2022 ARIN Community Grant Program Recipients

2022 ARIN Community Grant Program Recipients

Project reports provided by grant recipients.

Routing Security in the ARIN Region: Studying Trends, Facilitating Data Analysis and Promoting RPKI Adoption

DNS Research Federation
Oxford, United Kingdom
Grant amount: $17,000

The goal of this project by the DNS Research Federation was to promote routing security in the ARIN region by showcasing data on levels of RPKI adoption and encouraging greater community engagement with data on RPKI usage. Our main deliverable is our live, online report where ARIN members can consult Global and ARIN RPKI coverage; (b) Global and ARIN RPKI Validation results; and (c) RPKI coverage and validation results per ASN and prefix number. These resources are updated daily, and offer statistics per country in the ARIN region. Along with a report, our forthcoming blog article with ARIN entitled “RPKI Adoption in the ARIN Region: exploring sub regional trends” exposes differences within ARIN’s geographic areas of service and explores what may explain disparate levels of adoption across the region. We presented our work at ARIN 51 (April 2023), receiving a warm community response and are confirmed to present at NANGO 89 (October 2023). We are excited for the community to use the resources we have created. As part of the project, the DNSRF is available to provide members of the ARIN community with open access to our Data Analytics Platform to explore the datasets on RPKI adoption in greater detail. If interested, please email support@dnsrf.org for an account (Subject Line: RPKI Data). We are excited to see the databases we integrated into the DNSRF’s data analytics platform being of interest to other researchers. We have a forthcoming piece on malware distribution through IP addresses which uses BGP data and geolocalization tools from this project. We thank the ARIN community and the ARIN Grants Program for their support.

Refactor and Upgrade ntpd’s Extension Field Handling

Network Time Foundation, Inc
Talent, Oregon, USA
Grant amount: $20,000

The “Refactor and Upgrade ntpd’s Extension Field Handling” grant helped us align the NTP Project’s Reference Implementation with evolving standards while preserving legacy compatibility. Autokey, a significant feature of NTPv4 introduced in 1997, had gained prominence in the NTP community, culminating with the publication of the NTPv4 Standards in 2010. However, the project needed to reconcile discrepancies between the legacy codebase and the updated Extension Field headers. Autokey was replaced with Network Time Security (NTS), and to support both Autokey users and evolving standards, we began the complex task of reconciling Extension Field formats. This grant enabled the integration of the previous Extension Field work with the current codebase. Rigorous testing ensured that this integration did not introduce bugs. The effort involved 126 changed files, 1089 lines of code, and30283 characters. We’ll merge this work into the ntp-dev code branch, release ntp-4.2.8p18 (without this work), engage testers with ntp-dev, and ultimately finalize ntp-4.4. While a limited audience has seen this effort’s immediate impact, its inclusion in the Reference Implementation of NTP will soon be seen and used by millions of users. We anticipate widespread deployment upon ntp-4.4’s release. Our focus on Network Time Security (NTS) addresses a crucial industry need, benefiting reference clock vendors, OS vendors, enterprise users, NTP Pool operators, and the broader NTP community. The improvements in ntp-4.4are expected to incentivize users to upgrade, offering improved time synchronization, enhanced security, and reduced NTP-related DDoS vulnerabilities. NTF took the ARIN 2022 Community Grant and delivered a significant milestone in the evolution of NTP, driven by a commitment to modernize while honoring legacy users. The grant was pivotal in achieving these outcomes, ensuring that ntp-4.4 will deliver enhanced time synchronization, security, and reliability to the global Internet community.

AS112 Project Website Improvements

Read the Project Report on the ARIN Blog

DNS-OARC
Indianapolis, Indiana, USA
Grant amount: $7,500

This ARIN Community Grant Program award to OARC focused on improving access to information on the AS112 Project. AS112 is a community-operated ASN that announces anycast service addresses for authoritative DNS servers. The service covers the RFC 1918 reverse tree, and other non-globally-unique domain names, offloading the traffic for these “junk” DNS queries from the root and in-addr.arpa nameservers.

The work funded by this grant was to rebuild the project web site and public documentation on the project. Originally just a jumbled collection of notes, links, and lists gathered together for the benefit of a handful of volunteers, the site was difficult to navigate and provided limited benefit to new participants in the project, or to general Internet users looking for information.

The redesigned site provides newly written information about the project for non-technical users who find their way to the site, and improved documentation and organization for those network operators looking to understand how their network interacts with AS112, or who wish to join the project. The site is now also navigable by visually impaired users employing tools like screen readers. And, although translating the site was not part of this effort, the new site is built translation-ready with standard localized message catalogues. These changes will serve to make information about the project more accessible to a wider audience.

The listing of AS112 operators and their instances was converted from a hand-edited HTML table to structured data, and a new listing of AS 112 nodes present at Internet Exchange Points was added, based on data pulled regularly from the PeeringDB.net API. The new structured data for these listings will help improve the project’s ability to keep the list updated and accurate and make it easier for non-participants to find accurate information about AS112 instances their networks may be interacting with.