You know when in the morning you wake up and a thought flashes across your mind? One of these mornings I had this: how many RIPE Atlas probes are on a NAT64/DNS64 scenario? RFC7050 can help to answer this question.
IPv6 adoption in Italy
After the good IPv6 Working Group presentations at RIPE67 I decided to put togheter some data regarding IPv6 adoption in Italy, analyzing enabled Government websites and enabled access networks.
The results are… quite encouraging from the point of view of the work that needs to be done!
Windows Server 2008 / IIS 7.5: client source port logging
Many countermeasures taken by ISPs to face IPv4 exhaustion (DS-Lite, NAT64, NAT44, CGN) need more than the old IP-address/timestamp couple to uniquely identify an end-user on Internet. Even with a full logging of activities and sessions an ISP can’t trace a specific user if no source TCP/UDP port is given. So content providers, whether large or small, need to enable clients source port logging; it doesn’t matter if they run an enormous e-commerce website or a small blog like this, if they want to provide Law Enforcement Agencies (LEAs) a set of information capable of uniquely trace a user they need client source port logging.
Many software products have simple builtin configuration commands to accomplish this task, here I write how to enable this feature under Microsoft Windows Server 2008 R2 – IIS 7.5.
Advanced Logging IIS extension
The IIS builtin logging module doesn’t allow client source port logging, so an extension is needed: Advanced Logging. Once installed a new icon appears in the IIS Management Console:
Enable client port logging
Configuration can be done at any level: global, web site, directory. Open the Advanced Logging icon then, in the Actions pane, click Enable Advanced Logging. Once enabled the feature you just need to add the client port to the list of logged fields: always from the Action pane click Edit Logging Fields, then the Add field button and use the following data:
Field ID: Client-IP Source type: Server variables Source name: REMOTE_PORT
Hit the OK button a couple of time and go back to the main window, where you find the default log definition named %COMPUTERNAME%-Server; double click it in order to open details then select your logging preferences, being careful to add the Client-IP field ID to the list of the selected ones (from the Selected Fields section click the Select Fields button and check it).
After you have done some activity on your web site you can check the log content clicking View log files from the Actions pane; client port will be there somewhere, depending on the fields sequence you have on the log definition Selected Fields list.