The only thing I've seen in the past 20 years which has made any positive impact on overall internet reliability is BGP dampening. In all other cases its gotten worse as networks are ground to dust by daily DDOS attacks. You can read daily about sites xyz or networks xyz being unreachable for hours/days/weeks/months due to DDOS attacks. Compared to 20 years ago I would have to say overall things are worse not better.
Yes... The news reports more outages today than they reported back then. Of course, part of that is because 20 years ago, the media couldn't spell internet, let alone connect to it. However, the huge expansion in overall bandwidth, the increase in bandwidth to subscriber ratio, the proliferation of firewall appliances, and, faster and better switching and routing capabilities, packet over sonet, MPLS have all contributed to a more reliable and more flexible internet. YMMV, but, for me, today, when I try to connect to things on the internet, I have a much higher success rate than I did 20 years ago. My links aren't clogged with DDOS or abuse, even though I'm on a completely unfiltered link. Sure, I see the occasional DDOS, lots of probes, and, many many attempts to use my systems to relay SPAM. The relay attempts are quietly discarded, the DDOS stays down in the noise threshold for the most part, and, the other abuse attempts are logged and fail. However, the things I try to do with the internet mostly succeed. Judging by the server logs, people are getting to the web servers I host without difficulty. 20, even 10, heck, even 5 years ago, my success rates were lower than they are today. They've been roughly the same for the last 5 years, but, that's pretty good, so, I'm generally happy. I'm not saying we shouldn't make efforts to eliminate abuse. I'm not saying abuse isn't a reliability issue or that it doesn't have a cost. However, eliminating end-node abuse at the transit just adds more cost and is, in the long run, an ineffective solution at best, usually with unintended side consequences. Owen -- If it wasn't crypto-signed, it probably didn't come from me.