Saturday, May 14, 2005
Topic/Presenter |
---|
RecordingsFull AbstractKnowledge of the amount of traffic between source and destination pairs of a network is crucial to fundamental operational tasks such as capacity planning, traffic engineering, and peering management. Router vendors, third parties, academic researchers, and ingenious network engineers have devised multiple ways of collecting and estimating traffic matrices. This session presents an overview of applications of traffic matrices and operational experiences with the various approaches, including Netflow-based methods, mathematical estimation models, and MPLS (both RSVP and LDP) methods. Emphasis will be on practical experiences with each method. Speakers |
Full AbstractThis session demystifies the conceptual issues in moving data across multiple hops. We give an overview of, and contrast the functionality of these technologies, including an overview of link state routing (used in OSPF and IS-IS), spanning tree (used in bridging and switching), distance vector (used in RIP), and path vector (used in BGP). Speakers |
Sunday, May 15, 2005
Topic/Presenter |
---|
Full AbstractThis tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The tutorial then looks at common deployment scenarios as used in ISP networks, before finishing off with some of the newer features available. Speakers |
Full AbstractThis tutorial gives a quick overview of the basics of network security, including cryptography, authentication, key distribution, and some web basics. It also talks about what is difficult. The real difficulty isn't the cryptography, but basic system issues, especially considering that people are part of the system. We cover topics such as the functional differences between PKI-based systems and Kerberos-like systems, PKI trust models, and enough cryptography to impress a date. Speakers |
Full AbstractRecently two BGP tools have been released to the public, BGP::Inspect and Link-Rank. The common goal is to make the vast quantities of the University of Oregon's Route Views data easily accesible to the network operator and research community. Link-Rank visualizes BGP routing changes, while BGP::Inspect answers various useful queries, e.g., most active ASes and most active prefixes, as well as prefixes that exhibited the most number of changes in their OriginAS. Roughly half of this BOF will be a tutorial describing the tools' basic functionality and a number of new usage features. The second half offers an interactive hands-on opportunity for interested users to try them out, as well as to collect feedback from the operator community for future improvement. Attendees are encouraged to suggest analysis problems that may have arisen in their work and test whether the tools would be effective in analyzing these events. Speakers |
|
Full AbstractSpeakers
Steve Gibbard's notes from Tuesday's meeting: Merit had many hours scheduled for discussions on the future of NANOG today. After less than 45 minutes, we agreed to all "declare victory and enjoy a beautiful afternoon." Mike McPherson, Merit's President, presented Merit's draft of the NANOG bylaw proposal. Merit's draft is quite similar to my version of the NANOG Reform bylaw proposal presented on these lists a few weeks ago, being the same word for word in some places with some differences in others. Merit invited Steve Feldman, the program committee chair, and Marty Hannigan, who they had somehow decided was a representative of the NANOG Reform group, to comment on it. Steve said the program committee was willing to accept the proposal and that he was glad Merit was now thinking about what NANOG should be. Marty disclaimed representation of the NANOG Reform group (rightly -- he wasn't part of the NANOG Reform proposals), but said he agreed with Merit's proposal too. As the most recent editor of the NANOG Reform bylaws, I thanked Merit for their proposal, and said I thought it was an improvement over by own. Various others expressed support for the Merit proposal. Mitchell Rose expressed a concern that the summary of the Merit proposal on the slides referenced NANOG as an organization for Internet service providers, and appeared to be excluding other large network operators. Merit agreed that this could be changed, but it appears that was wording only in the Powerpoint summary and not in their actual draft. Vijay Gill said we're all crazy and should just go back to how things were. Nobody seemed willing to publicly agree with him. Daniel Karrenberg suggested that since we all seemed to be agreeing with each other, we should "declare victory and go home." There seemed to be general agreement with that. So, it looks like we'll end up with the Merit draft or something pretty close to that, which I think is the right outcome. We should have "steering committee" elections sometime this summer, with the committee in place in time for the fall NANOG. I told Susan Harris that I'd be happy to help with wording as they finalize it. She seemed receptive to that idea. -Steve Steve Feldman, CNET |
|
Full AbstractIt appears that anycast illustrates and exacerbates certain types of routing instabilities. We performed a series of measurements on both Planetlab and the internet at large in an effort to better understand the dynamics of routing through the anycast perspective. We found that anycast highlights the fact that routing stability is highly variable depending on network vantage point, with some ASs seeing a wildly varying situation. We also found that routing surveys done using planetlab nodes must be done very carefully if they are to be generalized to the internet at large. Recently, our observations have been validated by RIPE using very different data. By NANOG we hope to also be able to show causes of the varying kinds of instability we have seen. Speakers |
RecordingsFull AbstractIntuitively prefixes announced at multiple locations in the BGP topology will have more potential paths than those announced conventionally. Again intuitively this would amplify instabilities inherent in BGP routing as used in the Internet today. The presentation combines measurements of anycasted DNS root service with observations of BGP routing to document the status quo and ask more questions. Speakers |
Full AbstractThis presentation describes a method of building multi-host clusters for DNS service using free software. Services are provided on two more hosts, and reachability to a service address is signalled to the rest of the network from each server. In this way the service is anycast within an OSPF area. The F root nameserver is operated by ISC using nameserver clusters constructed in this manner. Issues of service monitoring, troubleshooting, stateful (TCP) transactions and necessarily-unicast, administrative functions (zone transfers, system maintenance) are discussed in some detail. The limitations of the technique with respect to load balancing, the use of other (non-DNS) protocols and operational deployment are also described. Speakers |
Monday, May 16, 2005
Topic/Presenter |
---|
RecordingsFull AbstractLarge-scale leaks have caused routing problems on the Internet in the past. On Dec 24, 2004, AS9121 announced over 100K routes to their peers, resulting in widely propagated invalid routes. Many large networks carried over 25K bad paths during the event, and some as many as 100K. Using BGP updates from approximately 80 peering sessions during the event, we analyze the event including the worst-hit networks, and the networks that spread the most bad paths. We find that network distance from AS9121 and maximum prefix settings on BGP sessions were not enough to prevent networks from carrying the bad prefixes. Finally, we review operational lessons learned (from feedback from involved networks) and make suggestions on future mitigation strategies. Speakers |
RecordingsFull AbstractIncreased threats and security demands by customers and the operator community have led to pressure on operators and providers to provide a more secure Internet. This panel will examine network-related vulnerabilities and their impact on the Internet operational community at large. Speakers |
Full AbstractAlcatel |
Full AbstractAt this Peering BOF we will explore one of several debates the Peering Coordinator community has volunteered as the most important and interesting issue facing the community today. Through debate, the competetive juices have proven to highlight the strongest arguments on both sides of a peering issue, so we will hopefully educate and entertain at the same time. In addition we will have the opportunity for those who have travelled a great distance to introduce themselves to the group, and raise ad hoc issues of interest to Peering Coordinators. From: Bill Norton Subject: Peering BOF IX at NANOG in Seattle - The Great Public vs. Private Peering Debate Hi all - Just wanted to invite you all to the upcoming Peering Birds-Of-a-Feather session at the upcoming NANOG, and give you a flavor of a couple of the topics to be discussed... Speakers |
Full AbstractThe INOC-DBA (Inter-NOC Dial-by-ASN) hotline phone system connects the network operations centers of network operators around the world in a closed VOIP system. The system's name is derived from the fact that the dial plan employs the AS Numbers of the participating organizations. To call the network operations center of another carrier or ISP, a user simply picks up the phone and dials their AS Number, which rings straight through to the other network's NOC or specific individuals there. Speakers |
RecordingsFull AbstractSpeakers Chris Quesada, Switch and Data |
RecordingsFull AbstractSpeakers |
Design Decisions and Architecture Analysis of a Global 10G Backbone (We Do it, so You Don't Have To)RecordingsFull AbstractThis talk will cover the key technical and business drivers behind the construction of a global 10G backbone, including some of the financial analysis behind build vs. buy, lessons learned, policy and nodal architecture design necessary to scale a backbone from carrying under 45 Gigabit/sec of traffic three years ago, to over 250 Gigabit/sec of traffic now, while reducing overall OPEX. Speakers |
Full AbstractOur agenda includes:
Speakers |
RecordingsFull AbstractThis talk provides an overview of VoIP for operators that covers some of the issues and challenges confronting the evolution of VoIP. Topics include a brief history of the evolution of how we got here, issues and challenges such as public and private ENUM, security, and 'quality' needs/desires of applications derived from VoIP technologies such as SIP. Speakers |
Full AbstractThere is still some debate in the SIP community about the best way to protect the service, and whether there's really a need for Session Border Controllers. Are they good or evil? This presentation will focus on the current practice for carrier VoIP security, the need and role for Session Border Controllers, and some lessons learned from current deployments. Speakers |
RecordingsFull AbstractBy forging or "spoofing" the source address of an IP packet, a malicious user or compromised host can send packets toward a victim anonymously or employ reflector attacks. This talk presents an Internet-wide active measurement spoofing project. Clients source valid, bogon and martian spoofed UDP packets to determine source address filtering policy. We infer filtering granularity by performing adjacent netblock scanning. Our results are the first to quantify the extent and nature of filtering and the ability to spoof on the Internet. Approximately 23% of the observed netblocks and autonomous systems permit spoofing or employ automated configuration methods that allow partial spoofing. Projecting this number to the entire Internet, an approximation we show is reasonable, yields over 108M spoofable addresses and 4,000 spoofable networks. Our findings suggest that a large portion of the Internet is still vulnerable to spoofing and concerted attacks remain a serious concern. Speakers |
Full AbstractPGP is a system for encrypting and verifying the authenticity of information, and is commonly used as a tool to sign and encrypt e-mail. For PGP to be useful, a means of obtaining and distributing trust in public keys is required: in PGP, this is done by adding signatures to keys to build a "web of trust". Key signing parties are one way to build an effective web-of-trust. Big Key Signing parties are tedious: lots of hexadecimal, and often little attention to the important matter of verifying identities. Big key signing parties are also awkward to schedule. This presentation proposes an alternative approach: to hold several, smaller key signing parties which can be interconnected by individuals who attend more than one of them. This approach is being followed for PGP Key Signing at NANOG34. Speakers |
RecordingsFull AbstractSpeakers |
Tuesday, May 17, 2005
Topic/Presenter |
---|
RecordingsFull AbstractTuesday afternoon and evening: Community Dialog On Tuesday afternoon we'll work together to resolve open issues remaining from Sunday evening. By Tuesday evening, we'll be ready to prepare an action plan for next steps to take in the continuing evolution of NANOG. Steve Gibbard's notes from Tuesday's meeting From: Steve Gibbard Subject: Notes from today's NANOG "community meeting" Merit had many hours scheduled for discussions on the future of NANOG today. After less than 45 minutes, we agreed to all "declare victory and enjoy a beautiful afternoon." Mike McPherson, Merit's President, presented Merit's draft of the NANOG bylaw proposal. Merit's draft is quite similar to my version of the NANOG Reform bylaw proposal presented on these lists a few weeks ago, being the same word for word in some places with some differences in others. Merit invited Steve Feldman, the program committee chair, and Marty Hannigan, who they had somehow decided was a representative of the NANOG Reform group, to comment on it. Steve said the program committee was willing to accept the proposal and that he was glad Merit was now thinking about what NANOG should be. Marty disclaimed representation of the NANOG Reform group (rightly -- he wasn't part of the NANOG Reform proposals), but said he agreed with Merit's proposal too. As the most recent editor of the NANOG Reform bylaws, I thanked Merit for their proposal, and said I thought it was an improvement over by own. Various others expressed support for the Merit proposal. Mitchell Rose expressed a concern that the summary of the Merit proposal on the slides referenced NANOG as an organization for Internet service providers, and appeared to be excluding other large network operators. Merit agreed that this could be changed, but it appears that was wording only in the Powerpoint summary and not in their actual draft. Vijay Gill said we're all crazy and should just go back to how things were. Nobody seemed willing to publicly agree with him. Daniel Karrenberg suggested that since we all seemed to be agreeing with each other, we should "declare victory and go home." There seemed to be general agreement with that. So, it looks like we'll end up with the Merit draft or something pretty close to that, which I think is the right outcome. We should have "steering committee" elections sometime this summer, with the committee in place in time for the fall NANOG. I told Susan Harris that I'd be happy to help with wording as they finalize it. She seemed receptive to that idea. -Steve Speakers |
|
Full AbstractSpeakers |
|
RecordingsFull AbstractOver the last nine months, Cable & Wireless has rolled out native IPv6 across the whole of the AS1273 backbone. Today, several large customers are using this service. This presentation covers the basic design, the practical experience gained during this rollout, as well as the challenges that needed to be overcome. It provides a collection of useful tips to anyone wanting to roll out production quality native IPv6 services on a global backbone. The rollout also brought to light several issues with the present ad hoc deployment of v6 by the Internet Community at large, and, despite the protocol's age/maturity, the general lack of vendor support. This presentation is therefore also a plea directed at vendors and the Internet community alike to clean up its IPv6 story and support its use in production environments. Speakers |
Full AbstractMuch work is being done to provide an IPv6 multihoming solution that doesn't depend on deaggergation. While the draft solutions take into consideration failover and load sharing, they fail to support some of the commonly used inter-AS traffic engineering functions. The presentation is an attempt to provide the three basic inter-AS traffic engineering approaches as a clear example of IPv6 multihoming requirements. Speakers |
RecordingsFull AbstractThis talk is intended to provide an update to the community on the MoonV6 effort covering IPv6 interoperability testing. Speakers |
Full AbstractThe Internet currently consists of a well connected core and less well connected spurs. Within the core, connectivity is good. For the rest of the world, areas that relate to the core as long spurs, its a different story. Many different ISPs in these regions have connectivity to the core, but few connect to each other. The connections to the core often extend long distances, sometimes over satellite links. Even local connectivity uses these connections, so data may have to go half way around the world and back in order to go a few miles, leading to great expense and poor performance. While true local communications are vulnerable mainly to problems with fiber links of a few miles, long distance communications are vulnerable to failures of microwave and satellite links going long distances. When local communications are carried on long distance connections, local communications become vulnerable to the reliability problems of long distance circuits. The purpose of this talk is to examine the problems this structure causes for the spur regions of the Internet, and to propose some solutions. Speakers |
Full AbstractCurrently the inter-domain routing policy of an autonomous system is often ill-specified, undergoes constant adjustments for reasons of traffic engineering and/or to address-specific customer wishes, and is often realized by manually configuring each router individually, an error-prone approach. This talk discusses a system that raises the abstraction level at which routing policies are specified from individual BGP statements to a network-wide routing policy.
Speakers Olaf Maennel, Technical University Munich. |
|
RecordingsFull AbstractWhat is next for Ethernet? Vendors are starting to develop new technologies such as 40 GbE and 100 GbE. We're at the point in the industry where operators need to support vendors and build critical mass as the IEEE starts to put out Call for Interests on these technologies. The pros and cons of 40 GbE and 100 GbE are presented, followed by details on what the next steps are for each technology, and how operators can get involved to drive the standards. Speakers |
RecordingsFull AbstractSpeakers Panelist - Celeste Anderson, Pacific Wave |