Abstract
The end-to-end principle is one of the foundations of the original Internet architecture. This principle is put to the test by middleboxes, i.e., devices which change important parts of a packet in transit. Middleboxes can have beneficial effects, such as a lower handshake time, but also make it more difficult to deploy newly developed protocols, such as TLS 1.3 and QUIC. Therefore, it is important to have a good understanding of the middlebox ecosystem in the Internet. In this paper, we present results from a multi-faceted middlebox analysis study. We develop Yarrpbox, a tool to efficiently perform middlebox detection measurements on an Internet-scale. With Yarrpbox, we perform IPv4-wide middlebox detection and find that nearly 10% of paths are affected by a total of 5.8k middlebox devices. We perform the first IPv6 study to date, uncovering a lower prevalence of middleboxes in IPv6. Moreover, we show that the location of a vantage point can have an effect on the results, leading to up to 600 more detected middleboxes. Additionally, we characterize middleboxes by mapping them to vendors and resolving aliases. Finally, we release Yarrpbox as open-source software and make data and analysis code publicly available.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
