Good day to all! I want to devote my debut article on habr to a very interesting topic - the RIPE Atlas Internet quality control system. Part of my field of interest is the study of the Internet or cyberspace (the term is rapidly gaining popularity, especially in scientific circles). There are plenty of materials on RIPE Atlas on the Internet, including on habr, but they seemed to me not complete enough. For the most part, the article used information from the official site and your own thoughts.

Instead of the preface
The Regional Internet Registrar (RIR), whose area of ββresponsibility extends to Europe, Central Asia and the Middle East, is RIPE NCC (RΓ©seaux IP EuropΓ©ens Network Coordination Centre β Network Coordination Centre of the European IP Networks). RIPE NCC β a non-profit organization based in the Netherlands. It maintains the internet and provides IP addresses and autonomous system numbers to local internet service providers and large organizations.
One of the leading projects RIPE NCC, aimed at studying the state of the Internet, is RIPE Atlas (started in late 2010), which was an evolution of the Test Traffic Measurement Service, which ceased operations in 2014.
RIPE Atlas is a global network of sensors that actively measure the state of the internet. Currently, the RIPE Atlas network comprises thousands of sensors, and their number is constantly growing. RIPE NCC aggregates the collected data and provides it to users in a convenient form, conditionally free of charge.
The development of the network takes place on the principle of voluntary installation of sensors by users in their infrastructure, for which βcreditsβ are issued that can be spent on measurements of interest using other sensors.
As a rule, RIPE Atlas is used:
- to monitor the availability of your network from various points on the Internet;
- for network investigation and troubleshooting with fast and flexible connectivity testing;
- in the monitoring system of your own network;
- to monitor the availability of the DNS infrastructure;
- IPv6 connectivity checks.
RIPE Atlas
As already mentioned, RIPE Atlas is a system of sensors that are located on the Internet and are under a single administrative control. In addition to conventional sensors (Probes), there are more advanced ones - anchors (Anchors).
As of mid-2020, the RIPE Atlas system has more than 11 active sensors and more than 650 active anchors, which together make more than 25 measurements and receive more than 10 results per second.
The graphs below show the growth in the number of sensors and anchors.


And the following figures show a map of the World indicating the location of sensors and anchors, respectively.


Despite its regional status RIPE NCCThe RIPE Atlas network covers almost the entire world, with Russia in the top 5 in terms of the number of installed sensors (568), along with Germany (1562), the USA (1440), France (925) and the UK (610).
Management servers
When studying the operation of the sensor, it was found that it periodically (every 4 minutes) checks the connection with some objects on the network, which include root DNS servers and nodes with domain names like "ctr-sin02.atlas.ripe.net", I suppose , which are the management servers of the RIPE Atlas network.
I did not find information about control servers on the official website, but it can be assumed that their tasks include managing sensors, as well as aggregating and processing data. If my guess is correct, then there are at least 6 management servers, of which located in the USA - 2, the Netherlands - 2, Germany - 1, Singapore - 1. Port 443 is open on all servers.
If someone has more information about the control servers of the RIPE Atlas network, please clarify this issue.
Sensor

The RIPE Atlas sensor is a small device (TP-Link 3020) powered by USB and connected to the router's Ethernet port using a network cable. Depending on the model, the sensor may have an Atheros AR9331 chipset, 400 MHz, 4 MB flash and 32 MB RAM or a MediaNek MT7628NN chipset, 575 MHz, 8 MB flash and 64 MB RAM.
Anchor

The armature is an advanced sensor with much greater performance and measurement capability. It is a device in a standard 19-inch version on the APU2C2 or APU2E2 hardware platform with a 4 GHz quad-core processor, 1 GB of RAM, 2 Gigabit Ethernet ports and 3 GB of SSD storage. .
Installation and control of the sensor
As I've already mentioned, the sensors are distributed free of charge for installation in your infrastructure. When requesting a sensor, you specify the country, city, and autonomous system number where it will be located. In response to my request RIPE NCC sent such a message.
Unfortunately, your application does not meet our criteria for a hardware sensor at this time. While our goal is to distribute the RIPE Atlas sensors as widely as possible, it appears that there are already enough devices connected either within the ASN you specified, in the network you applied for, or in the country in which you applied application.
No problem. In this case, you can install the software sensor, for example, on a virtual machine, home server, or routerβthere are no restrictions on location or autonomous system. Supported CentOS, Debian, Raspbian, and Turris OS. To deploy, you need to download and install the appropriate software, for example from .
The installation of the software sensor is quite simple. For example, for installation in CentOS 8 you need to execute the commands:
curl -O 'https://ftp.ripe.net/ripe/atlas/software-probe/centos8/noarch/ripe-atlas-repo-1-2.el8.noarch.rpm'
yum install ripe-atlas-repo-1-2.el8.noarch.rpm
and register the sensor, while providing the SSH key, which is located in /var/atlas-probe/etc/probe_key.pub, as well as the autonomous system number and your city. The letter reminded of the need to correctly indicate the location of the sensor.
Sensor management is limited by the ability to share the measurement resource with other users, set up notifications about downtime, as well as standard network settings (address, default gateway, etc.).
Measurement
Finally got to the measurements. Tasks for measurements are configured from the personal account. You can also see the results there.
Formation of a task for measurement consists of three steps: selection of the type of measurement, selection of the sensor, selection of the measurement period.
Measurements can be of the following types: ping, traceroute, DNS, SSL, HTTP, NTP. Detailed settings for a specific type of measurement, excluding specific ones due to a specific protocol or utility, include: target address, network layer protocol, number of packets in the measurement and time between measurements, packet size and time between packets, degree of random offset of the packet start time.
The choice of sensors is possible by their identifier or country of location, region, autonomous system, tag, etc.
The measurement period is set by the start and end times.
The measurement results are available on the website in your personal account, which can also be obtained in json format. In general, the results of measurements are quantitative indicators characterizing the availability of a certain node or service.
For the user, the measurement capabilities are presented by a wide, but very limited range. However, it is obvious that the capabilities of the system imply the generation of packets of almost any configuration, which opens up much wider opportunities for measuring the state of the Internet.
Below is an example of raw single measurement results with default settings. In measurements such as ping, traceroute, and SSL, the habr.com IP address was chosen as the target, DNS was the IP address of the Google DNS server, and NTP was the IP address of the NTP server ntp1.stratum2.ru. All measurements used one sensor located in Vladivostok.
Ping
[{"fw":4790,"lts":18,"dst_name":"178.248.237.68","af":4,"dst_addr":"178.248.237.68","src_addr":"192.168.0.10","proto":"ICMP","ttl":55,"size":48,"result":[{"rtt":122.062873},{"rtt":121.775641},{"rtt":121.807897}],"dup":0,"rcvd":3,"sent":3,"min":121.775641,"max":122.062873,"avg":121.882137,"msm_id":26273241,"prb_id":4428,"timestamp":1594622562,"msm_name":"Ping","from":"5.100.99.178","type":"ping","group_id":26273241,"step":null,"stored_timestamp":1594622562}]
traceroute
[{"fw":4790,"lts":19,"endtime":1594622643,"dst_name":"178.248.237.68","dst_addr":"178.248.237.68","src_addr":"192.168.0.10","proto":"ICMP","af":4,"size":48,"paris_id":1,"result":[{"hop":1,"result":[{"from":"192.168.0.1","ttl":64,"size":76,"rtt":7.49},{"from":"192.168.0.1","ttl":64,"size":76,"rtt":1.216},{"from":"192.168.0.1","ttl":64,"size":76,"rtt":1.169}]},{"hop":2,"result":[{"from":"5.100.98.1","ttl":254,"size":28,"rtt":1.719},{"from":"5.100.98.1","ttl":254,"size":28,"rtt":1.507},{"from":"5.100.98.1","ttl":254,"size":28,"rtt":1.48}]},---DATA OMITED---,{"hop":10,"result":[{"from":"178.248.237.68","ttl":55,"size":48,"rtt":121.891},{"from":"178.248.237.68","ttl":55,"size":48,"rtt":121.873},{"from":"178.248.237.68","ttl":55,"size":48,"rtt":121.923}]}],"msm_id":26273246,"prb_id":4428,"timestamp":1594622637,"msm_name":"Traceroute","from":"5.100.99.178","type":"traceroute","group_id":26273246,"stored_timestamp":1594622649}]
DNS
[{"fw":4790,"lts":146,"dst_addr":"8.8.8.8","af":4,"src_addr":"192.168.0.10","proto":"UDP","result":{"rt":174.552,"size":42,"abuf":"5BGAgAABAAEAAAAABGhhYnIDY29tAAABAAHADAABAAEAAAcmAASy+O1E","ID":58385,"ANCOUNT":1,"QDCOUNT":1,"NSCOUNT":0,"ARCOUNT":0},"msm_id":26289620,"prb_id":4428,"timestamp":1594747880,"msm_name":"Tdig","from":"5.100.99.178","type":"dns","group_id":26289620,"stored_timestamp":1594747883}]
SSL
[{"fw":4790,"lts":63,"dst_name":"178.248.237.68","dst_port":"443","method":"TLS","ver":"1.2","dst_addr":"178.248.237.68","af":4,"src_addr":"192.168.0.10","ttc":106.920213,"rt":219.948332,"cert":["-----BEGIN CERTIFICATE-----nMIIGJzCCBQ+gAwIBAg ---DATA OMITED--- yd/teRCBaho1+Vn-----END CERTIFICATE-----"],"msm_id":26289611,"prb_id":4428,"timestamp":1594747349,"msm_name":"SSLCert","from":"5.100.99.178","type":"sslcert","group_id":26289611,"stored_timestamp":1594747352}]
NTP
[{"fw":4790,"lts":72,"dst_name":"88.147.254.230","dst_addr":"88.147.254.230","src_addr":"192.168.0.10","proto":"UDP","af":4,"li":"no","version":4,"mode":"server","stratum":2,"poll":8,"precision":0.0000076294,"root-delay":0.000518799,"root-dispersion":0.0203094,"ref-id":"5893fee5","ref-ts":3803732581.5476198196,"result":[{"origin-ts":3803733082.3982748985,"receive-ts":3803733082.6698465347,"transmit-ts":3803733082.6698560715,"final-ts":3803733082.5099263191,"rtt":0.111643,"offset":-0.21575},{"origin-ts":3803733082.5133042336,"receive-ts":3803733082.7847337723,"transmit-ts":3803733082.7847442627,"final-ts":3803733082.6246700287,"rtt":0.111355,"offset":-0.215752},{"origin-ts":3803733082.6279149055,"receive-ts":3803733082.899283886,"transmit-ts":3803733082.8992962837,"final-ts":3803733082.7392635345,"rtt":0.111337,"offset":-0.2157}],"msm_id":26289266,"prb_id":4428,"timestamp":1594744282,"msm_name":"Ntp","from":"5.100.99.178","type":"ntp","group_id":26289266,"stored_timestamp":1594744289}]
Conclusion
The RIPE Atlas network is a convenient tool that allows you to monitor the availability of objects and services on the Internet in near real time.
The data generated by the RIPE Atlas network can be useful to carriers, researchers, the technical community, and anyone interested in the healthy functioning of the Internet and want to learn more about the underlying network structures and data flows that keep the Internet running on a global scale.
PS RIPE Atlas is not alone in its kind, there are analogues, for example .
Source: habr.com
