Skip to Main Content
Recently, the Internet is essential in providing numerous services to different types of users. Preventing the users from accessing these services has a serious impact on the daily life of the user. In this paper we considered a scenario wherein a specific region is maliciously denied from accessing the Internet by a single upstream International Internet Service Provider (IISP). Assuming the availability of a cooperative AS, we prototype and evaluate a tunnel-based solution proposed by M. Abu-Amara . The prototyping is conducted in a real laboratory designed and configured to be close to the Internet's ASes connectivity structure. Different tunneling protocols are examined with different Internet applications and background traffic loads. The prototyping proves the ability of the tunneling techniques in circumventing the Internet access denial performed by the malicious IISP. In addition, the IP-in-IP tunneling technique has shown the lowest end-to-end delay and traffic overhead.