Saturday, October 16, 2004
Topic/Presenter |
---|
Full AbstractThis intermediate-level tutorial offers attendees a view of some common practices for operating a blackhole service. As security concerns abound in the Internet, operators and providers are constantly exploring methods for protecting their networks and customers. During this intermediate-level tutorial we assume that attendees have basic IGP and BGP networking skills. We then build on this basic knowledge by discussing announcement methods for blackholing traffic across the network. In addition, some options for counting and logging the discarded traffic are discussed. Throughout the tutorial, operational and configuration commands from multiple vendors are used to illustrate the tutorial concepts.
Speakers Joe Soricelli, Juniper |
RecordingsFull AbstractThis tutorial introduces service providers to some of the features available in BGP to aid multihoming to the Internet. After an explanation of multihoming and the principles being followed in this tutorial, several examples involving different scenarios will be given. This includes the options available when multihoming to the same ISP (including RFC2270) and to different upstreams. Configurations for modifying inbound and outbound traffic flows are covered. The tutorial concludes with a case study and an examination of the use of BGP communities by several ISPs. Speakers |
Sunday, October 17, 2004
Topic/Presenter |
---|
Full AbstractSpeakers |
Full AbstractThe management and administration of Internet number resources will be examined in this tutorial. Beginning with an overview of the Regional Internet Registry (RIR) system, the structure, characteristics, and services of an RIR will be explored. Current trends in the global structure, such as the Number Resource Organization (NRO), Address Supporting Organization (ASO), and the World Summit on the Information Society (WSIS) will be discussed. Specific ARIN activities such as registration services, policy development, training, and elections will be detailed. Lastly, the current state of the distribution of Internet number resources will be detailed. Speakers |
Full AbstractAOL cordially invites all NANOG attendees to a Welcome Reception on Sunday, October 17th, from 5:00 - 7:00 p.m. This event is sponsored by ATDN, AOL's ISP Backbone. It is being held at the Pavilion in the middle of Reston Town Center, just outside the hotel. Please join us for hors d'oeuvres and an open house bar. |
RecordingsFull AbstractThis is an Introductory/Intermediate Tutorial Speakers |
RecordingsFull AbstractThis presentation highlights real IPv6 deployment techniques in service provider networks. After attending this presentation, the listener will be able to test IPv6 deployment techniques in a lab environment and deploy the technology in their networks. Speakers Ciprian Popoviciu, Cisco Systems |
RecordingsFull AbstractOver the past couple of years, critical vulnerabilities in systems software coupled with malware containing IRC-based clients has led to a rising number of compromised hosts that have become part of one or more 'bot' networks used for spam, DoS attacks, sniffing, and file trading. Network operators have had to become increasingly involved in helping to mitigate bots and botnets. This session uncovers the beginning steps network operators can take to root out and disrupt botnets. Speakers |
RecordingsFull AbstractNetwork operators are accustomed to protecting their own networks from inbound attacks, but the greatest threat today can be detected in outbound traffic. Compromised scripts and unwary customers provide a means of infiltration, and detection is best done by monitoring outbound traffic. Speakers |
Full AbstractRecent presentations to previous NANOG meetings have shown us some of the historical insights gathered by the experienced crowd at some of the U.S.-based exchanges. We in a way intend to follow up on that topic, by illustrating the more recent developments that the Amsterdam Internet Exchange (AMS-IX) has gone through, in its attempts to address the never-ending demand for bandwidth that AMS-IX, like many others, is facing. Speakers |
Monday, October 18, 2004
Topic/Presenter |
---|
RecordingsFull AbstractAll Internet routers contain buffers to hold packets during times of congestion. Today, the size of the buffers is determined by the dynamics of TCP's congestion control algorithm. In particular, the goal is to make sure that when a link is congested, it is busy 100% of the time; which is equivalent to making sure its buffer never goes empty. A widely used rule-of-thumb states that each link needs a buffer of size B = RTT X C, where RTT is the average round-trip time of a flow passing across the link, and C is the data rate of the link. For example, a 10Gb/s router linecard needs approximately 250ms X 10Gb/s = 2.5Gbits of buffers; and the amount of buffering grows linearly with the line-rate. Such large buffers are challenging for router manufacturers, who must use large, slow, off-chip DRAMs. And queueing delays can be long, have high variance, and may destabilize the congestion control algorithms. Speakers |
Full AbstractVarious techniques to protect BGP routing have been proposed. To be deployed, these techniques must be rigorously tested and evaluated. Deter/ Emist routing group is building a routing testbed to create an experimental infrastructure and developing evaluation methods. In this talk, we describe the testbed architecture and share experience gained learned in the testbed setup. Speakers |
Full AbstractArbinet |
Full AbstractSecurity incidents are a daily event for Internet Service Providers. Attacks on an ISP's customers, attacks from an ISP's customer, worms, BOTNETs, and attacks on the ISP's infrastructure are now one of many "security" NOC tickets through out the day. This increase in the volume and intensity of attacks has forced ISP's to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation. Hence, these ISP Security BOFs are also used as a face-to-face syncup meeting for the NSP-SEC forum (see https://puck.nether.net/mailman/listinfo/nsp-security.) Speakers |
RecordingsFull AbstractSpeakers Ron da Silva, Time Warner Cable Susan Harris, Merit Network Ray Plzak, ARIN |
Full AbstractSpeakers |
Full AbstractUnlicensed wireless radios such as 802.11 systems have significantly reduced the cost and technical knowledge needed to deploy wireless networking. The technology is now attractive not only for the office and home user, but also to ISPs for last-mile, to educational institutions and corporations for campus networking, and for the Internet activist working on full neighborhood connectivity. Unfortunately, by its nature, unlicensed wireless networks will encounter more interference as more users dive in. This talk will cover some of design principals to get the most from your wireless deployments. Speakers |
Full AbstractARIN's mission includes fostering a consensus-based, community-driven policy process, and facilitating Internet advancement by providing information and educational outreach. In that spirit, ARIN is looking for more effective ways to channel the expertise and experience of network operators into Internet number resource policy discussions and the development of educational tools to benefit the broader Internet community. Speakers |
Full AbstractRatified as an IEEE standard in 2001, 802.1X defines port-based network access control. While providing a host of benefits to network operators, adoption of 802.1X has been slow--much slower than the rapid deployment experienced by 802.11b. Speakers Jon Snyder, Portland State University |
Full AbstractThis talk will cover the datacenter network architecture for supporting very high bandwidth caching and streaming complexes, as well as strategies for migrating content closer to the end-user. Speakers |
RecordingsFull AbstractBuilding and operating a multi-service network has been something many providers have talked about for many years, but not many have succeeded. Learn how you can accomplish this in your company, as well as some strategies for extending the reach of multi-service networks through partners. There is an overview of a typical VoIP infrastructure and how VoIP peering works, as voice is a key driver for implementation of a multi-service network. Speakers |
|
Full AbstractInternet Service Providers often establish contractual peering agreements, in which they agree to forward traffic to each other's customers at no cost. "Consistent route advertisement at all peering points" is a common provision in these agreements, because it gives an AS the flexibility to select egress points for the traffic (e.g., performing "hot potato" routing). Verifying "consistent export" is challenging because route advertisements are exchanged at multiple peering points and may be modified by routing policies. Speakers |
Full AbstractThis talk presents the Link-Rank tool for monitoring BGP dynamics. Network events such as failures and policy changes cause routes to change, and often result in a ripple effect observed at various places with a large number of BGP updates. "Link-Rank", a Java-based graphical toolset, is designed to help extract routing change dynamics from the multiple gigabytes of BGP log data. Link-Rank weights the links between Autonomous Systems by the number of routing prefixes going through each link and generates Rank-Change graphs that capture the route changes in each time interval. A time series animation presents these rank-change graphs in an easy-to-understand manner. The toolset also provides a feature to combine views from multiple observation points to give a more complete picture of BGP dynamics. Using the Link-Rank toolset, we show how these graphs can be used to understand BGP route change events and narrow down possible locations that originated the changes. We also show how combining views into a single graph can increase the accuracy of event diagnosis and provide useful insight. This work complements existing toolsets such as BGPlay, which focus on routing changes to a single (or small number) of prefixes. By presenting views from multiple vantage points, Link-Rank provides a large-scale picture. This broad view can then be used to identify individual prefixes for further detailed examination by BGPlay to produce better insights. Speakers Dan Massey, Colorado State University |
RecordingsFull AbstractVeriSign operates j.root-servers.net. This server has undergone some interesting changes in the past two years. In November, 2002, the server's IP was changed and we will present data surrounding the renumbering event. Starting in early 2003, we began anycasting this server. Now with more than a dozen sites, we will present data surrounding the distribution of queries to the various anycast instances, focusing on geolocation. Finally, the old IP address of j.root-servers.net continues to receive traffic two years after having been renumbered. We will present an analysis of the specific traffic received. Speakers |
RecordingsFull AbstractThis talk provides an update on RPSLng, which enhances the Routing Policy Specification Language with support for IPv6 and multicast. Topics to be covered include a brief overview of the changes in RPSLng (with examples), an update on the RPSLng IETF standards status, and RPLSng implementation status and deployment plans. Speakers |
RecordingsFull AbstractSpeakers |
Tuesday, October 19, 2004
Topic/Presenter |
---|
|
Full AbstractIn a post 9/11 world, there is great interest in enhancing the ability of telecommunications networks and other critical infrastructures to withstand terrorist attacks. Wherever possible, there is a strong desire to use market mechanisms to drive necessary changes. Speakers |
RecordingsFull AbstractThere have been a number of efforts to capture the current state of the routing space and visualize this in some form. The approach taken in this work is to look at the address space, and the use of addresses in routing, to create a discrete"'snapshot" of the routing space once per day, and to use this sequence of images as the raw data for a movie file. The presentation looks at the consumption of IPv4 address space and AS numbers since 1983. Speakers |
Full AbstractRecently we have observed various types of DNS anomalies due not only to misconfigurations such as lame delegations, but also due to malicious DoS attacks on DNS servers. However, discussion of DNS anomalies are mainly focused on DNS root servers and authoritative servers, and DNS cache servers have been hidden inside providers and rarely exposed. Speakers Tsuyoshi Toyono, NTT Labs |
|
Full AbstractThe DNS security protocol, DNSSEC, has been under development for more than a decade and is now emerging from the design and standards (IETF) process. The focus is now on deployment. Multiple groups are now engaged in putting DNSSEC into use. Zones at all levels, from the root down through enterprises, need to be signed, and end systems and resolvers need to evolve to make use of these signatures. Speakers Steve Crocker, Shinkuro Suresh Krishnaswamy, SPARTA, Inc. Russ Mundy, SPARTA, Inc. |
Full AbstractAs national utility infrastructures become intertwined with emerging global data networks, the stability and integrity of the two have become synonymous. This connection, while necessary, leaves network assets vulnerable to the rapidly moving threats of today's Internet, including distributed denial of service attacks, fast moving worms, and routing exploits. This presentation introduces the Internet Motion Sensor (IMS), a globally scoped Internet monitoring system whose goal is to measure, characterize, and track threats. Speakers |