NANOG Meeting Presentation Abstract

MPLS-Based Synchronous Traffic Shunt
Meeting:	NANOG28
Date / Time:	2003-06-03 3:30pm - 4:00pm
Room:	Seasons Ballroon
Presenters:	Speakers: Yehuda Afek, Riverhead Yehuda Afek is a Professor in the School of Computer Science at Tel-Aviv University, and the CTO of Riverhead Networks Inc. Currently his research focuses on efficient forwarding and routing algorithms for IP networks, and methods for traffic engineering to stop DDoS attacks. Prior to joining Tel-Aviv University in 1989 he spent four years in AT&T Bell Laboratories. He received his M.Sc. and Ph.D. in Computer Science from UCLA in 1985 and 1983, respectively. Roy Brooks, Cisco Systems. Nicolas Fischbach, COLT Telecom Nicolas Fischbach is a Senior Manager, responsible for the European IP Security Engineering team at COLT Telecom. He also manages the Swiss IP Engineering team, and after participating in the deployment of the Swiss IP network and Internet Solution Center, he helped create the security and network unit of the Professional Services department. He holds an Engineer degree in Networking and Distributed Computing. Nicolas is also co-founder of Sécurité.Org, a French-speaking portal on computer and network security.
Abstract:	We present various MPLS-based methods to enable a service provider to divert traffic of specific destinations to a centralized scrubbing and inspection facility. The traffic may be diverted from several locations, such as peering points, to the central processing facility. This technique differs from the sinkhole approach, in which the traffic does not come out of the sink and thus does not reach the intended destination. Here, after being processed, the traffic is sent back to the network on its way to the intended destination. This facilitates scalable, focused, and targeted filtering and processing of different customer traffic for on demand tasks such as, reverse proxy (ala Hardie & Wessels, see Bellwether - Surrogate Services for Popular Content,\" NANOG19), traffic examination, or DDoS attack filtering. The experience of a successful real-life deployment in an ISP environment will be reviewed.
Files:	MPLS-Based Synchronous Traffic Shunt Yehuda Afek Presentation(PPT)
Sponsors:	None.

Back to NANOG28 agenda.

NANOG28 Abstracts

• Show All

• BGP Multihoming Techniques
  Speakers:
  Philip Smith, Cisco Systems;

• Deploying Interdomain IP Multicast
  Speakers:
  Mike McBride, Cisco Systems;

• Introduction to MPLS
  Speakers:
  Joe Soricelli, Juniper;

• Interception Technology: The Good, The Bad, and The Ugly!
  Speakers:
  Jeff Schiller, MIT;

• The National Infrastructure Assurance Council (NIAC) Vulnerability Disclosure Framework and What It Might Mean to the ISP Community
  Speakers:
  Jim Duncan, Cisco Systems; Paul VixieISC; .
  

• The National Infrastructure Assurance Council (NIAC) Vulnerability Disclosure Framework and What It Might Mean to the ISP Community
  Speakers:
  Jim Duncan, Cisco Systems; Paul VixieISC; .
  

• IPv4/IPv6 Dual-Stack on Abilene
  Speakers:
  Grover Browning, Indiana University;

• Research Forum: Inter-provider Coordination for Real-Time Tracebacks
  Speakers:
  Kathleen M. Moriarty, MIT;

• Research Forum: Achieving Record Speed Trans-Atlantic End-to-end TCP Throughput
  Speakers:
  Les CottrellStanford University; .
  

• ISP Security: Deploying and Using Sinkholes
  Speakers:
  Barry Raveendren GreeneCisco Systems; .
  Danny McPhersonArbor Networks; .
  

• ISP Security: Deploying and Using Sinkholes
  Speakers:
  Barry Raveendren GreeneCisco Systems; .
  Danny McPhersonArbor Networks; .
  

• Issues in IPv6 Deployment
  Speakers:
  Jeff Doyle, Juniper;

• XML-based Network Management Tools
  Moderators:
  Rob Enns, Juniper;

• @Home Cable Backbone Deployment Experiences
  Speakers:
  Cathy WittbrodtNone; .
  

• Bidirectional Forwarding Plane Deadness Detection
  Speakers:
  Dave WardCisco Systems; .
  Dave KatzJuniper Networks; .
  

• Bidirectional Forwarding Plane Deadness Detection
  Speakers:
  Dave WardCisco Systems; .
  Dave KatzJuniper Networks; .
  

• BGP Vulnerability Testing: Separating Fact from FUD
  Speakers:
  Sean Convery, Cisco Systems; Matthew Franz, Cisco Systems;

• BGP Vulnerability Testing: Separating Fact from FUD
  Speakers:
  Sean Convery, Cisco Systems; Matthew Franz, Cisco Systems;

• NRIC Best Practices for ISP Security
  Speakers:
  Ross Callon, Juniper;

• Implementation of ARIN\'s Lame DNS Delegation Policy
  Speakers:
  Ed Lewis, ARIN;

• MPLS-Based Synchronous Traffic Shunt
  Speakers:
  Yehuda Afek, Riverhead; Roy BrooksCisco Systems; .
  Nicolas Fischbach, COLT Telecom;

• MPLS-Based Synchronous Traffic Shunt
  Speakers:
  Yehuda Afek, Riverhead; Roy BrooksCisco Systems; .
  Nicolas Fischbach, COLT Telecom;

• MPLS-Based Synchronous Traffic Shunt
  Speakers:
  Yehuda Afek, Riverhead; Roy BrooksCisco Systems; .
  Nicolas Fischbach, COLT Telecom;

• BGP AS Number Exhaustion
  Speakers:
  Geoff HustonTelstra, author; .
  K ClaffyCAIDA; .
  

• BGP AS Number Exhaustion
  Speakers:
  Geoff HustonTelstra, author; .
  K ClaffyCAIDA; .