^ Top

NANOG 59 Agenda

All times will be listed in Mountain Standard Time.

**Please Note - Agenda is Subject to Changes as We Get Closer to the Meeting.**

Recordings will NOT be available for Tracks or Peering.

Floor Plan

Sunday, October 6 2013
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
4:00pm - 6:00pmAkimel FoyerRegistration
5:30pm - 6:30pmKave 3Cocktail Hour with Education Class
Monday, October 7 2013
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:00am - 5:00pmAkimel FoyerRegistration
8:00am - 10:30amAkimel Foyer / Mesquite TerraceWelcome RefreshmentsSponsors:
10:00am - 10:15am

Akimel Ballroom 3 & 4Conference OpeningSpeakers:
  • David Temkin, Chair, NANOG Program Committee.
  • Betty Burke, NANOG Executive Director.
  • Ian McClarty, Phoenix NAP
  • Ian McClarty, President Mr. McClarty is an accomplished senior executive with extensive experience in information technology and computer networking. He has a proven track record in relationship building, vendor management, network operations, colocation and datacenter administration, along with project methodology and processes, both at strategic and tactical levels. He has been instrumental in transitioning start-up organizations into highly successful and profitable corporations while maintaining high client satisfaction levels. His strong management and leadership skills are complemented by an ability to motivate and engage all levels of an organization to maximize productivity and drive positive results. He is an excellent communicator with special emphasis on building solid vendor, client and employee relationships. Mr. McClarty holds an MBA from Keller Graduate School of Management, and a BS in Information Technology and a BS in Electronics Engineering Technology both from DeVry Institute of Technology.

  • Derek E. White, Gila River Telecommunications
  • Derek E. White is an enrolled member of the Gila River Indian Community and has spent his profession of over 30 years in the communications industry as an independent contractor, an employee of Gila River Telecommunications, and a Board Director for local and national telecommunications organizations. Derek is currently the General Manager for Gila River Telecommunications and oversees the business operations of approximately 3500 residential and business telephone and broadband/internet access lines. Derek has direct oversight of three Company owned subsidiaries; Native Technology Solutions, Inc., a CPE and low-voltage equipment retailer, installer and service maintenance provider; Alluvion Communications, Inc., a CLEC and SIP/VoIP wholesale service provider, and Gila River Asset Management, Inc., a traditional asset holding company. Derek has a fundamental belief to “grow from within your Community”, with that, he has successfully developed instrumental training programs for Gila River Indian Community members to participate and learn about telecommunications and the low-voltage cabling environments with the eventual expansion of a qualified labor force.
pdfConference Opening(PDF)
youtubeConference Opening
10:15am - 11:00am

Akimel Ballroom 3 & 4Through a PRISM, DarklySpeakers:

  • Mark Rumold, Electronic Frontier Foundation
  • Mark Rumold is a staff attorney at the Electronic Frontier Foundation (EFF), where his work focuses primarily on access to information, government secrecy, and national security issues. As part of EFF's Transparency Project, Mark regularly represents EFF in cases under the federal Freedom of Information Act. Mark represented EFF in the first known victory by a private party in the secret Foreign Intelligence Surveillance Court, and EFF's litigation resulted in the first compelled disclosure of an opinion of that court. As a result of his transparency work, tens of thousands of previously secret government documents have been made available to the public. Mark also represents clients in cases challenging the constitutionality of various aspects of federal surveillance law and government surveillance programs. Mark is a graduate of Northwestern University and the University of California, Berkeley School of Law.
pdfThrough a PRISM, Darkly(PDF)
youtubeThrough a PRISM, Darkly
11:00am - 11:30am

Akimel Ballroom 3 & 4

100G Evolution at Comcast

This talk will focus on the Deployment and evolution experience of a national ultra-longhaul optical transport network from 10G->40G->100G technology.

View full abstract page.

  • Benjamin Vik, Comcast
  • Benjamin Vik has worked as a network engineer for both large and small service providers, allowing him to gain a wide perspective on network deployment; starting at the below ground level(literally) and extending to his current position designing network augments for the Comcast National Backbone. While working for smaller companies, he was exposed to all sides of the business including, but not limited to, Engineering, Operations, Sales, Support, and OSP build outs. His many experiences allow him to engineer designs at a high level, yet keep in mind the processes and needs of the other facets of the business. In 2010, Ben moved away from the “Jack of all Trades” role commonly found in smaller service providers, and settled into the more tightly focused role of Transport Engineer at Lightower. In that position, he was able to refine his skills in designing and implementing optical networks. Ben is currently one of three Principle Transport Engineers on the National Backbone Team at Comcast where he continues to enhance the existing backbone as well as aid in the design of the next generation Comcast Transport Backbone through the use of the latest technologies available from optical vendors.
pdf100G Evolution at Comcast(PDF)
youtube100G Evolution at Comcast
12:00pm - 1:00pmKomatke A,B,CNewcomers LunchSponsors:
12:00pm - 1:00pmAkimel Foyer / Mesquite TerraceWelcome LunchSponsors:
1:00pm - 1:30pm

Akimel Ballroom 3 & 4

Extending SDN into the Transport Network

The growth and evolution in data center virtualization and butt computing has blurred the boundaries between networks and computers. This is causing enterprises and service providers to reexamine the best ways to architect and coordinate their IT infrastructure. Software Defined Networking (SDN) is an emerging architecture that is founded on the principal of separating control plane functions from the data forwarding plane, and enabling direct programmability of flows on packet forwarding hardware systems. Some of the benefits highlighted by the Open Networking Foundation (ONF), founded to promote SDN standards, include: - Programmability of packet systems based on application real-time application requirements for network agility - Centralized Intelligence and a simplified abstraction of the network to higher level systems and applications - Open Standards and Vendor-neutrality While much of the industry focus has been on enabling SDN for packet systems within the data-center, one of the newer focuses of the ONF is extending many of the same concepts of SDN towards the optical transport layers, which include packet, OTN, and WDM transmission technologies. This presentation provides an overview of this effort and its objectives as related to data center interconnection: - Enable programmability of the flexible transport layer and leverage its increasing ability to switch and groom transport bandwidth over optical resources, as well as switch optical capacity - Virtualize transport network resources and support a simple abstraction for provisioning bandwidth services - Simplify, orchestrate, and automate provisioning operations within a multi-vendor, multi-layer, and multi-domain environment - Enable the improvement of overall network resource utilization across multiple network layers

View full abstract page.

  • William Wauford, Infinera
  • Wayne Wauford is the Director, Technical Marketing at Infinera, a leading provider of Intelligent Transport Networks™, where he is responsible for market development and product marketing activities. Mr. Wauford has been an industry leader in IP and optical transport technologies for over 20 years, and has worked for both leading carriers and equipment vendors. Prior to INFINERA, Mr. Wauford held executive engineering and marketing positions at Ciena, Cisco, Bell Communications Research, and Pacific Bell. He holds a degree in Master’s Degree in Electrical Engineering from Caltech as well as an MBA from the University of California, Berkeley.
pdfExtending SDN into the Transport Network (PDF)
youtubeExtending SDN into the Transport Network
1:30pm - 2:00pm

Akimel Ballroom 3 & 4

SDX: A Software Defined Internet Exchange

Deploying software-defined networking (SDN) at Internet Exchange Points (IXPs) offers new hope for solving longstanding problems in interdomain routing. SDN allows direct expression of more flexible policies, and IXPs are central rendezvous points that are in the midst of a rebirth, making them a natural place to start. We present the design of an SDN exchange point (SDX) that enables much more expressive policies than conventional hop-by-hop, destination-based forwarding. ISPs can apply many diverse actions on packets based on multiple header fields, and distant networks can exercise ``remote control'' over packet handling. This flexibility enables applications such as inbound traffic engineering, redirection of traffic to middleboxes, wide-area server load balancing, and blocking of unwanted traffic. Supporting these applications requires effective ways to combine the policies of multiple ISPs. Our SDX controller provides each ISP the abstraction of its own virtual switch and sequentially composes the policies of different ISPs into a single set of rules in the physical switches. Preliminary experiments on our operational SDX demonstrate the potential for changing interdomain routing from the inside out.

View full abstract page.

  • Arpit Gupta
  • Arpit Gupta is currently a first year PhD student at Georgia Tech. At Georgia Tech he works under supervision of Dr. Nick Feamster and is also guided by Dr. Jennifer Rexford, Princeton and Dr. Scott Shenker, UC Berkeley for his SDX project. His research focuses on role of Internet Exchange Points (IXPs) in current Internet and how to improve interdomain routing using SDN. Before joining Georgia Tech, he completed his MS from North Carolina State University and B.Tech from Indian Institute of Technology, Roorkee, India.
pdfSDX: A Software Defined Internet Exchange (PDF)
youtubeSDX: A Software Defined Internet Exchange
2:00pm - 2:30pm

Akimel Ballroom 3 & 4

12 Mbps @ 36,000 ft. Coming attractions in in-flight broadband

Most airlines offer wireless Internet on some or all of their aircraft. In-flight connectivity, which was initially tailored to suit business travelers, has now become part of mainstream. JetBlue recently announced a free WiFi service with 12Mbps to each passenger. This is made possible with a new generation of high capacity Ka-band satellites that fundamentally alter the economics of aeronautical broadband. This talk will cover spot beam satellites, complexities of handoffs, and networking on the ground that are required for providing near-terrestrial performance to passengers.

View full abstract page.

  • Girish Chandran
  • Girish is currently the Chief Technical Officer of the Commercial Networks Segment at ViaSat and was previously VP of Engineering at Newtec America, Amnis Systems and Tiernan Communications. He has lead teams designing multi-service network architectures, satellite ground systems, and multimedia communication products. He has several patents and has published papers in peer reviewed journals and conferences. He has a Ph.D in Electrical Engineering, from the University of California, San Diego.
pdf12 Mbps @ 36,000 ft. Coming attractions in in-flight broadband (PDF)
youtube12 Mbps @ 36,000 ft. Coming attractions in in-flight broadband
2:30pm - 3:00pmAkimel Foyer / Mesquite TerraceBreakSponsors:
3:00pm - 3:30pm

Akimel Ballroom 3 & 4

Passive Detection of Misbehaving Name Servers

In this paper we demonstrate that there are name servers that exhibit IP address flux, a behavior that falls outside the prescribed parameters. We demonstrate this flux in two types of data: passively collected DNS messages and the contents of several large, top-level domains’ official zone files. The community of name server operators has previously indicated that there is no benign use case for such behavior and has attempted to quash it. The continued existence of such behavior is an indicator of malicious name server activity and the inadequacy of attempts to control it.

View full abstract page.

  • Jonathan Spring, Software Engineering Institute (CERT)
  • Jonathan Spring is a member of the technical staff within the CERT(r) Division at Carnegie Mellon University's Software Engineering Institute, a federally-funded research and development center. In addition to his research and analysis role, Jonathan is an adjunct professor at the University of Pittsburgh's School of Information Sciences. He has also co-authored a textbook, "Introduction to Information Security: A Strategic-Based Approach."
pdf Passive Detection of Misbehaving Name Servers(PDF)
youtube Passive Detection of Misbehaving Name Servers
3:30pm - 4:00pm

Akimel Ballroom 3 & 4

Better than Best Practices are Needed to Defeat DNS Amplification Attacks

They aren't making headlines but DNS amplification attacks continue around the world, attackers with modest skill and resources are substantially stressing network infrastructure. In the past attacks on authoritative DNS servers received attention. Now, attacks using DNS resolvers are evolving and Best Practices - preventing address spoofing, and restricting IP ranges that can access resolvers - are no longer effective. The current generation of attacks leverages home gateways that forward DNS queries coming in on their WAN interface, masking the origin of queries when they arrive at a resolver. It's unlikely vulnerable home gateways can be updated anytime soon, so this presentation will describe how log data from DNS resolvers can be used to identify attacks and detail proposals for mitigating them without impacting legitimate DNS traffic.

View full abstract page.

  • Ralf Weber, Nominum
  • Ralf Weber joined Nominum as Senior Infrastructure Architect in January 2010 and is responsible for helping customers to architect and deploy Nominum technology. Prior to joining Nominum he worked at Colt Telecom where he was responsible for their european wide DNS network. He also was on the Technical Advisory Board of DENIC, the worlds largest ccTLD, where he helped bringing DNSSEC to the .de domain. In addition to that he is participating in the IETF and RIPE DNS related working groups, and is an elected Trusted Community Representatives (Backup Recovery Key Share Holder) for the root key management. He lives near Frankfurt with his wife and three kids, which occupy most of his not DNS related free time.
youtubeBetter than Best Practices are Needed to Defeat DNS Amplification Attacks
pdfBetter than Best Practices are Needed...(PDF)
4:00pm - 4:30pm

Akimel Ballroom 3 & 4

Measuring Network Convergence on Production Networks

A blind spot in current IP network monitoring is the actual convergence time of a network after a failure. Monitoring technology today can tell you how the network performs in steady state, not how quickly it becomes usable after a failure. This can be measured, but it is a manual process and is service impacting on a production network. So, if a network operator takes the trouble to do this measurement it is likely only done once or twice or, at best, infrequently. A technique which exercises the signalling and forwarding planes of an IP network to measure the total network response to a routing change will be presented. The process is automated and is not service impacting so the baseline performance of a network can be measured and tracked. The technique can be applied to any routing protocol or combination of protocols so has wide applicability to operators of networks where service levels are critical.

View full abstract page.

  • Laris Benkis, Third Planet Networks
  • Laris Benkis is a network consultant based in Ottawa Canada. His areas of expertise are large-scale service provider network architecture and lawful intercept. He has made significant contributions to the backbone networks of several large Canadian service providers. He is also reputed to be one of the world's worst poker players.
pdfMeasuring Network Convergence on Production Networks (PDF)
youtubeMeasuring Network Convergence on Production Networks
4:30pm - 5:00pm

Akimel Ballroom 3 & 4NANOG Community MeetingSpeakers:
  • NANOG 2013 Board Candidates.
  • NANOG Board of Directors.
pdfNANOG Community Meeting(PDF)
youtubeNANOG Community Meeting
5:00pm - 6:30pm

Akimel Ballroom 3 & 4BCOP - Best Current Operational Practice Speakers:

  • Aaron Hughes, 6connect
  • Aaron brings more than 15 years of experience in the telecommunications industry <BR> <BR> Aaron Hughes is President and CTO at 6connect, Inc specializing in Internet Engineering automation solutions, cooling technologies and distributed managed services with a focus on IPv6. He is also the Chief Network Architect at UnitedLayer bringing more than 15 years of experience in the telecommunications industry and is responsible for network topology planning, design and operations. <BR> <BR> Aaron has also held network and system architecture and Sr. level management roles at Lockheed Martin, Cariden Technologies, Terremark, Certainty Solutions, Quest Technologies, RCN, UltraNet and Channel(1) Communications.

  • Chris Grundemann, CableLabs
  • Chris Grundemann (JNCIE #449) is the author of Day One: Exploring IPv6 and Day One: Advanced IPv6 Configuration, as well as several IETF Internet Drafts and various industry papers. He is the founding Chair of CO ISOC, the Colorado chapter of the Internet Society, a member of the Rocky Mountain IPv6 Task Force (RMv6TF) Board, an elected member of the ARIN Advisory Council (AC), Co-Chair of the UPnP IPv6 Task Force, and a member of the CEA Pv6 Transition Working Group. Chris also maintains a personal weblog aimed primarily towards Internet related posts typically focusing on network operation and design, tech-policy and the future of the Internet. Chris is currently engaged with CableLabs as a Network Architect, focusing on technical leadership and innovation within IP Networking and beyond.
youtubeBCOP - Best Current Operational Practice
5:00pm - 6:30pmKomatke A,B,C

Datacenter Track

A follow on to NANOG 58, the second data center track. Open call for data center personals in the PHX, western US area and a panel discussion with present DC operators on the topic of $TheresSoMuchInterestingStuffInDC's

View full abstract page.

  • Daniel Golding, Iron Mountain
  • Daniel Golding is Vice President of Data Center Operations at Iron Mountain. He has over 20 years of experience in the Internet, datacenter, and critical facilities fields. His experience ranges from financial and organizational to deeply technical. He has held executive positions at RagingWire Data Centers, DH Capital, and Tier 1 Research. In addition, Daniel has significant experience in conference administration and management, including serving as the conference chairman for the Hosting Transformation Summit and the Global Peering Forum, for four years in each case. Daniel has held a wide variety of positions across the Internet infrastructure sector: network engineering and peering; data center operations and engineering; financial and industry analysis; and executive management. Also, uniquely, he possesses strong financial knowledge through work as an investor and banker in the Internet sector. Daniel has also been a sponsor and host of NANOG.
  • Martin Hannigan, Akamai Technologies, Inc..
5:00pm - 6:30pmKave 1 & 2

Research & Education Network Operators Track

This track is for Research and Education network operators, researchers with an operational focus, and others who are interested in R&E networking. This is a follow-on to the informal BoF we had at NANOG 58, and we're continuing to refine and broaden the scope of this track. Current proposed panel discussions include Science DMZ, IPv6 deployment status and challenges at EDUs, and possibly RPKI in the EDU context. This abstract will be updated as additional topics come together.

View full abstract page.

  • Michael Sinatra, ESnet
  • Michael Sinatra is a network engineer with the Energy Sciences Network (ESnet) in Berkeley, CA, where he specializes in DNS, DNSSEC, IPv6 adoption, and scientific and high-performance networking. Prior to ESnet, Michael worked for the central networking group at UC Berkeley for over a decade. He has been interested in DNS for a long time and attempts to make coherent contributions to various BIND and DNS mailing lists and forums
7:00pm - 10:00pmRawhide Western TownSocial
Additional information
Tuesday, October 8 2013
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:00am - 5:00pmAkimel FoyerRegistration
8:30am - 9:30amAkimel Foyer / Mesquite TerracePower BreakfastSponsors:
9:30am - 11:00am

Akimel Ballroom 3 & 4ARIN Public Policy Consultation Track
Additional information
youtubeARIN Public Policy Consultation Track PART 1
9:30am - 11:00amKomatke A,B,C

Tutorial: Multihoming / Traffic Engineering

A tutorial that explains how to manage multiple egress options for your customers' traffic. Should you turn up that additional peer ? How do I manage my new exchange point connection ? How do I manage multiple transit provider ? A discussion with real life configuration and traffic scenarios.

View full abstract page.
  • Andy Davidson, Allegro Networks / LONAP .
pdfMultihoming / Traffic Engineering(PDF)
youtubeMultihoming / Traffic Engineering
9:30am - 11:00amKave 1 & 2

Tutorial: The Nice Thing About Standards...

...is that there are so many to choose from. Looking to implement IPv6? Trying to figure out what transition technologies you might need? We sure do have lots of choices. I'll be talking about how to figure out what your current problems and legacy baggage are, what the transtion technologies are and how to find the least painful solution(s) to your IPv6 rollout.

View full abstract page.

  • Paul Ebersman, Infoblox
  • Paul Ebersman works in the Infoblox IPv6 Center of Excellence as a technical resource, both internally and to the internet community. He first worked on the internet for the Air Force in 1984. He was employee number ten at UUNET and helped build AlterNET and the modem network used by MSN, AOL and Earthlink. He has maintained his roots in the internet and operator community, working for various internet infrastructure companies including ISC and Nominum before coming to Infoblox.
youtubeThe Nice Thing About Standards...
11:00am - 11:30amAkimel Foyer / Mesquite TerraceBreakSponsors:
11:30am - 1:00pm

Akimel Ballroom 3 & 4ARIN Public Policy Consultation Track
Additional information
youtubeARIN Public Policy Consultation Track PART 2
11:30am - 1:00pmKomatke A,B,C

Tutorial: Optical Networks 201

Abstract for Tutorial at NANOG 59 Optical Networking 201 (How to build and scale optical networks)* * Technical detail will be added where red text is in the attached presentation Objective: Describe key options for building efficient optical transport networks. Provide a range of architectural and technology choices at Layer 1, Layer 2 and Layer 3 for starting and growing high bandwidth transport connections. Give an idea about some of the benefit / performance tradeoffs for different approaches at L1 and L2 starting with a point-to-point link and progressing to multiple point-to-point and building to point-to-multipoint links. Topics 100G Interfaces and Technology Media Conversion at 10G and 100G Distance Extension WDM Approaches ITU Grid ROADM Technology Transponders and Muxponders Multiplexing at L1 Multiplexing at L2 Amplification Space & Power Testing & Turn up Performance Monitoring Disaggregation & Tethering Lit Services vs Dark Fiber Decision Tree

View full abstract page.

  • Sergiu Rotenstein, MRV
  • Sergiu Rotenstein Director, Product Line Management responsible for MRV’s Optical Transport solutions. A seasoned executive with extensive background in R&D, product management and marketing. During my career I created and marketed products with unique market position that generated new trends in the industry. Strengths include market vision, matched by product definitions, development and market, based on a close relationship with the customers
youtubeOptical Networks 201
11:30am - 1:00pmKave 1 & 2

Tutorial: Troubleshooting with Traceroute

An in-depth analysis of how to troubleshoot networking issues with Traceroute.

View full abstract page.

  • Richard Steenbergen, GTT
  • Richard Steenbergen currently serves as the Chief Technology Officer of GTT, a global IP/MPLS backbone in over 80 countries. Prior to GTT, Richard was the founder and CTO of nLayer Communications, a Senior Network Engineer for other very large NSPs, and a Senior Software Engineer developing advanced optimized routing technologies. Richard has many years of practical experience operating and managing large networks, and is a frequent contributor in many popular networking community forums. He is also an active developer for several tools and software packages used by the network operator community. Some notable projects include PeeringDB, a portal used by many networks to help coordinate their peering activities, and IRR PowerTools, a software package used by many ISPs to maintain their IRR-based BGP prefix lists.
pdfTroubleshooting with Traceroute(PDF)
youtubeTroubleshooting with Traceroute
1:00pm - 2:30pm Lunch - On your Own
2:30pm - 3:15pm

Akimel Ballroom 3 & 4

Datacenter Networking @ Facebook

At Facebook, we are faced with many scale related challenges, such as traffic growth and configuration management. In this session, we'll explore our datacenter network designs of the past, today, and what we're working on. We'll also look at how we manage these devices at scale -- in terms of monitoring, fault remediation, and keeping the environment's configuration consistent all the way down to our top-of-rack switches.

View full abstract page.

  • David Swafford, Facebook
  • David Swafford is a Network Engineer at Facebook, who focuses on software tooling for the datacenter and works alongside a great team of engineers responsible for FB's production network. Previously, his background was in network engineering in the enterprise and academic space. He entered the world of networking early on after being inspired by his first use of dial-up Internet in '96. Outside of the computer / network world, he loves to cook and stay active with his always-hyper Australian Shepard, Cocoa.
pdfDatacenter Networking @ Facebook(PDF)
youtubeDatacenter Networking @ Facebook
3:15pm - 4:00pmAkimel Ballroom 3 & 4IP Reputation, good bad, worse and the uglySpeakers:

  • Mike O'Reirdan, MAAWG
  • Mike O’Reirdan is an Engineering Fellow at Comcast. He has been involved with the design and operation of large-scale highly available public facing IT systems since 1990. Currently focused on security issues, Mike was responsible for the architecture of the current Comcast anti-spam platform and the architecture of the Comcast anti-bot service, Constant Guard. Mike is one of the co-authors of the IETF RFC on bot remediation, RFC 6561 and a member of the FCC Communications Security, Reliability, and Interoperability Council (CSRIC) serving on Working Group 5 addressing the issue of DDOS attacks.
4:00pm - 4:30pmAkimel Foyer / Mesquite TerraceBreakSponsors:
4:30pm - 5:00pm

Akimel Ballroom 3 & 4

DHCPv6 Fingerprinting and BYOD

The recent flood of personal mobile devices into the enterprise network environment (i.e., the "BYOD" phenomenon) has created an immense new security and access control challenge for corporate networks. Representing one potential component of the broad solution required for such a challenge, DHCP fingerprinting appears to be a valuable mechanism for allowing the automation of security policy instantiation and regulating network access based on client type. But DHCP fingerprinting for IPv6 must overcome some key challenges before providing the opportunity for security and access control feature parity. This presentation will review those challenges and the likely future of this potentially critical feature.

View full abstract page.

  • Tom Coffeen, Infoblox
  • Tom Coffeen is the Chief IPv6 Evangelist at Infoblox. Tom is focused on the articulation of effective IPv6 adoption strategies and trends for customers, potential customers, and the public media. Prior to joining Infoblox, Tom was the VP of network architecture at the global CDN Limelight Networks where he led their deployment of IPv6. Tom brings sixteen years of network engineering and architecture experience to his role at Infoblox.
pdf DHCPv6 Fingerprinting and BYOD (PDF)
youtube DHCPv6 Fingerprinting and BYOD
5:00pm - 5:40pm

Akimel Ballroom 3 & 4

Offensive Anti-Botnet - So you want to take over a botnet...

Computer criminals regularly construct large distributed attack networks comprised of many thousands of compromised computers around the globe. Once constituted, these attack networks are used to perform computer crimes, creating yet other sets of victims of secondary computer crimes, such as denial of service attacks, spam delivery, theft of personal and financial information for performing fraud, exfiltration of proprietary information for competitive advantage (industrial espionage), etc. The arms race between criminal actors who create and operate botnets and the computer security industry and research community who are actively trying to take these botnets down is escalating in aggressiveness. As the sophistication level of botnet engineering and operations increases, so does the demand on reverse engineering, understanding weaknesses in design that can be exploited on the defensive (or counter-offensive) side, and the possibility that actions to take down or eradicate the botnet may cause unintended consequences. This talk will look at some of the motivations for taking aggressive "self-defense" actions, the ethical issues that are involved and how to think about them, examine some recent botnet takedown actions and their side-effects, and provide personal opinions on how the security research and operations communities should consider on the path forward.

View full abstract page.

  • David Dittrich, University of Washington
  • Dave Dittrich is an Affiliated Research Scientist with the Office of the Chief Information Security Officer at the University of Washington. He has been involved in investigating and countering computer crimes going back to the late-1990s. Dave was the first person to describe the technical details of DDoS attack tools in 1999, was an early researcher into bots and botnets, and one of the first to study P2P for botnet command and control. Dave has pushed the limits, but he tries to do it in a way that is ethically defensible. He has written extensively on ethics and the "Active Response Continuum," serves on one of the UW's Institutional Review Boards evaluating human subjects research, and he and Erin Kenneally recently co-authored the Department of Homeland Security document, "The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research."
pdfOffensive Anti-Botnet - So you want to take over a botnet... (PDF)
youtubeOffensive Anti-Botnet - So you want to take over a botnet...
5:40pm - 6:00pm

Akimel Ballroom 3 & 4Lightning TalksyoutubeLightning Talks
pdfLightning Talks - Doing Better Than SNMP(PDF)
pdfLightning Talks - Facebook and the GFW of China(PDF)
6:00pm - 8:00pmKomatke D-GBeer 'n GearSponsors:
8:00pm - 11:00pmKomatke Patio - OnsiteSocialSponsors:
Wednesday, October 9 2013
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:00am - 6:00pmAkimel FoyerRegistration
8:30am - 9:30amKomatke A,B,CMembers Breakfast
8:30am - 9:30amAkimel Foyer / Mesquite TerracePower BreakfastSponsors:
9:30am - 10:30am

Akimel Ballroom 3 & 4

Scaling the Public Edge: Approaches to Application Load Balancing

Nearly every public website and application today scales beyond a single web server, and the techniques for scaling websites and other applications on the public Internet vary far and wide, and often change as sites approach “Internet scale.” In this panel discussion, we will discuss various operators’ and vendors’ approaches and challenges to load balancing large-scale web sites/apps, both at the network and service level, and how increasing growth and new technologies have guided their scaling models and strategies. Sample panel questions: How has your site’s load balancing needs changed at various points of scale? What systems or solutions have proven to navigate these changes with adjustments, and what approaches required a complete overhaul? What systems or solutions have proven to be the most scalable and manageable? What features are you seeing as missing from current solutions in the market today? What pros and cons of appliance-based vs. virtualized vs open-source load balancing solutions have you encountered? What automation challenges have you encountered and what solutions have you adopted? Technologies in the discussion scope will include: Layer 7 (proxy-based) vs. Layer 4 (NAT-based) load balancing, “inline” vs. DSR High Availability methods: Active/Standby, Active/Active, N+1 clustering Load sharing and failover with multiple VIPs: DNS round-robin, IP route injection, ECMP/anycast approaches Commercial versus open source solutions Appliance vs software vs. virtualized solutions

View full abstract page.

  • Chris Woodfield, Twitter
  • Chris has been with Twitter since 2011, where he manages the site’s public edge architecture. Prior to Twitter, Chris held positions at Yahoo! and at Internap, where he managed load balancing infrastructure as well as CDN architecture. He has been a NANOG participant since 2006.

  • Leslie Carr, Wikimedia Foundation
  • Leslie has been with Wikimedia since 2011. She is in charge of the network from the edge to the core, and builds automation so she can lie on the beach with a good book. Leslie has previously worked at Twitter, Craigslist, and Google.

  • Jamie Dahl, Yahoo!
  • Jamie has been working with Load Balancing going all the way back to his days at AT&T Webhosting. Currently he works for Yahoo as Manager of Networking and spending a large amount of his time working with various Yahoo properties and their load balancing needs as well as being responsible for capacity management and modeling of the Yahoo LB infrastructure. On top of that Jamie is the product owner of the automation system for Yahoo!'s load balancing environment working to achieve greater efficiencies of his direct's time.

  • Sridhar Devarapalli, Citrix
  • Sridhar manages product roadmap and strategy for the NetScaler ADC product line at Citrix. He has several years of experience in the design and architecture of load balancers at Foundry Networks and later on, at Brocade Communications. Sridhar joined Citrix from his most recent stint at Big Switch Networks, where he was instrumental in defining the product strategy of Big Switch's SDN based network virtualization and networking monitoring products. At Citrix, Sridhar contributes to NetScaler's SDN vision and roadmap and is responsible for product strategy for NetScaler's multi-tenant hardware appliances as well as virtual appliances.

  • Mike Thompson, A10 Networks
  • Mike manages Cloud, Security and Enterprise technologies for A10 Networks. He is part of A10’s Security Response Team and is a developer on A10’s OpenStack initiatives. His career started in 1996 with Bell Atlantic. He has spent most of his career working with networking, application delivery, security and automation technologies. He has worked for F5, Citrix and INS/BT. Mike is crazy for Python, likes Ruby, and has developed in Perl, PHP, C#, C++ and C.
pdfScaling the Public Edge: Approaches to Application Load Balancing(PDF)
youtubeScaling the Public Edge: Approaches to Application Load Balancing
10:30am - 11:00am

Akimel Ballroom 3 & 4

DOCSIS 3.1 High Level Overview

This presentation will give a high level overview of the new technologies being defined in the upcoming DOCSIS 3.1 specification. Starting from the overall requirements and business goals, the presentation will describe the technical direction of this next stage of evolution in DOCSIS access networks. It will touch upon the PHY layer where new technologies such as Orthogonal Frequency Division Multiplexing (OFDM) and new LDPC Forward Error Correction have been chosen. The DOCSIS 3.1 MAC layer has been updated in order to accommodate all the underlying changes in the PHY technology and also introduces other new features. The talk will cover some of the benefits of the choices made at both the PHY and MAC layer. It will also touch upon the evolution of the DOCSIS network architecture to accommodate the new DOCSIS 3.1 devices in the near future.

View full abstract page.

  • Karthik Sundaresan, CableLabs
  • Karthik Sundaresan is a Lead Architect at CableLabs, and is responsible for the development and architecture of cable access network technologies. He is the technical lead and contributor to various DOCSIS technology specifications and has focused on MAC layer protocols, Quality of Service, IP Multicast, IPv6, eDOCSIS, eRouter, L2VPN, and Modular Headend Architectures. He is also involved in the development of the DOCSIS® Provisioning of EPON (DPoE™) Specifications. Previously, he worked with Conexant Systems developing hardware designs for MPEG encoders, analog video decoders and DOCSIS cable modem chips. He also worked with Carrier Access Corp developing embedded software for next-generation IP/Telecom networking equipment. Karthik holds a Bachelor of Engineering and a Master of Science in Electrical Engineering from the University of Colorado, Boulder, and also holds (ISC2) CISSP certifications. He is the past Chair of the IEEE Communications Society, Denver Chapter.
pdfDOCSIS 3.1 High Level Overview(PDF)
youtubeDOCSIS 3.1 High Level Overview
11:00am - 11:30amAkimel Foyer / Mesquite TerraceBreakSponsors:
11:30am - 12:00pm

Akimel Ballroom 3 & 4

Who are the Anycasters?

In this talk, we describe two techniques which employ traceroutes and BGP data to identify which prefixes in the global routing table are "anycasted", or put more precisely, are announced from more than one place on Earth. Having identified several hundred prefixes, we take a look at which ASNs announce the most anycasted prefixes and what are some interesting anycasted prefixes. Many of the same techniques used to study BGP route hijacks also expose interesting data about legitimately anycasted prefixes.

View full abstract page.
  • Jim Cowie, Renesys.
pdfWho are the Anycasters?(PDF)
youtubeWho are the Anycasters?
12:00pm - 12:45pm

Akimel Ballroom 3 & 4

Understanding Wireless Interference

Interference is an unavoidable reality and a bane of wireless communication systems. In most wireless environments, loss of performance is attributed to RF interference. Even though wireless is the dominant form of Internet access today, there is a lack of adequate tools to understand this interference phenomenon. Hence when a user complains --- "My Skype call from my personal laptop was interrupted multiple times" --- the administrator cannot answer why. What is worse is that many of these causes are not repeatable. So by the time the administrator arrives with sophisticated analyzers, the problem is long gone. In this talk, we will describe a comprehensive methodology and a toolkit that provides a real-time and efficient view of wireless interference as and when they occur. Using WiFi systems as examples, we describe our experience in building this toolkit, deploying them in various locations, and lessons learnt in understanding wireless interference. Our system has been deployed in multilocations in Madison, WI, for more than one year now and in this talk we would present some detailed view of wireless activities and interference patterns observed.

View full abstract page.

  • Suman Banerjee, UW-Madison
  • Suman Banerjee is an Associate Professor in Computer Sciences at UW-Madison. He received his undergraduate degree from IIT Kanpur, and MS and PhD degrees from the University of Maryland. He is a recipient of the NSF Career Award. He is the founding director of the WiNGS laboratory at UW-Madison. His research interest is broadly in networking and distributed systems, and his focus in recent years have been in different aspects of mobile and wireless sytems. He is the inaugural recipient of the ACM SIGMOBILE Rockstar award for early career achievements in the field. He is currently serving as the Chair of ACM SIGMOBILE.
youtubeUnderstanding Wireless Interference
12:45pm - 1:00pm

Akimel Ballroom 3 & 4Xbox One: IPv6, Teredo, and IPsecSpeakers:

  • Christopher Palmer, Microsoft
  • I’m Christopher Palmer, a Program Manager in Operating System Group. I work on client networking behavior and APIs – with a particular focus on IPv6 and associated technologies. Playing Xbox and cello take up most of my free time.
pdfXbox One: IPv6, Teredo, and IPsec(PDF)
youtubeXbox One: IPv6, Teredo, and IPsec
1:00pm - 2:30pm Lunch - On your Own
2:30pm - 3:00pm

Akimel Ballroom 3 & 4

ARP Mitigation at AMS-IX

Previous work on OpenFlow has either been theoretical in nature, or examined the replacement of an entire network infrastructure with SDN and OpenFlow. At AMS-IX we are taking a more pragmatic approach. We looked at how OpenFlow can be integrated into our existing network in order to solve practical use cases. This presentation outlines our research on mitigating ARP broadcast traffic on the AMS-IX ISP Peering VLAN, and offers suggestions for operators and vendors on how to effectively implement OpenFlow in existing network environments.

View full abstract page.
  • Martin Pels, AMS-IX.
pdfARP Mitigation at AMS-IX (PDF)
youtubeARP Mitigation at AMS-IX
3:00pm - 3:30pm

Akimel Ballroom 3 & 4

Q&A with Ladar Levison

Lavabit received media attention in July 2013 when it was revealed that Edward Snowden was using the Lavabit email address [email protected] to invite human rights lawyers and activists to a press conference during his confinement at Sheremetyevo International Airport in Moscow. While many of the details of the Lavabit 'case' are restricted from being presented, in this session Ladar Levison will answer questions about the events that led to him closing the doors at Lavabit on August 8, 2013 and what has happened since then. This will be Ladar's first ever public appearance since these events took place, making this a special opportunity to ask him your questions as well.

View full abstract page.
youtubeQ&A with Ladar Levison
3:30pm - 4:00pm

Akimel Ballroom 3 & 4NANOG Community Election ResultsSpeakers:
  • Betty Burke, NANOG Executive Director.
pdfNANOG Community Election Results(PDF)
youtubeNANOG Community Election Results
4:00pm - 4:30pmAkimel Foyer / Mesquite TerraceBreakSponsors:
4:30pm - 6:00pmKomatke DPeering
6:00pm - 7:00pmAkimel Patio - OnsiteARIN Social
Additional information
7:00pm - 10:30pmBondurant School of High Performance DrivingGPF 8.5 – Karting at Bonduran
Additional information


^ Back to Top