NANOG 49 Agenda
Sunday, June 13 2010
Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
12:00pm - 6:00pm | Mezzanine Level | Registration | | |
12:05pm - 5:30pm | Georgian | Vendor Collaboration RoomYou are invited to visit the Vendor Collaboration Room during its open hours to learn about the support of IPv6 capabilities in a variety of networking equipment.<BR>
<BR>
Arbor Peakflow SP (https://192.35.169.215/status/index)<BR>
Demonstration Username = demo<BR>
Demonstration Password = demo123!<BR>
<BR>
Native Dual Stack Home Networking<BR>
SSID = comcast6-apple-nds<BR>
SSID = comcast6-cisco-nds<BR>
SSID = comcast6-netgear-nds<BR>
<BR>
6rd<BR>
SSID = comcast6-cisco-6rd<BR>
<BR>
Wifi<BR>
SSID = Comcast6_Belair View full abstract page. | Speakers:
- <I>Participants:</I> A10 Networks, Arbor Networks, Cisco, Comcast, Netflix, None.
| |
2:00pm - 3:30pm | California East, 2nd Floor | Tutorial: Introduction to Label switched Multicast: P2MP-TE & mLDPService Providers using MPLS infrastructure want to offer Multicast Services to their customers using the same MPLS core network that are used to offer unicast services. One of the widely deployed solutions has been Multicast VPN or mVPN. However, deploying mVPN has always demanded re-engineering their core links to carry PIM traffic. Also, they could not leverage high service availability features of Fast-reroute for multicast traffic passing through MPLS core.
<BR><BR>
Recently, IETF has come out with two good solutions: P2MP TE and mLDP, in which MPLS technology has been extended to carry Multicast Traffic using labels, known as Label switched Multicast. The solutions have eliminated the need for any PIM configurations within MPLS core and has greatly simplified service/operational maintenance requirements of SP providers.
<BR><BR>
This tutorial gives an introductory overview of the two new approaches: P2MP TE and mLDP used to carry Multicast Traffic through SP MPLS core.
<BR><BR>
The following topics will be covered as part of this tutorial:
<UL>
<LI> Motivation</LI>
<LI> Multicast Solutions</LI>
<LI> P2MP TE Overview</LI>
<LI> mLDP Overview</LI>
<LI> P2MP TE Demo</LI>
<LI> Q and A</LI>
</UL> View full abstract page. | Speakers:
- Rajendra Chayapathi, Cisco Systems
Rajendra Chayapathi has been with Cisco Systems from 2000 and is based in San jose. He is a Sr.Technical Leader in Service Provider market segment in Core router business unit. His role includes working with Tier 1 SP in US, UK & Australia specifically in network strategies, customer interlock , design and operations, configuration and scaling. He is currently working on ISSU for Core routers. Prior to Cisco , he had worked in AT&T Labs for design and deployment of the IP Core Backbone network. Rajendra holds a MBA degree & is a CCIE 4991. - Utpal Mukhopadhyaya, Cisco Systems
Utpal Mukhopadhyaya is a Technical Leader at Cisco Systems, with over 10 years of experience in Systems and Solutions Testing. As part of Cisco's Network Solution Integration Test organization, Utpal designed, deployed, and troubleshooted IPv4/IPV6/MPLS networks for Service Providers. He has contributed to a number of white papers and made several presentations at training programs for network technology professionals. Utpal holds a Master's degree in Electrical Engineering from I.I.T Kanpur, India, and a Doctorate degree in Computer Science from University of Saskatchewan, Canada.
| Introduction to Label switched Multicast: P2MP-TE & mLDP P2MP n49(PDF)
|
2:00pm - 3:30pm | Grand | Tutorial: MPLS for DummiesA giant tutorial on how MPLS works, how ISPs can benefit from it, and techniques for using it. View full abstract page. | Speakers:
- Richard Steenbergen, nLayer Communications.
| MPLS for Dummies mpls for dummies n49(PDF)
|
2:00pm - 3:30pm | Colonial | Tutorial: Which Routing Protocol?This session will go into details of which routing protocol should be chosen for a large and complex network. The two protocol OSPF & ISIS will be compared side by side based on its functionality, usage, scalability and convergence. These two protocols will be compared in the light of IPv6 deployment also. View full abstract page. | Speakers:
- Khalid Raza, Cisco Systems
Khalid is a Distinguished Engineer at Cisco Systems. As a recognized expert within Cisco and worldwide ISP community, Khalid has been designing<BR>
large scale IP and MPLS networks for over fifteen years. His expertise includes IP routing protocols (OSPF, ISIS and BGP), MPLS and ISP networks.
<BR><BR>
He represents Cisco in industry panel discussion and technical conferences around the world and discusses technologies and protocols related to large scale ISP and NRN networks.<BR>
Khalid has influenced technology directions and decisions within Cisco and ISP and NRN community worldwide. He has produced technical white papers and co-authored a book called "Large Scale IP Network Solutions". His current area of interest is converge networks and IPv6 routing protocols. - Faraz Shamim, Cisco Systems
Faraz Shamim, CCIE #4131, is a Network Consulting Engineer with Cisco Systems. He has written several documents, white papers and technical tips for OSPF, RIP, EIGRP and BGP on Cisco Connection Online, CCO (www.cisco.com). He has also been engaged in developing and teaching the Cisco Advance Training Bootcamps on Advanced IP Routing & IPv6. He has taught the Cisco Bootcamp Courses to several Universities and customers world wide. Faraz actively speaks at the US and International Conferences like Networkers and APRICOT on the subject of Link State
<BR><BR>
Protocols, IPv6 & MPLS. Faraz is also an author of a Cisco press CCIE series book, "Troubleshooting IP Routing Protocols". Faraz has been with Cisco Systems since 1997 and speaking at Networkers Cisco Live events since 2000.
| Shamim Which Routing N49(PDF) Which Routing Protocol?
|
3:30pm - 4:00pm | Italian | Break | | |
4:00pm - 5:30pm | Colonial | Tutorial: Automating Network ConfigurationYou've been using tools like Puppet and cfengine to corral the complexity on your servers. You revel in the scalability, reliability, and ease of maintenance of doing it The Right Way. You don't fear the next change because you know the tools will just get it Right. But you still tremble at an 'enable' prompt, hoping you remembered all the bits that need to be twiddled, on all the networking devices everywhere. Is your DNS tied on straight - both ways? Is it all *really* being monitored by Nagios? As your network's complexity increases, so do the errors, inconsistencies, and omissions caused by manual configuration, and brokenness abounds. But wait - there's a way out of the swamp! Come hear Brent Chapman as he reveals methods and tools for automating the mind-numbing task of configuring network devices and services. Among other things, he'll talk about his cool new open source 'Netomata Config Generator', which addresses some of these problems. View full abstract page. | Speakers:
- Brent Chapman, Netomata, Inc
Brent Chapman is the founder, CEO, and technical lead of Netomata, Inc. He is the coauthor of the highly regarded O'Reilly & Associates book Building Internet Firewalls. He is also the founder of the Firewalls, List-Managers, and Network-Automation Internet mailing lists, and the creator of the Majordomo mailing list management package. In 2004, Brent was honored with the annual SAGE Outstanding Achievement Award 'for outstanding sustained contributions to the community of system administrators'. He has been a frequent and popular speaker at USENIX, LISA, BayLISA, and many other events over the past 15 years.
| Automating Configuration n49(PDF) Automating Network Configuration
|
4:00pm - 5:30pm | California East, 2nd Floor | Tutorial: LSM Technology: Overview, Drivers & ApplicationsThe need for Label Multicast
<UL>
<LI> What is the problem </LI>
<LI> issues with the existing multicast deployments</LI>
<LI> how the new model addresses it</LI>
</UL>
Solutions<BR>
- mLDP <BR>
* Extensions to LDP<BR>
~ New Capabilities TLV <BR>
~ FEC Elements<BR>
~ Multicast FEC Element Encoding<BR>
~ p2mp mp2mp Operation<BR>
-- Tree creation<BR>
<BR>
- p2mp-TE<BR>
* Extensions to RSVP<BR>
~ SESSION_OBJECT<BR>
~ SENDER_TEMPLATE<BR>
<BR>
OAM Extensions for support for LSM
<UL>
<LI> Multicast LSP Ping</LI>
<LI> Proxy LSP Ping</LI>
<LI> Multicast Connectivity Verification</LI>
</UL>
Applications
<UL>
<LI> PIM SSM Transit for IPv4/IPv6</LI>
mVPN Deployments (Default/Data)</LI>
<LI> Video Distribution/Contribution</LI>
<LI> FRR</LI>
</UL> View full abstract page. | Speakers:
- Shankar Vemulapalli, Cisco Systems
Shankar, CCIE # 2025, is a Technical Leader at Cisco Systems. As a lead architect, Shankar has worked on some of the largest MPLS deployments both in the Service Provider and Enterprise accounts. His expertise includes: Routing Protocols (OSPF, IS-IS & BGP), MPLS-VPNs, MPLS-TE. He is a frequent contributor both internal and external forums like APRICOT, NANOG . Also, he has contributed to several IETF RFCs on IS-IS and has written several white papers that are posted to Cisco.com website.
| LSM Technology: Overview, Drivers & Applications LSM-External.v4 n49(PDF)
|
4:00pm - 5:30pm | Grand | Tutorial: Understanding OTN and the Path to the FutureUnderstanding Optical Transport Network (OTN) is key for success in addressing the emerging needs of next generation transport networks now and in the future. As IP based services continue to grow, new OTN-based solutions provide efficient means of transporting those services globally. Take this opportunity to learn more about what OTN is and why it is important to next generation transport. View full abstract page. | Speakers:
- Michael Jamgochian, Alcatel-Lucent
<BR>Michael Jamgochian is the Director of Optics Business Development, Alcatel-Lucent. Michael has over 25 years of experience in the telecommunications field
with Alcatel-Lucent and MCI. He is currently responsible for business
development covering the Alcatel-Lucent Optical portfolio. His primary
focus is driving these activities supporting Verizon's global network.
Previous Alcatel-Lucent positions include Product Management in the
Optical Network Division and Program Management on the AT&T U-verse
program. MCI positions included facilities planning, network planning,
and network provisioning.
| Understanding OTN and the Path to the Future Understanding OTN n49(PDF)
|
5:45pm - 6:45pm | Grand | NANOG Community MeetingAgenda:<BR>
<BR>
Steering Committee Report<BR>
Program Committee Report<BR>
Mailing List Committee Report <BR>
Marketing Working Group Report<BR>
Merit Report<BR>
Transition Update<BR>
Open Discussion View full abstract page. | Moderators:
- Steve Feldman, Steering Committee Chair, CBS Interactive.
| community n49(PDF) NANOG Community Meeting transition n49(PDF)
|
8:00pm - 10:00pm | Offsite | Social at Harry Denton's Starlight Room Additional information | Sponsors Silent Partner and Dyn.Sponsors | |
Monday, June 14 2010
Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
8:00am - 5:00pm | Mezzanine Level | Registration | | |
8:30am - 9:30am | Italian | Continental Breakfast | Sponsors Alcatel-Lucent, Arbor Networks, Brocade, Cariden Technologies, Cisco Systems, Juniper Networks, Mu Dynamics, NTT America, OSI Hardware, and XKL.Sponsors | |
8:30am - 9:30am | California, 2nd Floor | Newcomers' Continental BreakfastAll first-time NANOG attendees are invited to attend a special breakfast where committee members, Merit staff and long-time NANOGers will talk about the organization, the meeting, and how to make best use of both. Please attend to learn more about NANOG and to maximize your first meeting--we promise to make it both lively and informative! The breakfast will be moderated by Ren Provo of Comcast. View full abstract page. | Speakers:
| |
9:30am - 9:45am | Grand | Opening RemarksWelcome to NANOG49 in San Francisco! Monday's program will begin with opening remarks from the NANOG Program Committee, Merit and our host, Netflix:
<UL>
<LI> David Meyer, Program Committee Chair, Cisco/UO
<BR><BR></LI>
<LI> Don Welch, Merit Network
<BR><BR></LI>
<LI> Ken Florance and David Temkin, Netflix
<BR><BR></LI>
</UL> View full abstract page. | Speakers:
- Ken Florance, Netflix.
- David Meyer, Program Committee Chair, Cisco/UO.
- David Temkin, Netflix.
- Donald Welch, Merit Network.
| Opening Remarks
|
9:45am - 10:30am | Grand | Keynote: Worse Is BetterWe discuss the data driven architecture for constructing very large<BR>
warehouse scale computers and the network and software requirements<BR>
for making very large scale systems work. Contrary to the converged<BR>
next-generation network ideas that are currently in vogue we present a<BR>
cost-based model that leads to a simpler, cheaper architecture. View full abstract page. | Speakers:
| Keynote: Worse Is Better
|
10:30am - 11:00am | Grand | 1slash8In this talk we present some initial results from our analysis of data collected from the recently allocated 1/8 network block. There has been some concern regarding the usability of this block due to the presence of background traffic. We collected a 1 week long dataset consisting of all packets received at this block in the absence of any actual hosts. We then analyze this data in order to determine the origins of this data, the volume, how similar or different it might be from other newly allocated network blocks and finally whether there are some simple mechanisms that can help alleviate the problem. View full abstract page. | Speakers:
- Michael Bailey, University of Michigan.
- Geoff Houston, APNIC.
- Farnam Jahanian, University of Michigan.
- Manish Karir, Merit Network.
- George Michaelson, APNIC.
- Eric Wustrow, Merit Network.
| 1slash8 karir-1slash8(PDF)
|
11:00am - 11:30am | Italian | Break | Sponsor Nokia.Sponsor | |
11:00am - 11:30am | Georgian | PGP Key Signing and CA Cert CertificationX.509 Certificates and Public Key authentication are a well known and wide spread technology for authentication.<BR>
<BR>
CACert offers free digital certificates built on a web-of-trust model of authentication. If you had one of the Thawte Web of Trust certificates, this is much the same and still Free. (No Verisign fees).<BR>
<BR>
Owen DeLong is a CA Cert Assurer. Other Assurers are invited to participate as well.<BR>
<BR>
You will need to bring at least one, preferably two pieces of Government issued ID (originals, not photocopies) to get assured. If you do not yet have a CA Cert identity, please create one prior to the session. View full abstract page. | Speakers:
- Owen DeLong, Hurricane Electric.
| |
11:30am - 12:00pm | Grand | IPv6 at GoogleGoogle is one of the few content providers that is embracing IPv6. This presentation will describe the reasons why, what Google has achieved in terms of IPv6 adoption, and what challenges had to be overcome along the way. It will briefly describe barriers to adoption and how Google is working to help the Internet community overcome them. It will show how networks can access virtually all Google services over IPv6 at production quality, how a number of substantial networks are already doing this today, and provide brief statistics of IPv6 deployment among Google users. View full abstract page. | Speakers:
| IPv6 at Google IPv6 at Google n49(PDF)
|
12:00pm - 12:30pm | Grand | The IPv6 Routing Table in 2010We present a detailed comparison of the IPv4 and IPv6 routing tables: the autonomous systems that participate in each, the prefixes they advertise and transit, and the economic relationships that are encoded in the ASPaths. Many of the relationships evident in the growing IPv6 table are replications of existing relationships between IPv4 peers, but a surprisingly large percentage are novel. We attempt to read the tea leaves and figure out what the emerging structure of the IPv6 routing table implies for the near-term adoption curve, as IPv4 space becomes increasingly precious. View full abstract page. | Speakers:
- Jim Cowie, Renesys Corporation.
- Clint Hepner, Renesys Corporation.
| The IPv6 Routing Table in 2010 The IPv6 Routing Table in 2010 n49(PDF)
|
12:30pm - 1:00pm | Grand | ARIN UpdateThe Internet is changing and so is ARIN. ARIN will provide an update on the current state of affairs. Additionally, ARIN is going to be<BR>
unveiling a new Whois service by the first part of July that will have<BR>
many improvements. View full abstract page. | Speakers:
| ARIN Update ARIN Update n49(PDF)
|
1:00pm - 2:30pm | | Lunch | | |
2:30pm - 3:30pm | Grand | IPv6 Enablement in the HomeThe purpose of this panel is to encourage wide spread awareness of the<BR>
evolving IPv6 capabilities that are currently or soon to be supported in<BR>
popular home networking equipment. Overview of support for various IPv6<BR>
technologies along with details related to how end users will be provisioned<BR>
with IPv6 and how this impacts existing IPv4 services will be provided.<BR>
Enablement strategies and techniques for services providers will also be<BR>
covered specifically those of the cable variety. High level requirement for<BR>
IPv6 for in-home equipment like computers and other consumer electronics<BR>
will also be discussed. Finally other key topics critical to the adoption<BR>
of IPv6 including those related to DNS will be briefly discussed followed by<BR>
an interactive Q&A session. View full abstract page. | Moderators:
- John Jason Brzozowski, Comcast
At Comcast, John provides technical leadership and guides the firm's<BR>
deployment of IPv6. He leverages his expertise and experiences to drive the<BR>
adoption and implementation of IPv6 ensuring that innovative solutions are<BR>
in place to support traditional and next generation services. John has<BR>
contributed significantly to many standards and technologies critical to the<BR>
cable industry's adoption of IPv6, specifically those pertaining to voice,<BR>
video, and data. He works closely with CableLabs on DOCSIS and PacketCable<BR>
specifications and has contributed to IETF standards efforts.<BR>
<BR>
John's work in the technical community currently includes support of the<BR>
North American IPv6 Task Force as a Steering Committee member, member of the<BR>
IPv6 Forum, and an active participant in various Cablelabs activities and<BR>
efforts. Through his work with these organization he helps to drive and<BR>
support critical IPv6 activities around the globe including but not limited<BR>
to promoting IPv6 education, awareness, and of course adoption. John also<BR>
serves as co-chair of the IETF DHC Working Group and co-chair of the MAAWG<BR>
IPv6 technical sub-committee. Panelists:
- Allen Huotari, Cisco
Allen has over 25 years of experience in the networking and communications industry. Allen is a member of the Home Networking Products team for Cisco Consumer Products (formerly Linksys) and is responsible for the investigation of emerging technologies, and helping define functional requirements for next generation networking products (with special emphasis on wireless, powerline communications, and multimedia over IP). Allen currently serves on the Board of Directors for MoCA (Multimedia over Coax Alliance), HomePlug Powerline Alliance, and AVnu Alliance. He also regularly participates in WiFi Alliance and Digital Living Network Alliance (DLNA). Allen currently holds 7 patents and has many more pending. Allen is a BSEE with honors graduate of California State University in Northridge. When not engaged in communications design he enjoys discussing music, literature, philosophy, and theology. <BR> - Salah Nassar, Netgear.
- James Woodyatt, Apple, Inc.
James is an Internet dialtone and protocol standards specialist on the AirPort and Time Capsule product firmware engineering team at Apple. I started my career in communications software in 1988, and I wrote my first original computer program in Data General Business BASIC at the age of nine.
| IPv6 Enablement in the Home IPv6 Home Apple n49(PDF) IPv6 Home Cisco n49(PDF) IPv6 Home Netgear n49(PDF)
|
3:30pm - 4:00pm | Grand | Building Traffic Matrices to Support Peering DecisionsTraffic matrices can greatly benefit key Service Provider activities like capacity planning, traffic engineering, better understand their traffic patterns and take meaningful peering decisions. Despite their importance, traffic matrices keep relatively behind the scenes and unspoken topic.<BR>
<BR>
This talk wants to present a way to build traffic matrices with pmacct using telemetry data and BGP. Leveraging along the way some case-studies and with a technical cut. pmacct is a commonly used, free, open-source IPv4/IPv6 accounting package which integrates a NetFlow/sFlow and a multi-RIB BGP collector in a single piece of software and is autorhed by the presenter. View full abstract page. | Speakers:
- Paolo Lucente, KPN International
Paolo Lucente currently serves as Architect/Designer at KPN International, a successful global IP backbone headquartered <BR>
in the Netherlands. Paolo is also the author of the free, open-source software package pmacct and a spare time consultant on complex network telemetry matters for IP backbones worldwide. Along with years of experience in the network operators arena, he brings an interest in the economics of traffic exchange in the public internet and is a contributor in many community forums, particularly in Europe. Previously, Paolo covered senior engineering and development positions at <BR>
some large national service providers across Europe and the regional research network in his home land in south Italy, Apulia.
| Building Traffic Matrices n49(PDF) Building Traffic Matrices to Support Peering Decisions
|
4:00pm - 4:30pm | Italian | Break | Sponsor Citrix.Sponsor | |
4:00pm - 6:00pm | Georgian | Vendor Collaboration RoomYou are invited to visit the Vendor Collaboration Room during its open hours to learn about the support of IPv6 capabilities in a variety of networking equipment.<BR>
<BR>
Arbor Peakflow SP (https://192.35.169.215/status/index)<BR>
Demonstration Username = demo<BR>
Demonstration Password = demo123!<BR>
<BR>
Native Dual Stack Home Networking<BR>
SSID = comcast6-apple-nds<BR>
SSID = comcast6-cisco-nds<BR>
SSID = comcast6-netgear-nds<BR>
<BR>
6rd<BR>
SSID = comcast6-cisco-6rd<BR>
<BR>
Wifi<BR>
SSID = Comcast6_Belair View full abstract page. | Speakers:
- <I>Participants:</I> A10 Networks, Arbor Networks, Cisco, Comcast, Netflix, None.
| |
4:30pm - 6:00pm | Elizabethan C/D, 2nd Floor | Best Current Practices TrackLiving Documents and Knowledge with Nowhere to Live!
<BR><BR>
What has transpired since the lightning talk, how to get involved, feedback on hot topics etc. View full abstract page. | Moderators:
- Aaron Hughes, 6connect
Aaron brings more than 15 years of experience in the telecommunications industry.<BR>
<BR>
Aaron Hughes is President and CTO at 6connect, Inc specializing in Internet Engineering automation solutions, cooling technologies and distributed managed services with a focus on IPv6. He is also the Chief Network Architect at UnitedLayer and is responsible for network topology planning, design and operations.<BR>
<BR>
Aaron has also held network and system architecture and Sr. level management roles at Exponential, Lockheed Martin, Cariden Technologies, Terremark, Certainty Solutions, Quest Technologies, RCN, UtraNet and Channel (1) Communications.
| |
4:30pm - 6:00pm | Colonial | ISP Security Track4:30 - 4:45<BR>
DNS Sec for the Root - Update<BR>
Duane Wessels, VeriSign<BR>
<BR>
4:45 - 5:00<BR>
IETF Routing Protocol Security Work - KARP<BR>
Joel Halpern<BR>
<BR>
5:00 - 5:15<BR>
Accidentally Importing Censorship: The I-Root Instance in China<BR>
Doug Madory, Renesys<BR>
<BR>
5:15 - 5:30<BR>
Investigating Botnets and Current Attribution Feasibility<BR>
Levi Gundert, Team Cymru<BR>
<BR>
5:30 - 5:45<BR>
Regional Botnet Detection<BR>
Michael Bailey, University of Michigan,<BR>
Jake Czyz, Manish Karrir, Merit Networks<BR>
<BR>
5:45 - 5:55<BR>
Benefits of Protocol Fuzzing From a Security Point of View<BR>
Jim Deleskie View full abstract page. | Moderators:
| |
4:30pm - 6:00pm | Grand | NANOG Transition PlanThe NANOG transition team along with Merit would like to have the opportunity to present the attendees: <BR>
1) reasons for the transition<BR>
2) transition plan<BR>
3) continuing role of Merit<BR>
4) open floor for Q&A<BR> View full abstract page. | Speakers:
- Steering Committee Members, None.
| NANOG Transition Plan Transition BOF n49(PDF)
|
6:00pm - 8:00pm | California, 2nd Floor | Beer 'n Gear | Sponsors Alcatel-Lucent, Arbor Networks, Brocade, Cariden Technologies, Cisco Systems, Juniper Networks, Mu Dynamics, NTT America, OSI Hardware, and XKL.Sponsors | |
8:30pm - 11:55pm | Offsite | Social at Ruby Skye Additional information | Sponsor Netflix, Equinix and Google.Sponsor | |
Tuesday, June 15 2010
Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
8:00am - 5:00pm | Mezzanine Level | Registration | | |
8:30am - 9:30am | Italian | Continental Breakfast | Sponsors Alcatel-Lucent, Arbor Networks, Brocade, Cariden Technologies, Cisco Systems, Juniper Networks, Mu Dynamics, NTT America, OSI Hardware, and XKL.Sponsors | |
9:30am - 9:45am | Grand | Morning Updates/Announcements | Speakers:
| Morning Updates/Announcements
|
9:45am - 10:30am | Grand | ASICs - The Heart of Modern RoutersThe talk will focus on roles of ASICs in the design of modern high performance routers. The benefits of ASICs will be discussed and contrasted with other technologies. The talk will highlight the various tradeoffs in ASIC system design including silicon technology, chip partitioning, and memory technology. The important steps in ASIC design and verification, from concepts to production, will also be presented. View full abstract page. | Speakers:
- Chang-Hong Wu, Juniper Networks.
| ASICs - The Heart of Modern Routers ASICs Heart of Modern Routers n49(PDF)
|
10:30am - 11:00am | Grand | Earthquake Disaster Recovery in HaitiAfter the earthquake that has destroyed Haiti on January 12, 2010, a lot of questions arise on how to get Internet infrastructure more resilient and reliable to survive and allow communications in emergency times. Right after the earthquake the newly settled IXP has survived and has allowed connectivity with the international Internet. That has permit people to use Facebook, twitter, Skype to communicate with their family locally or abroad. People under rubble have used mobile devices to send SOS messages.
<BR><BR>
Months after the tragedy some hot topics remain present:
<UL>
<LI> Need for a renewable energy system to backup commercial power
<BR><BR></LI>
<LI> Redundancy for submarine cable and other critical interconnection points
<BR><BR></LI>
<LI> Plan for restoring submarine cables
<BR><BR></LI>
</UL> View full abstract page. | Moderators:
- Reynold Guerrier, Haiti Technology Group
Reynold Guerrier is a network engineer for over 14 years experience of which 6 had firmly placed to lead the technical direction of one of the largest ISPs in Haiti. He has a Master degree in mobile networks. He is currently the treasurer of the AHTIC which he is also a founding member. In 2009, he created with some colleagues the Haiti Technology Group whose objective is to provide monitoring services and customer support to ISPs. Panelists:
- Max Larson Henry, OLPC-Haiti Project
Max Larson Henry is the IT Manager at the OLPC-Haiti Project, responsible for the deployment of a Wireless Network for Internet provisioning in the fourty schools of the project in rural Area in Haiti. Prior to joining OLPC, he was the Technical Director at Multilink. Previous to that, he was an ICT consultant at the office of the Minister of Public Works, Transport and Communication. He is also working for the State University of Haiti managing the Haitian ccTLD. A founding member of AHTIC, Max holds a MSc. in Database and System integration from CERAM(Centre Europeen de Recherche en Management), and a B.Sc. from the Faculty of Sciences of the State University of Haiti.
| Earthquake Disaster Recovery in Haiti IXP n49(PDF)
|
11:00am - 11:30am | Italian | Break | Sponsor Force10 Networks.Sponsor | |
11:00am - 11:30am | Georgian | PGP Key Signing and CA Cert CertificationX.509 Certificates and Public Key authentication are a well known and wide spread technology for authentication.<BR>
<BR>
CACert offers free digital certificates built on a web-of-trust model of authentication. If you had one of the Thawte Web of Trust certificates, this is much the same and still Free. (No Verisign fees).<BR>
<BR>
Owen DeLong is a CA Cert Assurer. Other Assurers are invited to participate as well.<BR>
<BR>
You will need to bring at least one, preferably two pieces of Government issued ID (originals, not photocopies) to get assured. If you do not yet have a CA Cert identity, please create one prior to the session. View full abstract page. | Speakers:
- Owen DeLong, Hurricane Electric.
| |
11:30am - 12:15pm | Grand | How Secure are Secure BGP ProtocolsA decade of research has been devoted to addressing vulnerabilities in BGP. The result is a plethora of BGP security proposals, each providing different types of security guarantees. To inform decisions about which of these protocols should be deployed in the Internet, we *quantify* and *compare* the ability of these protocols to blunt BGP "traffic attraction" attacks, namely, when an attacker manipulates BGP messages to blackhole traffic (e.g. prefix hijacks a la AS7007, Pakistan Telecom/YouTube), or intercept traffic (e.g. BGP man-in-the-middle attacks a la Pilosov & Kapela). We run simulations of traffic flow on maps of the Internet’s AS-level topology to determine and compare the impact of attacks on different BGP security protocols. The key implication of our work is that route filtering can be as effective as cryptographic routing protocols like Secure BGP (S-BGP) and secure origin BGP (soBGP). View full abstract page. | Speakers:
- Sharon Goldberg, Microsoft Research & Boston University.
| How Secure are Secure BGP Protocols How Secure BGP n49(PDF)
|
12:15pm - 12:30pm | Grand | Large Route Leak DetectionPrefix hijacking, in which an unauthorized network announces IP prefixes of other networks, is a major threat to the Internet routing security. Existing detection systems either generate many false positives, requiring frequent human intervention, or are designed to protect a small number of specific prefixes. Therefore they are not suitable to protect data traffic at networks other than the prefix owner during on-going hijacks.
<BR><BR>
We design and implement a system that detects a specific type of prefix hijacking, large route leaks, at real time and without requiring authoritative prefix ownership information.
<BR><BR>
In a large route leak, an unauthorized network hijacks prefixes owned by multiple different networks. By correlating suspicious routing announcements along the time dimension and comparing with a network’s past behavior, we are able to identify a network’s abnormal behavior of offending multiple other networks at the same time. Applying the detection algorithm to routing data from 2003 through 2009, we identify five to twenty large route leaks every year. They typically hijack prefixes owned by a few tens of other networks, last from a few minutes to a few hours, and pollute routes at most vantage points of the data collector.
<BR><BR>
In 2009 there are nine events detected, none of which was mentioned on operator mailing lists, but all of them are confirmed through our communication with individual operators of affected networks. The system can take real-time routing data feed and conduct the detection quickly, enabling automated response to these attacks without requiring authoritative prefix ownership information or human intervention. View full abstract page. | Speakers:
- Qing Ju, University of Arizona.
- Varun Khare, University of Arizona.
- Beichuan Zhang, University of Arizona
Beichuan Zhang is an Assistant Professor in the Department of Computer Science <BR>
at the University of Arizona. His research interests include Internet routing<BR>
architectures and protocols, network topology, content distribution, and network security. He received Ph.D. in Computer Science from the University of California, Los <BR>
Angeles (2003) and B.S. from Peking University, China (1995).
| Large Route Leak Detection LRL-NANOG49(PDF)
|
12:30pm - 1:00pm | Grand | BGP Prefix Origin ValidationThis presentation will provide an introduction to the ongoing work on BGP prefix origin validation. As has been discussed in NANOG before and witnessed by several incidents in the past, prefix hijacking in BGP is a real issue. In conjunction with the SIDR working group at IETF, a framework has been designed and implemented to validate the origination AS of BGP routes. The slides will touch upon the implementation details and deployment models. View full abstract page. | Speakers:
- Pradosh Mohapatra, Cisco Systems
Pradosh Mohapatra works in the core routing business unit at Cisco systems where his focus is on building the next-generation core routing platform and operating system. His expertise lies in routing protocols where he has wide implementation experience with BGP, IS-IS, and LDP. Prior to joining Cisco, Pradosh worked at Procket Networks as a protocol developer.
| bgp origin validation n49(PDF) BGP Prefix Origin Validation
|
1:00pm - 2:30pm | | Lunch | | |
2:30pm - 3:00pm | Grand | Lightning Talks<OL>
<LI> <B>The Network Documentation Tool (Netdot)</B><BR>
by Carlos Vicente, University of Oregon
<BR><BR></LI>
<LI> <B> Accidentally Importing Censorship</B><BR>
by Doug Madory, Renesys
<BR><BR></LI>
<LI> <B>Wide BGP Communities</B><BR>
by Robert Raszuk, Cisco Systems
<BR><BR></LI>
</OL> View full abstract page. | Speakers:
- Doug Madory, Madory.
- Robert Raszuk, Cisco Systems.
- Carlos Vicente, University of Oregon.
| Lightning Talks Madory I Root n49(PDF) Raszuk Wide BGP Communities n49(PDF) Vicente Netdot n49(PDF)
|
3:00pm - 3:30pm | Grand | Shortest Path Bridging - IEEE 802.1aq802.1aq Shortest Path Bridging is being standardized by the IEEE as an evolution of the various spanning tree protocols. 802.1aq allows for true shortest path routing, multiple equal cost paths, much larger layer 2 topologies, faster convergence, vastly improved use of the mesh topology, single point provisioning for logical connectivity membership (E-LINE/E-LAN/E-TREE etc), abstraction of attached device MAC addresses from the transit devices, head end and/or transit multicast replication all while supporting the full suit of 802.1 OA&M. This tutorial will give an overview of 802.1aq, how it works, some discussion of where it applies and then will conclude with a peek at a 30+ node network consisting of several real switches and an emulator. Using some generic graphical tools and a CLI we will explore the behavior visually and also textually in a bit of detail. View full abstract page. | Speakers:
- Peter Ashwood-Smith, Huawei Technologies Canada.
| Shortest Path Bridging(PDF) Shortest Path Bridging - IEEE 802.1aq SPB n49(PDF)
|
3:30pm - 4:00pm | Grand | Enterprise QoSThe speaker will discuss some of the challenges of designing and operating an enterprise grade QoS at one of the largest enterprise network with multivendor equipment peering with different MPLS providers with different contractual agreements.
<BR><BR>
In addition, he will discuss the development of commit scripts to handle various business logic and Capirca, Google's ACL management software that has been open sourced to the community. View full abstract page. | Speakers:
| Enterprise QoS Enterprise QoS n49(PDF)
|
4:00pm - 4:30pm | Italian | Break | Sponsor Network Hardware Resale.Sponsor | |
4:00pm - 6:00pm | Georgian | Vendor Collaboration RoomYou are invited to visit the Vendor Collaboration Room during its open hours to learn about the support of IPv6 capabilities in a variety of networking equipment.<BR>
<BR>
Arbor Peakflow SP (https://192.35.169.215/status/index)<BR>
Demonstration Username = demo<BR>
Demonstration Password = demo123!<BR>
<BR>
Native Dual Stack Home Networking<BR>
SSID = comcast6-apple-nds<BR>
SSID = comcast6-cisco-nds<BR>
SSID = comcast6-netgear-nds<BR>
<BR>
6rd<BR>
SSID = comcast6-cisco-6rd<BR>
<BR>
Wifi<BR>
SSID = Comcast6_Belair View full abstract page. | Speakers:
- <I>Participants:</I> A10 Networks, Arbor Networks, Cisco, Comcast, Netflix, None.
| |
4:30pm - 6:00pm | Colonial | Peering Track | Moderators:
| |
4:30pm - 6:00pm | Grand | Research Forum<BR><BR>Includes:<BR><BR>- Evaluating Potential Routing Diversity<BR><BR>- Value-based framework for Peering<BR><BR>- DNSSEC Visualization<BR><BR>- EyeP</I>The Research Form will include:
<UL>
<LI> <B>Evaluating Potential Routing Diversity for Internet Failure Recovery</B>
<BR><BR>
<I>by Bin Liu and Chengchen Hu, Tsinghua University; Kai Chen and Yan Chen, Northwestern University</I>
<BR><BR>
As the Internet becomes a critical infrastructure component of our global information-based society, any interruption to its availability can have significant economical and societal impacts. However, despite many research which tried to improve the resilience through the BGP policy-compliant paths, it has been demonstrated that the Internet is still highly vulnerable when major failures happen.
<BR><BR>
In this work, we aim to overcome the inherent constraint of the existing BGP-compliant recovery schemes and, and propose to seek additional potential routing diversity through Internet eXchange Points (IXPs) and relaxing BGP peering links. The focus of this paper is to evaluate the potentiality of these two schemes, rather than on their implementations. Using our most complete AS link map with 31K nodes and 142K links, we demonstrate that the proposed schemes can recover 40% to 80% of disconnected paths on average (which cannot be recovered via BGP), with rich path diversity to avoid congested links. Our work suggests a promising venue to address the Internet failures.
<BR><BR></LI>
<LI> <B>A value-based framework for Internet peering agreements</B>
<BR><BR>
<I>By Amogh Dhamdhere, CAIDA; Pierre Francois, UCL; Constantine Dovrolis, Georgia Tech</I>
<BR><BR>
Internet Service Providers (ISPs) use complex peering policies, stipulating various rules for peering with other networks. Peering strategy is often considered a ``black art'' rather than science, and the outcome of a peering negotiation can depend on factors that are neither technical nor economic. Consequently, ISPs do not have a clear idea of the networks they should peer with, and the price they should demand/offer to ensure a stable peering link. We propose a quantitative framework for settlement-free and paid-peering links, based on the ``value'' of a peering link, i.e., the benefit that networks see from that link. We first study a solution where a centralized oracle determines a provably stable, optimal and fair price for a paid-peering link, based on perfect knowledge of the revenues and costs of each network. We next show that with perfect knowledge, the centralized solution can be implemented individually by the peering networks. We then study the effects of inaccurate estimation of peering value by the peering networks. Finally, we examine how value-based peering affects the density of peering links, the nature of end-to-end paths, and the profitability of various network types in the global Internet.
<BR><BR></LI>
<LI> <B>DNSSEC Visualization</B>
<BR><BR>
<I>By Casey Deccio, Sandia National Laboratories</I>
<BR><BR>
As DNSSEC adoption grows, more and more DNS administrators are signing their zones because of mandate, technical interest, or actual security need. However, the pervasiveness of DNSSEC misconfigurations in signed zones has shown that deployment is non-trivial. As increasing organizations begin deploying validating resolvers the misconfigurations will result in resolution failure. DNSSEC troubleshooting tools exist, but have historically been catered towards seasoned users and have not been comprehensive enough to identify issues among hierarchical and lateral dependencies. While they often confirm the problem, it is not easy to pinpoint the source. DNSViz was created to help administrators see the "entire picture" graphically from name queried to trust anchor. I will discuss as part of the presentation some of the common problems encountered with DNSSEC deployment, some techniques to help troubleshoot, and how DNSViz automates this process.
<BR><BR></LI>
<LI> <B>EyeP: Visualizing IPv4 Address allocation and usage</B>
<BR><BR>
<I>By Lucas Wang, Lixia Zhang </I>
<BR><BR>
In this slides deck, we present a visualization tool EyeP to better understand IPv4 address allocation and usage in BGP. By using our tool, it's very convenient to capture where in address space have addresses been issued and what address blocks still remain unallocated. In addition, by correlating with global BGP routing table, we are able to see how many prefixes are announced within each allocated address block. We also observed that (1) around 25 /8 amount of addresses are allocated and are not announced in BGP, (2) 2000 ASes announced 1 ~ 1.5 /8 amount of unallocated prefixes in history. A subset of BGP monitors even observed 8 ASes, in different periods, announcing a long list of unallocated /8 prefixes.
<BR><BR></LI>
</UL> View full abstract page. | Moderators: Speakers:
- Kai Chen, Northwestern University.
- Yan Chen, Northwestern University.
- Casey Deccio, Sandia National Laboratories
Casey Deccio is a Senior Member of Technical Staff at Sandia National Laboratories in Livermore, CA. He joined Sandia in 2004 after receiving his BS and MS degrees in Computer Science from Brigham Young University, and he is currently a PhD candidate at the<BR>
University of California, Davis. Casey's research interests lie primarily in modeling and analysis of DNS and DNSSEC, and he led<BR>
Sandia's DNSSEC deployment efforts. - Amogh Dhamdhere, CAIDA
Amogh Dhamdhere is currently a post-doctoral researcher with CAIDA, based at UCSD. Prior to joining CAIDA, he received his Ph.D. degree in Computer Science from Georgia Tech in 2009, and a bachelor's degree from Mumbai University in 2002. His research interests lie in the areas of Internet economics, Internet topology, and techniques for network monitoring/troubleshooting. - Constantine Dovrolis, Georgia Tech.
- Pierre Francois, UCL.
- Chengchen Hu, Tsinghua Unversity
Chengchen Hu received his B.S. degree from department of automation, Northwestern Polytechnical University, Xian, China, in 2003; and his Ph. D. degree from the department of computer science and technology, Tsinghua University, Beijing, China, in 2008. He is currently a postdoctoral research fellow in the department of computer science and technology of Tsinghua University. His research interests include high performance routers, traffic management and network measurement. - Bin Liu, Tsinghua Unversity.
- Lucas Wang, None
Lucas ( Jiangzhe) Wang is a Ph.D student in Internet Research Lab(IRL), UCLA. He is currently working on IP address allocation schemes to reduce fragmented address allocations, as well as anomaly detection for BGP prefix announcements. Together with Ricardo Olivera and Lixia Zhang, he built an IP address allocation and BGP RIB prefix monitoring system called "EyeP". Before joining UCLA in Sep/2009, he received his B.E. in software engineering from Nankai University (China). - Lixia Zhang, None.
| DNS Visualization n49(PDF) Evaluating Potential Routing Diversity n49(PDF) EyeP n49(PDF) Research Forum Value Based Framework Peering n49(PDF)
|
8:00pm - 11:00pm | Offsite | Social at the Clift Hotel Additional information | Sponsor CORESITE and Hurricane Electric.Sponsor | |
Wednesday, June 16 2010
Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
8:00am - 12:00pm | Mezzanine Level | Registration | | |
8:30am - 9:30pm | Italian | Continental Breakfast | Sponsors Alcatel-Lucent, Arbor Networks, Brocade, Cariden Technologies, Cisco Systems, Juniper Networks, Mu Dynamics, NTT America, OSI Hardware, and XKL.Sponsors | |
9:30am - 10:00am | Grand | Long Distance Wireless Network Deployment for Support on the Farallon IslandsThis presentation will address planning and deployment for a 50Km link between the City of San Francisco's fiber network and the Farallon Islands off the coast of San Francisco in support of the scientist on the islands and the California Academy of Sciences project to provide a high quality live streaming camera on site. The presentation will cover the
requirements for a very limited budget and power consumption, issues of remote deployments, long distance microwave links over the ocean, sensitivity to the largest breeding colony the contiguous United States.
<BR><BR>
Additional network topics will be the requirement to support various services on the island via VLANs, fiber deployment to overcome distance and lightning, RF path calculations, "tuning" of the radio modulations schemes to provide the best up-time and remote support of a location that may only be accessible once a month. View full abstract page. | Speakers:
- Matt Peterson, Square Inc.
Matt Peterson leads Site-Ops at Square Inc., a consumer payment start-up in San Francisco. Previously he lead Site-Ops at Meta Interfaces; where help crafted a high availability video streaming service that continues to win high praise. Matt has held career advancing roles from NOC specialist, systems administrator to systems architect. The first non-profit Internet Exchange within San Francisco was co-founded by Matt in mid 2006 - SFMIX. Mr. Peterson's work has been presented at numerous industry conferences, such as APRICOT, SANOG, BSDCon, Defcon, CCC Camp, and 802 Planet. He lives and hacks within the San Francisco Bay Area. - Tim Pozar, Independent
Tim Pozar is a telecommunications consultant specializing in network, VoIP and microwave design and deployment for government and commercial applications. Recently, for 4 years, he was the first investor and VP of Operations of a west coast ISP. He has been an entrepreneur and developer by co-founding a number of companies such as The Little Garden (AS2914) (San Francisco's first ISP), Brightmail (first commercial anti-spam company) and Omniva (digital rights management). Previous to this for 25 years, Pozar was a radio broadcast engineer for commercial and non-commercial radio stations.
| Long Distance Wireless n49(PDF) Long Distance Wireless Network Deployment for Support on the Farallon Islands
|
10:00am - 10:30am | Grand | Inspect Before You Connect - Layer 0 PretroubleshootingJDSU has found that nearly 75% of all network issues have been a simple physical layer problem such as dirty connectors. <BR>
The premise of this session is to learn why fiber connectors are the weakest link in any fiber system and how proper inspection, cleaning and connecting can greatly reduce network degradations and outages. <BR>
<BR>
The session covers: <BR>
• Fiber cleaning best practices<BR>
• Fiber cable types and fiber connectors <BR>
• Making a good fiber connection <BR>
• Inspect Before You Connect process View full abstract page. | Speakers:
- Tyler Vander Ploeg, JDSU
Tyler is the Product Line Manager for JDSU’s Fiber Inspection & Test business unit. His nine years of experience in the fiber optic industry includes managing fiber optic connectivity and test products, authoring white papers and conducting training and education in fiber connectivity and test. He is also involved in several industry groups and committees.
| Inspect Before You Connect - Layer 0 Pretroubleshooting Inspect Before You Connect n49(PDF)
|
10:30am - 11:00am | Italian | Break | Sponsor GoGrid.Sponsor | |
11:00am - 11:30am | Grand | Lightning Talks | Speakers:
- Ondrej Filip, CZ.NIC.
- Michael Sinatra, University of California, Berkeley.
- Todd Underwood, No Affiliation.
| DNSCurve vs DNSSEC n49(PDF) DNSSEC.cz n49(PDF) Lightning Talks Prefixes as Bundles of Probability n49(PDF)
|
11:30am - 12:00pm | Grand | Measuring Access Connectivity Characteristics with NetalyzrNetalyzr (netalyzr.icsi.berkeley.edu) is an edge network debugging and measurement tool. It combines a Java applet and associated Javascript run within the user's browser to perform active measurements to custom servers we operate at ICSI and Amazon EC2. Tests include basic outbound port filtering, NAT detection, native IPv6 capability, hidden HTTP proxies and caches, DNS behavior, fragmentation, latency, bandwidth, and in-network buffering.
<BR><BR>
This talk will discuss how Netalyzr's tests operate and results based on more than 100,000 executions of the tool by users around the world. Among the interesting findings are common DNS and SIP aware network proxies, significant problems with fragmentation (with implications for DNSSEC deployment), chronic edge-network overbuffering, and deliberate DNS
manipulations. View full abstract page. | Speakers:
- Christian Kreibich, ICSI.
- Vern Paxson, ICSI.
- Nicholas Weaver, ISCI
Nicholas Weaver is a researcher at the International Computer Science Institute in Berkeley. His focus is on network security (including worms, bots, and malcode) and network measurement and debugging.
| Measuring Access Connectivity Characteristics with Netalyzr Measuring Access n49(PDF)
|
12:00pm - 12:30pm | Grand | Closing Remarks | Speakers:
- David Meyer, Program Committee Chair, Cisco/UO.
| Closing Remarks
|
|
|