then I don't see
: the point of staying in U.S.A., let alone sending email.
: Internet backbone
m*e
9 楼
Don't talk about this. People were not aware of network security problems
when they invented it.
which is with end-to-end encryption.
So what are you worrying about?
【在 m*********d 的大作中提到】
: Very wrong.
: Internet was started by U.S. navy for military purpose initially.
: U.S. government is tapping internet communications everywhere.
: (Why do you think they prohibit exporting encryption software and algorithms?).
: Every other governments also use it for their advantage.
: U.S. army now are using local wireless internet for field combat.
: Endless military uses.
: If there is a war between PRC and U.S.A., then I don't see
: the point of staying in U.S.A., let alone sending email.
: Internet backbone
c*v
10 楼
you are being a little ridicurous here. you are asking an internal path
(starting and ending in two different countries) to follow certain rules
about which 3rd country it can not cross. even as strict as canada, which
has laws to prevent a path both starting and ending in canada using
non-canadian routers, can only limit canadian routing paths.
technically speak it is almost impossible to enforce such rules unless
the chinese governement can buy out all u.s. ISP's. otherwise they can
route
【在 m*********d 的大作中提到】
: Well, it is "better" not to go through a hostile nation.
: What if there is a war between PRC and Japs?
: End to End encryption can only protect privacy but
: not availability.
:
: Internet _is_ untrusted. What makes you think it's safer for us to
: talk directly to USA than through Japan? Use end-to-end encryption
: if you want security.
m*d
11 楼
It is not necessary to buy out all isp's.
Just as you said, having a direct high speed optical line
between u.s. of a. and p.r.c is enough.
Shortest path are the usual path a packet will follow.
I am not advocating about how all packets should be routed, but
wishing to avoid at all cost to route through jp.
【在 c*v 的大作中提到】
:
: you are being a little ridicurous here. you are asking an internal path
: (starting and ending in two different countries) to follow certain rules
: about which 3rd country it can not cross. even as strict as canada, which
: has laws to prevent a path both starting and ending in canada using
: non-canadian routers, can only limit canadian routing paths.
: technically speak it is almost impossible to enforce such rules unless
: the chinese governement can buy out all u.s. ISP's. otherwise they can
: route
w*n
12 楼
Is a direct chian-us link necessary? Assuming there is a link from
china-russia-euro-us, we can just cut off the router facing japan.
【在 m*********d 的大作中提到】
:
: It is not necessary to buy out all isp's.
: Just as you said, having a direct high speed optical line
: between u.s. of a. and p.r.c is enough.
: Shortest path are the usual path a packet will follow.
: I am not advocating about how all packets should be routed, but
: wishing to avoid at all cost to route through jp.
c*v
13 楼
unfortunately, this is hardly true. bgp is policy routing
not
metric routing.
due to its exterior routing nature, even if you know the
path AS length, you have no idea how many hops in each AS a
path
passes. besides, admin can assign wieghts to each route.
in most
router implementations such as cisco, weights are more
important
than lengths. who knows how each admin is going to assign
weights.
so having a direct pipe is still just best effort, try to
attract isp's
to use this pipe. if they
【在 m*********d 的大作中提到】
:
: It is not necessary to buy out all isp's.
: Just as you said, having a direct high speed optical line
: between u.s. of a. and p.r.c is enough.
: Shortest path are the usual path a packet will follow.
: I am not advocating about how all packets should be routed, but
: wishing to avoid at all cost to route through jp.
相关阅读
公司的VPN软件买卡巴哪个版本合适现在?请问Intel和Qualcomm这两个公司的实习哪个拿return full time offer比较容易?小公司需要back up system么?Anybody knows Active Directory? (转载)接连两封email里的tracking link都是过期的信息,怎么回事儿?真是郁闷!公司要在每台工作电脑装securedoc有人用过dashlane管理密码吗? (转载)请教:格式化硬盘冲撞系统也不能干掉的trojan--崩溃了日,这是什么病毒?请教:什么样的免费防火墙和杀毒软件最适合笔记本电脑?挺有趣的一本书:Ghost in Wires (转载)发现了一个新式病毒QQ被盗图解笔记本黑屏QQ电脑管家实时管理和QQ在线聊天请问怎样用软件给电脑硬盘和移动硬盘加密?求助:InMotion Hosting停止了我的网站的服务 (转载)求教,C盘出现大量重复文件,不知何故 (转载)