NANOG 69 Agenda
Sunday, February 5 2017
| Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
|---|
| 4:00pm - 6:00pm | Independence Foyer (5B Level) | Registration | | |
Monday, February 6 2017
| Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
|---|
| 8:00am - 10:30am | Constitution Ballroom (3B Level) | Extended Breakfast | Sponsors:
| |
| 8:30am - 5:00pm | Independence Foyer (5B Level) | Registration | | |
10:00am - 10:30am
| Independence Ballroom A (5B Level) | Conference Opening | Speakers:
- L Sean Kennedy, XO Communications
L Sean Kennedy is an active member of the Internet Engineering community and a Director of Network Engineering at XO Communications. He has been a member of the NANOG Program Committee since 2013. - Bob Leitner, Verizon.
- John Souter, London Internet Exchange.
- David Temkin, Netflix
Dave Temkin is the Director of Global Networks for Netflix. Having been hired to build the Open Connect CDN, he is responsible for all network architecture and strategy as well as the operations fo the Netflix network (AS2906). Before Netflix, he was at Yahoo!, where he focused on Layer 4-7 network architecture, having been brought in through the successful acquisition of Right Media where he was the Global Head of Networks.
In his spare time he enjoys travel and philanthropy - both through volunteering at technical organizations such as NANOG, where he is vice chair, Open-IX, where he is the chairman and co-founder and FL-IX, where he is also chairman and cofounder, as well as on the board of Children of Bellevue.
|  Conference Opening(PDF)
 Conference Opening
|
10:30am - 11:15am
| Independence Ballroom A (5B Level) | Keynote: How International Politics Has Come to CyberspaceDr. Catherine Lotrionte
Over the past two decades, governments and non-state actors have become increasingly sophisticated in their attacks on the digital systems that states depend on for essential services, economic prosperity and security. Such breaches have threatened critical infrastructure, intellectual property, privacy of users’ data, important national security information and government personnel data. Because of the advances in technology and the increasing dependency on cyberspace, the issue of cybersecurity and the need for rules and common approaches to it are becoming an increasingly important issue. Today, governments and non-state actors are utilizing cyberspace to act out their geopolitical differences and to promote their political objectives. This talk will discuss the international political “playbook” that is only beginning to emerge among states with international and national discussions about cyber attacks and how to respond to them.
View full abstract page. | Speakers:
- Catherine Lotrionte, Georgetown University
Dr. Catherine Lotrionte is the Director of the CyberProject in the School of Foreign Service at Georgetown University, where she teaches and writes on international and national security law, international affairs and technology. At Georgetown she founded the CyberProject in 2008, focusing on the role of international and domestic law in recent and emerging developments in the proliferation of weapons, technology and threats.
| Keynote: How International Politics Has Come to Cyberspace(PDF)
Keynote: How International Politics Has Come to Cyberspace
|
11:15am - 12:00pm
| Independence Ballroom A (5B Level) | Panel: The Career Path of a Network ProfessionalDuring this panel I will be introducing various network professionals from the NANOG Community. Each will provide a brief overview of their career path, highlighting any specific education choices or job opportunities which led them to where they are now.
The job market in this industry is very different now than when we were starting out, as we helped shape the Internet industry during our time. We've spoken about bringing in the next generation, and that it's daunting for them and hard to find that first griphold to get started. The purpose of the panel is to help newcomers into the industry understand the various career trajectories, hopefully giving them insight into how they should plan their own growth as a network operator, engineer, or related professional.
View full abstract page. | Moderators:
- Dani Roisman, SoftLayer Technologies & NANOG Program Committee Vice Chair
Dani Roisman is currently the VP of Network Operations at SoftLayer Technologies (merged with The Planet Internet Services in Nov 2010), where he oversees the teams that run the network supporting over 80,000 managed servers across 11 datacenters. Prior to SoftLayer/The Planet, he was the Senior Network Architect and Network Engineering Team Lead at Peak Web Consulting, and prior to that Director of Network Engineering and Facilities Architecture at Sony Online Entertainment. Dani has specialized in large content datacenters and networks, with a focus on peering and multi-homing to reduce costs, improve customer negotiating stance, as well as increased network capacity, performance, and fault-tolerance. His network design and implementation accomplishments include massively-multiplayer games (EverQuest, Star Wars Galaxies, and PlanetSide) and social networking deployments hosting over 5,000 servers across 9 datacenters with Internet bandwidth capacities reaching 250Gbps.
Speakers:
- Anna Claiborne.
- Kobi Hsu.
- Jared Mauch, NTT America
Jared Mauch works for NTT Communications Global IP Network in the Network Architecture and Development team. He has been active in network abuse and mitigation and won the J.D. Falk award for his work on the OpenResolverProject and other related works. He continues to work on routing and infrastructure security with an interest in the social and business reasons behind malicious actors.
- Kat Parsons.
- Jason Schiller, Google.
- Dave Siegel, Level 3 Communications.
- Andree Toonk.
| Panel: The Career Path of a Network Professional(PDF)
Panel: The Career Path of a Network Professional
|
| 12:00pm - 1:30pm | Constitution Ballroom, CDE (3B Level) | Newcomers Lunch | Sponsors:
| |
| 12:00pm - 1:30pm | Constitution Ballroom, AB (3B Level) | Welcome Lunch | Sponsors:
| |
1:30pm - 2:00pm
| Independence Ballroom A (5B Level) | PCH 2016 Survey of Interconnection AgreementsPacket Clearing House polled Network Operators in 2016 for information on their Interconnection relationships and the agreements covering that traffic exchange. This presentation details the results of that survey and compares the results to PCH's first comprehensive survey conducted in 2011.
View full abstract page. | Speakers:
- Bill Woodcock, Packet Clearing House
Bill Woodcock is the Executive Director of Packet Clearing House, the international non-governmental organization that builds and supports critical Internet infrastructure, including Internet exchange points and the core of the domain name system. Since entering the Internet industry in 1985, Bill has supported or helped establish more than two hundred Internet exchange points; was one of the developers of the anycast routing technique that now protects the domain name system; was one of the principal drivers of California 17538.4, the world's first anti-spam legislation; and was principal author of the Multicast DNS and Operator Requirements of Infrastructure Management Methods IETF drafts. He co-founded INOC-DBA, the security-coordination hotline system that interconnects the network operations centers of more than eighteen hundred ISPs around the world. And in 2007, Bill was one of the two NSP-Sec international liaisons in the Estonian CERT during the Russian cyber-attack.
| PCH 2016 Survey of Interconnection Agreements(PDF)
PCH 2016 Survey of Interconnection Agreements
|
2:00pm - 2:30pm
| Independence Ballroom A (5B Level) | An Internet-Wide Analysis of Traffic PolicingAbstract: Large flows like videos consume significant bandwidth. Some ISPs actively manage these high volume flows with techniques like policing, which enforces a flow rate by dropping excess traffic. While the existence of policing is well known, our contribution is an Internet-wide study quantifying its prevalence and impact on video quality metrics. We developed a heuristic to identify policing from server-side traces and built a pipeline to deploy it at scale on traces from a large online content provider, collected from hundreds of servers worldwide. Using a dataset of 270 billion packets served to 28,400 client ASes, we find that, depending on region, up to 7% of loss transfers are policed. Loss rates are on average six times higher when a trace is policed, and it impacts video playback quality. We show that alternatives to policing, like pacing and shaping, can achieve traffic management goals while avoiding the deleterious effects of policing.
Notes:
We originally presented the research results at SIGCOMM 2016. The plan for NANOG is to extend the talk to include recent efforts at Google to better deal with negative side effects of policing.
View full abstract page. | Speakers:
- Tobias Flach, Google
Tobias is a software engineer at Google primarily working on internet and datacenter telemetry. Prior to joining Google, Tobias pursued his Ph.D. degree at the University of Southern California under the supervision of Professors Ramesh Govindan and Ethan Katz-Bassett. His thesis focused on "Detecting and mitigating root causes for slow Web transfers" which includes a variety of internet measurement studies and proposals to improve network performance.
| An Internet-Wide Analysis of Traffic Policing(PDF)
An Internet-Wide Analysis of Traffic Policing
|
2:30pm - 3:00pm
| Independence Ballroom A (5B Level) | NAT64/DNS64 experimentsMore and more ISPs are deploying NAT64/DNS64. As with any new technology there is always the fear that "something" will go wrong. Both on the ISP's side (customers who can't reach website X) and on the content side (users from ISP Y can't visit our site).
Happy eyeballs hides many problems on dual-stack clients, but clients behind NAT64 don't have that "luxury". This talk looks into problems that occur and how ISPs could work around them. It also introduces a tool (nat64check.org) for seeing how websites behave when visited from different kinds of networks.
View full abstract page. | Speakers:
- Sander Steffann, SJM Steffann
Sander Steffann is an IPv6 specialist who has been helping service providers and enterprises to implement IPv6. When finding something that makes implementing IPv6 more difficult than it needs to be he usually works with the community to solve it. That way he became the (co-) author of an IPv6 Addressing Plan manual, RIPE 501, RIPE 554, RIPE 631, RFC 7059, RFC 7756 and DHCPKit. He is also a co-chair of the RIPE Address Policy Working Group.
| NAT64/DNS64 experiments(PDF)
NAT64/DNS64 experiments
|
3:00pm - 3:30pm
| Independence Ballroom A (5B Level) | On Quantitative Network EfficiencyFor a service provider, or any enterprise with substantial network infrastructure, achieving a high network efficiency is often a noble goal or even an important KPI. While the term “network efficiency” has been used widely, for different organizations it could mean totally different objectives. In this talk, we try to define and quantify three different aspects of the so-called network efficiency and then discuss the implications and interworking between these objectives, from both organizational, financial and technical perspectives. We propose a novel approach in packet-optical networking to achieve the ultimate capacity efficiency, and also discuss the potential significant impact of recent control plane innovation such as SDN on this subject.
View full abstract page. | Speakers:
- Walter Chen, Sprint
Walter Chen has been with Sprint for 16 years and is currently a Network Planner IV in IP Engineering department. He had been responsible for SprintLink IP core network strategies, architecture, capacity forecast and planning since 2006, and has the similar responsibility for Sprint’s Next Generation Wireless WAN core network. He is also responsible for the Sprint wireline IP network capital unit cost models, and also participated in formulating the unit cost model for the optical transport networks. At Sprint, he introduced more rigorous numerical methodology into core network capacity forecasting and planning, used network simulation tools such as Cariden/Cisco MATE and WANDL/Juniper IPMPLSView in both network topology optimization and green-field network design and modeling work.
Walter holds a PhD in Astrophysics from The Johns Hopkins University, and worked at NASA Goddard Space Flight Center before joining the telecom industry in 1999.
| On Quantitative Network Efficiency(PDF)
On Quantitative Network Efficiency
|
| 3:30pm - 4:00pm | Independence Foyer (5B Level) | Break | Sponsors:
| |
4:00pm - 5:30pm
| Independence Ballroom I-F (5B Level) | Network Automation at scale: up and running in 60 minutesIn this tutorial we will see how easy is today to implement the automation methodologies in our multi-vendor networks, no matter the size! We will see how to install the tools, setup the environment and then use.
Without diving into the programability level, we will focus mainly on the usability and how network engineers can achieve the goals of network automation without getting lost in complex systems, programming languages, encryption systems, databases etc.
Prerequisites for the attendees:
- a computer
- one or more VM(s) from their favourite vendor(s)
- very basic knowledge of the Python Virtual Environments: http://docs.python-guide.org/en/latest/dev/virtualenvs/
- very basic understanding of Jinja: http://jinja.pocoo.org/docs/dev/templates/
- understanding of YAML: http://www.yaml.org/start.html
View full abstract page. | Speakers:
- Jerome Fleury, CloudFlare.
- Mircea Ulinic, CloudFlare, Inc.
Mircea works as network engineer for Cloudflare, spending most of his time writing code for network automation. Sometimes he likes to talk about the stuff he's working on and how automation really helps to maintain reliable, stable and self-resilient one of the biggest global networks.
Previously, he was involved in research and later worked for EPFL in Switzerland and an European service provider based in France.
Besides networking, he has a strong passion for radio communications (especially mobile networks), mathematics and physics.
| Network Automation at scale: up and running in 60 minutes(PDF)
Network Automation at scale: up and running in 60 minutes
|
| 4:00pm - 5:30pm | Independence Ballroom A (5B Level) | Security TrackSubject: Embedded devices (aka IoT) as a community problem
Abstract: This track will focus on the volatility on the Internet caused by embedded devices of all shapes and forms.
While the danger was discussed a number of times in the past under different forums, it appears we have not done sufficient work in this space, as recently illustrated by the Mirai botnet.
The panel aims to discuss the following topics:
1. Ongoing issues with embedded devices - CPE, IoT, etc.
- Lack of adequate best practices
- Poor vendor response
2. In the context of Mirai:
- Numbers of devices which can be infected?
- Number of parallel botnets?
- Size of those botnets?
- How many forks exist of the source code?
3. What are the security vendors doing to improve this situation? Do we see discrepancies in the responses between different vendors?
4. What are the service providers doing?
5. What should be the government/regulators involvement?
View full abstract page. | Speakers:
- Tim April.
- Christian Dawson, i2Coalition
Christian Dawson is the Co-Founder of the Internet Infrastructure Coalition (i2Coalition) where he works to make the Internet a better, safer place for the businesses that make up the Cloud. Dawson spent 16 years as an executive at web hosting provider ServInt. While there, he co-founded the Save Hosting initiative, designed to galvanize web hosting providers in their opposition of PIPA & SOPA. He went on to help found the i2Coalition to ensure that those who build the infrastructure of the Internet have a voice in all matters of public policy that affect them. He is a staunch advocate for Internet freedom as a tool for social and economic growth by fostering the growth and expansion of the Internet economy. Dawson served as the Chairman of the i2Coalition Board from 2012 to 2016. As of January 2016 Dawson has joined the i2Coalition in a full time position as its first Executive Director. - Paul Ebersman, Comcast
Paul Ebersman has been involved with NANOG to varying degrees since the late 90s and has been working with TCP/IP networks since the mid 80s. Paul Ebersman works for Comcast as a DNS architect and as a technical resource, both internally and to the internet community. He first worked on the internet for the Air Force in 1984. He was employee number ten at UUNET and helped build AlterNET and the modem network used by MSN, AOL and Earthlink. He has maintained his roots in the internet and the open source community, working for various internet infrastructure companies including ISC and Nominum before coming to Comcast. - Allan Friedman.
- Jesse Sowell.
- Krassimir Tzvetanov, Fastly
Over the past 7 years I worked on abuse/DDoS mitigation Yahoo! and Cisco. At Cisco I also provided consulting for a number of customers on security issues (including DDoS and threat intelligence related to it). Currently at A10 I focus on threat intelligence and product development for security products, as well as serve as high tier escalation point for high profile customers. I have presented at a number of conference on security and DDoS topics. I have ran or co-ran 3 Security Tracks at NANOG so far and I would like to see it have more security content, which I can both arrange for and deliver. I have desire to build a full day security focused track and I can recruit the presenters and deliver the content. More details about my work history can be found on my LinkedIn profile. - Ron Winward, Radware
Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.
| Security Track(PDF)
|
| 6:30pm - 11:00pm | Penn Social | Social Event801 E St NW, Washington, DC 20004
View full abstract page.
Additional information | Sponsors:
| |
Tuesday, February 7 2017
| Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
|---|
| 8:00am - 10:30am | Constitution Ballroom (3B Level) | Breakfast & Break | Sponsors:
| |
| 8:30am - 5:00pm | Independence Foyer (5B Level) | Registration | | |
| 9:00am - 10:00am | Declaration AB (1B Level) | Members Breakfast (Invitation Only) | | |
10:00am - 11:00am
| Independence Ballroom A (5B Level) | Mirai: Inside of an IoT Botnet2016 was a game changing year in DDoS due to the public release of the Mirai botnet code. Mirai has lead the headlines with its notable attacks and ease of modification. This presentation will discuss the technical details of the Mirai botnet and its stock attacks, how it replicates and how it is controlled. We’ll also explore how it can be modified, including such examples as the TR064 infection vector and more recently an addition of a Domain Generation Algorithm (DGA). Finally, we'll review how network operators can track its activity in real-time.
View full abstract page. | Speakers:
- Ron Winward, Radware
Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.
| Mirai: Inside of an IoT Botnet(PDF)
Mirai: Inside of an IoT Botnet
|
11:00am - 11:30am
| Independence Ballroom A (5B Level) | Optics Evolution and Challenge for Router InterfaceOptics Evolution and Challenge for Router Interface
NANOG 69 Talk
February 6-8, 2017
Samuel Liu
Director, Product Line Management,
IP and Optical Networks, Nokia
[email protected]
Cell Phone: 510 449 1566
Abstract
This talk will focus on the market dynamics and technical tradeoff discussion on higher density 100G and greater than 100G router optics interface. The market is still not driving to convergence even though 100G has been around for 4 years. After the QSFP28 vs. CFP4 battle settled, the networking industry has degenerated to two orthogonal directions: beyond 100G data rate modules and higher density 100G modules. Naturally the industry can move to 200G, but the majority of the market is moving to 400G instead. There are two different approaches for 400G in the foreseeable future: CFP8 for short term and QSFP56-DD or other smaller form factor such as OSFP for midterm. For even higher density with 400G or beyond 400G, on board optics design using Silicon Photonics becomes a potential option.
In the mean time, bigger 100G densities on the router is emerging as a new requirement since more customers believe that 100G will become the new 10G. In other words, 100G will stay in the market for a long time. One approach is to drive 100G SFP, which can push router 100G front panel density higher than QSFP28. The other approach is to use QSFP-DD /OSFP/ CFP8 to drive Nx100G break out through a MPO cable. This approach can double to quadruple QSFP28 based 100G density for the router but is full of challenges. We will address all of this in the presentation.
View full abstract page. | Speakers:
- Samuel Liu, Nokia
Dr. Samuel Liu is a Director of Product Line Management in Nokia, ION Business Group, managing a new router product line and working on optics and integrated DWDM strategy/roadmap across all router product families. Previously, he was a Director of PLM in Juniper Networks, responsible for a core router product line. Dr. Liu pioneered 100G coherent packet optical products for core and edge routers in Juniper. He has been working in Networking/Telecom industry for 20 years. Before Juniper, he held different PLM/marketing/planning, engineering management positions at Huawei USA, Tellabs and several start-up companies. He received his Ph.D. in electrical engineering at Illinois Institute of Technology. He received his B.S. in optical engineering at Zhejiang University, China. Dr. Liu held several US patents and is a frequent panel speaker in the industry. He served as the organizer for OFC (Optical Networking and Communication Conference) Service Provider Summit and Market Watch between 2010 and 2015.
| Optics Evolution and Challenge for Router Interface(PDF)
Optics Evolution and Challenge for Router Interface
|
11:30am - 12:00pm
| Independence Ballroom A (5B Level) | BGPmon, The Next GenerationBGPMon, in conjunction with Oregon's Route Views, has been serving BGP data to the community for the past several years. However, the custom software used by the old version of BGPMon is showing its age and can no longer keep up with the BGP feeds from Route Views and local collectors, nor the user demand. In addition, BGPmon's XML stream does not handle client speed mismatch well.
We have completely re-architected BGPMon, eliminating virtually all custom code and moving to community-developed software and a distributed database. The current collector architecture uses goBGPd from NTT Labs, BMP as well as standard MRT. The database that acts as the foundation of the new system can be distributed or centralized. The new version of BGPMon is divided into two components:
(a) A RESTful web-based archive, which contains all data collected by Route Views and BGPmon so far; the archive is based on a pull model to support clients of varying speeds and provides time-range access to over 10TB of data collected over more than 15 years. The archive has been in beta testing for over six months with select users and is finally ready to serve the rest of the community.
(b) A public service based on a distributed database that provides flexible, SQL-based queries returning results in JSON/XML or MRT. The new system offers vastly improved performance and robustness, and a variety of new services including prefix hijack alerts, support for querying prefixes advertised by any AS, AS country geolocation, international detour detection and more. This service is currently in beta testing.
The new BGPMon also provides a private deployment mode that can be either completely isolated from the public deployment or interface with the public deployment in read-only mode.
In this presentation we will describe the new architecture of BGPMon and demonstrate its new services.
View full abstract page. | Speakers:
- Christos Papadopoulos, Colorado State University.
| BGPmon, The Next Generation(PDF)
BGPmon, The Next Generation
|
| 12:00pm - 1:30pm | Constitution Ballroom (3B Level) | Lunch | Sponsors:
| |
1:30pm - 2:00pm
| Independence Ballroom A (5B Level) | 2017 DNSSEC KSK RolloverThe new Root Zone DNSSEC Key Signing Key will become ready for operations (but not yet in use) on February 2, 2017. Anyone employing or tracking DNSSEC validation today will need to know about this change. This presentation will provide a view of the new KSK as well as tips and tools for obtaining the key electronically and tools and techniques for building trust in the new KSK.
View full abstract page. | Speakers:
- edward lewis, ICANN
Edward is a Senior Technologist in the Office of the CTO. Prior to joining ICANN he worked 11 years inside Internet domain name and number registries of many types - gTLD, ccTLD, and RIR. He worked for a DNS hosting company. He co-chaired the original IETF WG that developed EPP. He developed some of the first DNSSEC codebases under the original DARPA contract in the 1990's. Before that, he worked building research networks attached to the NASA Science Internet (one of the three original backbones) and taught Networking courses at the University of Maryland - Baltimore County.
| 2017 DNSSEC KSK Rollover(PDF)
2017 DNSSEC KSK Rollover
|
2:00pm - 2:30pm
| Independence Ballroom A (5B Level) | traIXroute: Detecting IXPs in traceroute pathsInternet eXchange Points (IXP) are critical components of the Internet
infrastructure that affect its performance, evolution, security and economics. In
this work, we introduce techniques to augment the well-known traceroute
tool with the capability of identifying if and where exactly IXPs are crossed in endto-end paths. Knowing this information can help end-users have more transparency over how their traffic flows in the Internet. Our tool, called traIXroute, exploits data from the PeeringDB (PDB) and the Packet Clearing House (PCH) about IXP IP addresses of BGP routers, IXP members, and IXP prefixes. We show that the used data are both rich, i.e., we find 12,716 IP addresses of BGP routers in 460 IXPs, and mostly accurate, i.e., our validation shows 92-93% accuracy. In addition, 78.2% of the detected IXPs in our data are based on multiple diverse evidence and therefore help have higher confidence on the detected IXPs than when relying solely on IXP prefixes. To demonstrate the utility of our tool, we use it to show that one out of five paths in our data cross an IXP and that paths do not normally cross more than a single IXP, as it is expected based on the valley-free model about Internet policies. Furthermore, although the top IXPs both in terms of paths and members are located in Europe, US IXPs attract many more paths than their number of members indicates.
The webpage of the tool:
http://inspire.edu.gr/traIXroute
There is also a related article about this tool published in Ripe Labs. See here: https://labs.ripe.net/Members/george_nomikos/detecting-ixps-in-traceroute-paths-using-traixroute
View full abstract page. | Speakers:
- George Nomikos, FORTH-ICS
George Nomikos is a research engineer in INSPIRE group in FORTH-ICS, in Greece (http://www.inspire.edu.gr/) since June 2014. His main research interests primarily include Internet routing, Internet topology and network security. His main target is to better understand how the Internet ecosystem evolves, to track the Internet topology in the AS-, IXP- and Facility- level and evaluate the network performance under security constraints. To that end, George focuses on organising and creating advanced networking measurements and simulations, using analytical tools like graph theoretic approaches, social-driven heuristics and modeling traffic characteristics. In addition to the research activity, he is responsible for network and system administrative management like building solid and flexible server based systems and resolving issues related to networking anomalies, especially in routing and server-side application configurations.
| traIXroute: Detecting IXPs in traceroute paths(PDF)
traIXroute: Detecting IXPs in traceroute paths
|
2:30pm - 3:00pm
| Independence Ballroom A (5B Level) | ENDEAVOUR: Towards SDN-enabled IXPsDespite considerable innovation in Internet applications, and an increase in diversity of both users and uses, the IP interconnection model and its control plane mechanisms (BGP) are suffering stagnancy and ossification. As of today, the major IXPs interconnect more than 500 member ASes and thus appear as convenient locations for inter-domain innovation. The EU funded research project ENDAVOUR aims to augment IP interconnection at IXPs and the switching fabric itself by using Software-Defined Networking (SDN) technology. This talk highlights lessons learned from the first half of the ENDEAVOUR project. It elaborates on its applications, problems with practical feasibility, and the IXP's SDN hardware requirements. Ultimately, we discuss the future road map for the second half of the project and point out where to find the open source code.
View full abstract page. | Speakers:
- Christoph Dietzel, DE-CIX / TU Berlin
Since June 2014, Christoph Dietzel has been member of the DE-CIX Research and Development team and is responsible for several research efforts. He is also involved in numerous projects funded by the public sector (EU, German Federal Ministries). Chris is a PhD student in the INET group, advised by Anja Feldmann at Technische Universität Berlin, since the end of 2014.
His ongoing research interests focus on Internet measurements and security, routing, and traffic classification. Chris is also highly interested in IXP-related aspects of the Internet ecosystem.
| ENDEAVOUR: Towards SDN-enabled IXPs(PDF)
ENDEAVOUR: Towards SDN-enabled IXPs
|
3:00pm - 3:10pm
| Independence Ballroom A (5B Level) | Lightning Talk: PCAP BGP ParserNetwork operations increasingly relies on tools and features to perform in-depth analysis of Internet routing behavior to optimize traffic flows or dissect DDoS attacks. In particular, IXPs commonly operate software routers such as BIRD or Quagga as BGP route servers. However, the implemented data processing features and tools are somewhat limited. BIRD does not support continues BGP exports, MRT dumps allow a post-best-path-selection view only, and the tshark BGP filtering capabilities are limited, just to name a few.
In this talk we present a TCP dump BGP parser to overcome these limitations. The raw packets can be captured with tcpdump at the network interface of any software router and either be processed as a live-stream or stored and analyzed subsequently. For a post mortem analysis the BGP parser comes with a rich set of filters and export formats to meet the desired level of granularity. The presentation will showcase some compelling examples. Moreover, the tool can be extended as favored since it is available as open source project at GitHub.
View full abstract page. | Speakers:
| Lightning Talk: PCAP BGP Parser
Lightning Talk: PCAP BGP Parser(PDF)
|
3:10pm - 3:20pm
| Independence Ballroom A (5B Level) | Lightning Talk: BGP Shutdown A new way for operators to interact with each other has being developed: the "BGP Shutdown Communication". This mechanism allows one operator to inform another operator about the reason a BGP session is being shutdown or reset - signalled through the BGP session itself. The "BGP Shutdown Communication" will increase efficiency in NOCs all around the world, as it now has become much easier to correlate a BGP shutdown event with a ticket, case ID reference or circuit ID.
View full abstract page. | Speakers:
- Job Snijders, NTT Communications
Job is actively involved in the Internet community both in an operational capacity and as a founder of cooperation efforts such as the NLNOG RING. He has taught service providers in the Middle East how to deploy IPv6 and has a passion for Routing Security and Automation.
Job holds a position at NTT Communications' IP Development Department.
| Lightning Talk: BGP Shutdown (PDF)
Lightning Talk: BGP Shutdown
|
3:20pm - 3:30pm
| Independence Ballroom A (5B Level) | Lightning Talk: Open Policy Multi-Media SIP Peering Exchange in CanadaCIRA is currently investigating the need and feasibility of creating Multi-Media SIP Peering Exchanges in Canada. The goal would to create a minimum of 3 Multi-Media SIP Peering Exchange Points in Canada. Currently today Internet Exchange in Canada are designed to server internet data traffic.
The Multi-Media SIP Peering Exchanges would build upon the success of the current IX's and add an additional service for the exchange of Multi-Media SIP based voice, video and possible Instant messaging/presence.
The Exchange would allow for enhanced end-to-end Voice quality by removing the PSTN network from the path, the exchange of Video Calls and potentially a platform for innovation to reduce SPAM.
View full abstract page. | Speakers:
| Lightning Talk: Open Policy Multi-Media SIP Peering Exchange in Canada
Lightning Talk: Open Policy Multi-Media SIP Peering Exchange in Canada(PDF)
|
| 3:30pm - 4:00pm | Independence Foyer (5B Level) | Break | Sponsors:
| |
4:00pm - 5:30pm
| Independence Ballroom A (5B Level) | MPLS TutorialMPLS Tutorial which seeks to dispel myths about MPLS by explaining MPLS concepts, showing use cases in provider networks, identifying MPLS features which can improve operation of provider networks, and calling out gotchas of MPLS.
View full abstract page. | Speakers:
- Richard A Steenbergen, PacketFabric
Richard Steenbergen is co-founder and Chief Technology Officer of PacketFabric, a next-generation Network-as-a-Service interconnection and transport solutions provider. Prior to starting PacketFabric, Richard served as CTO of GTT Communications, a leading global IP/MPLS backbone and Tier 1 network operator in over 80 countries. Richard was also the founder and CTO of nLayer Communications for 11 years, served as a Sr Network Architect for various large NSPs, and served as a Sr Software Engineer helping developed advanced optimized routing techniques. Richard has been attending NANOG since 1999, and is a frequent speaker and contributor.
| MPLS Tutorial(PDF)
MPLS Tutorial
|
4:00pm - 5:30pm
| Independence Ballroom I-F (5B Level) | So you inherited a DNS server....This tutorial will discuss the increasingly common situation where a network or system administrator inherits a legacy DNS server and explains how to migrate the services on that server to modern DNS software implementations.
View full abstract page. | Speakers:
- Eddy Winstead, Internet Systems Consortium
Eddy has over 20 years of DNS, DHCP and sysadmin experience. He was a systems analyst and hostmaster for the North Carolina Research and Education Network (NCREN) for over a decade. At ISC, Eddy has delivered DNS + DNSSEC consulting, configuration audits and technical training.
| So you inherited a DNS server....(PDF)
So you inherited a DNS server....
|
| 6:00pm - 8:00pm | Constitution Ballroom (3B Level) | Beer 'n Gear | Sponsors:
- ADVA Optical Networking, Arbor Networks, Brocade, Ciena, Cisco Systems, Corero , Coriant, DE-CIX, Deepfield, Fujitsu, Hilco Streambank, Infinera, Juniper Networks, OSI Hardware, Packet Design, PCCW Global, Precision Optical Transceivers, Radware, Singtel, Telia Carrier, Windstream, zXc
| |
Wednesday, February 8 2017
| Time/Webcast: | Room: | Topic/Abstract: | Presenter/Sponsor: | Presentation Files: |
|---|
| 8:00am - 10:30am | Constitution Ballroom (3B Level) | Breakfast & Break | Sponsors:
| |
| 8:30am - 5:00pm | Independence Foyer (5B Level) | Registration | | |
10:00am - 11:30am
| Independence Ballroom I-F (5B Level) | Hands-On DNSSEC with DNSVizDNSSEC enables the authentication of DNS responses. Despite this benefit, expert DNS operators have observed that there are challenges in understanding, deploying, monitoring and troubleshooting DNSSEC. DNSViz was developed to address these challenges by adding a suite to the existing DNS analysis tools in order to retrieve and analyze relevant DNS and DNSSEC information and present it to the user in graphical and programmatic formats. This tutorial will get hands-on with DNSSEC concepts by performing some DNSSEC signing, validation and manipulation, and using DNSViz to analyze and monitor the configurations.
Prerequisites: The tutorial seeks to both instruct the DNSSEC novice and provide additional perspective to the DNSSEC experts. Some familiarity with DNS and Linux OS-based tools are helpful but not required.
Please come prepared to participate with:
- Laptop computer (power adapter recommended)
- Internet access
- VirtualBox installed on your laptop, preferably version 5.0 (latest)
- The tutorial demo VM image, downloaded, unzipped, and installed, following the instructions at: http://dnsviz.net/demo/
View full abstract page. | Speakers:
- Casey Deccio, Brigham Young University
Casey Deccio is an Assistant Professor in the Computer Science Department at Brigham Young University. His research interests are in network measurement and anti-abuse for improved stability and security of the Internet.
Prior to coming to BYU, he was a Senior Research Scientist at Verisign Labs since 2014, where his research included DNS ecosystem tools, monitoring, measurement, and modeling. Before that he was a Principal Research and Development Cyber Security Staff member at Sandia National Laboratories, where he had been employed since 2004 and where he was responsible for network-related research and development, including DNSSEC and IPv6 deployment efforts. While at Sandia he developed DNSViz, the widely used tool for DNS analysis and visualization. He also served as an ICANN Research Fellow supporting the Security and Stability Advisory Committee (SSAC) in 2013.
| Hands-On DNSSEC with DNSViz
Hands-On DNSSEC with DNSViz(PDF)
|
10:00am - 10:45am
| Independence Ballroom A (5B Level) | ROADM makes Multi-site DCI scale seemlesslyOpen Compute Platform (OCP) has focused on disaggregation of functions within the Data Center and Telecom Infra Project (TIP) is looking at breaking up transport functions within the telecom infrastructure to make them cheaper and laser-specific.
The transport Industry started the use of disaggregated solutions with the delivery of the Transponder blade or pizza box that has simple interfaces for programming and provisioning. In point to point configurations with simple WDM mux/demuxes in a small form factor; this has worked well to scale bandwidth with traffic flows. But what happens when there are more than two sites that one needs to distribute traffic between and also scale that traffic. Does the network need to change to support this situation? Instead of replicating and transporting content between two sites (simple) we need to replicate the traffic from each site to multiple sites or move content to a specific site from all sites in a given metropolitan region. We also still need to share content only between two of these multitude of sites. This will take multiple sets of fiber pairs and mux/demuxes and dedicated transponder boxes.
It is time to take the next step and look at functions beyond the basics of point to point configurations, as Data Center Metro networks extend across multiple locations with traffic that is ubiquitous and more meshy.
View full abstract page. | Speakers:
- Stevan E Plote, Nokia
Steve Plote, is Optics Consulting Engineer at Nokia. He is currently responsible for the support of all Nokia sales teams in the Americas as well as Channel Partners. Focusing on Network designs for the delivery of real time, next generation services for Video transport, Carrier Ethernet, Consumer Content Distribution, and Cloud Computing. He has personal responsibility for the network engineering and support for the WEB2.0 and Content Service Providers in North America. Mr. Plote has more than 30 years of experience in Data Center Interconnect, Telecommunications and LAN switching and transmission solutions. Prior to joining Nokia, he was Solutions Business Development and CSP Systems Engineering at BTI Systems and prior to that was Solutions Sales Director at Tellabs. He has many professional memberships and committee involvements including NANOG PC, OFC, MEF, IEEE, OSA, IEC and IETF.
| ROADM makes Multi-site DCI scale seemlessly(PDF)
ROADM makes Multi-site DCI scale seemlessly
|
10:45am - 11:00am
| Independence Ballroom A (5B Level) | Current Issues Relating to the Digital Millennium Copyright Act (DMCA)The Copyright Office has recently created a new electronic database that "service providers" must use to designate agents in order to take advantage of the of the DMCA's "Safe Harbor" provisions allowing them to avoid liability for copyright violations by users of their services. Although there is a grace period, all service providers must ultimately update their information using the new electronic system, even if their existing listings (filed in paper) are still up to date.
This talk will cover the purpose of and process for creating (or updating) an organization's designated agent listing. It will also provide a refresher on the other requirements an organization must meet in order to qualify for the Safe Harbor protections, as well as "best practices" for handling DMCA claims so as to preserve those protections.
View full abstract page. | Speakers:
- Jennifer Amundsen, Amundsen Law Firm, LLC
Ms. Amundsen has over 20 years’ experience in the legal and intellectual property industries and nearly 14 years’ experience as a lawyer. She represents information technology businesses, authors, independent film and video production companies, theater companies, software developers and other brand and creative content owners, with an emphasis on the implications of emerging technologies, the Internet and social media. She helps clients to identify, protect and leverage their intellectual property assets, such as trademarks and copyrights, and to avoid conflicts with third-party intellectual property assets. She also counsels clients regarding day-to-day business and legal matters, including a variety of contract matters, and acts as outside general counsel to clients in the hosting industry. She is a 2003 graduate of the University of Wisconsin Law School, where she was regularly included on the Dean’s List, and a 1994 graduate of Kalamazoo College.
| Current Issues Relating to the Digital Millennium Copyright Act (DMCA)(PDF)
Current Issues Relating to the Digital Millennium Copyright Act (DMCA)
|
11:00am - 11:30am
| Independence Ballroom A (5B Level) | Internet Attack Increases Require Policy EngagementThe Internet’s infrastructure is under attack constantly. Those who work with these networks on a daily basis know this. The daily successes of keeping things up and running generally go unnoticed, but when there are problems there can be hell to pay. That’s why preparation is so important. One kind of preparation often overlooked is legislative preparation. Attempts to try to prevent reactive legislation that would be problematic for the Internet, and to help create paths to sensible legislation that would help, are an important aspect of network sustainability. As attacks increase on our networks, legislators increasingly have our businesses in their scope. Only prior planning can ensure that policy doesn’t disrupt the security, stability and resiliency of our networks.
View full abstract page. | Speakers:
- Christian Dawson, i2Coalition
Christian Dawson is the Co-Founder of the Internet Infrastructure Coalition (i2Coalition) where he works to make the Internet a better, safer place for the businesses that make up the Cloud. Dawson spent 16 years as an executive at web hosting provider ServInt. While there, he co-founded the Save Hosting initiative, designed to galvanize web hosting providers in their opposition of PIPA & SOPA. He went on to help found the i2Coalition to ensure that those who build the infrastructure of the Internet have a voice in all matters of public policy that affect them. He is a staunch advocate for Internet freedom as a tool for social and economic growth by fostering the growth and expansion of the Internet economy. Dawson served as the Chairman of the i2Coalition Board from 2012 to 2016. As of January 2016 Dawson has joined the i2Coalition in a full time position as its first Executive Director.
| Internet Attack Increases Require Policy Engagement(PDF)
Internet Attack Increases Require Policy Engagement
|
11:30am - 11:40am
| Independence Ballroom A (5B Level) | Lightning Talk: Salty DNS: Automate all the thingsA talk that touches on the reasons, struggles, and eureka moments while using automation in a large infrastructure. Will shortly speak about why we moved from Puppet and onto SaltStack. Also will speak about implementing and using SaltStack for DNS automation. This will touch on how we implemented external modules that focus on "Net Math". This will be followed by talking about how we want to use one driver file across all vendor types. Also how we believe that using pillar data to be able to extract data about our infrastructure for easier consumption.
View full abstract page. | Speakers:
| Lightning Talk: Salty DNS: Automate all the things(PDF)
Lightning Talk: Salty DNS: Automate all the things
|
11:40am - 11:50am
| Independence Ballroom A (5B Level) | Lightning Talk: Is there an easy way to evaluate IXP benefits?Financially, there is. It's called Net Present Value "NPV". It's a generally accepted method for an initial evaluation of a business case. We will walk through an example and tweak inputs to demonstrate yield discounted benefits.
View full abstract page. | Speakers:
- Martin Hannigan, Microsoft Corporation.
| Lightning Talk: Is there an easy way to evaluate IXP benefits?(PDF)
Lightning Talk: Is there an easy way to evaluate IXP benefits?
|
11:50am - 12:00pm
| Independence Ballroom A (5B Level) | Lightning Talk: Statistical MultiplexingOver the past two decades, ever-increasing bandwidth demand has become an increasing challenge and opportunity for growth within the networking market. The number of Internet users has skyrocketed alongside application bandwidth intensity, and the burgeoning Internet of Things is projected to exponentially strain networks. While many hardware vendors are experimenting with spectral efficiency, those gains take time and are expensive. One key solution lies in increasing efficiencies on the transport equipment that allocate traffic. Moving away from time-division multiplexing and coupling coherent technology’s “pool of bandwidth” with statistical multiplexing allows for more control of bandwidth allocation.
Statistical multiplexing can greatly increase network performance at Layer 1, arguably the simplest network layer and the easiest one to work with. Layer 2+ equipment has traditionally leveraged time-division multiplexing, a mechanism in which all packet flows — even the idle ones — fill up a channel, leading to channel inefficiencies. By allocating bandwidth for channels with data packets, statistical multiplexing intelligently combines input traffic to maximize channel efficiency.
Hear how this approach applies to Layer 1 equipment, transforming networks and helping service providers and end-users optimize their own networks.
View full abstract page. | Speakers:
- Jeff Franckhauser, XKL LLC.
| Lightning Talk: Statistical Multiplexing(PDF)
Lightning Talk: Statistical Multiplexing
|
| 12:00pm - 1:30pm | | Lunch (On Your Own) | | |
| 1:30pm - 3:00pm | Independence Ballroom I-F (5B Level) | DDoS TutorialThis Tutorial is targeted to attendees with a strong technical background but no exposure to DDOS. It explains what are the parts that break during high performance/high demand events.
The tutorial covers most of the prevalent attacks and goes in details for the ones that need detailed explanation. It covers different type of flood attacks, reflection and amplification, as well as application level attacks.
It covers concepts like sockets, software architecture, particular details around the TCP protocol as well as some implementation details around the Linux kernel.
This tutorial is an update version of the one I did a year ago in Montreal.
View full abstract page. | Speakers:
- Krassimir Tzvetanov, Fastly
Over the past 7 years I worked on abuse/DDoS mitigation Yahoo! and Cisco. At Cisco I also provided consulting for a number of customers on security issues (including DDoS and threat intelligence related to it). Currently at A10 I focus on threat intelligence and product development for security products, as well as serve as high tier escalation point for high profile customers. I have presented at a number of conference on security and DDoS topics. I have ran or co-ran 3 Security Tracks at NANOG so far and I would like to see it have more security content, which I can both arrange for and deliver. I have desire to build a full day security focused track and I can recruit the presenters and deliver the content. More details about my work history can be found on my LinkedIn profile.
| DDoS Tutorial(PDF)
|
1:30pm - 2:00pm
| Independence Ballroom A (5B Level) | High Performance BGP Security: Algorithms and ArchitecturesThe BGPsec protocol addresses several vulnerabilities associated with BGP. In particular, it provides cryptographic protection against prefix mis-originations and AS path attacks. However, the required cryptographic processing imposes additional workload on the route processor in edge routers. In this talk, we first provide an insight into the nature of computational complexities associated with BGPsec update processing. We then propose and evaluate optimizations for BGPsec update processing, including algorithmic, field level, and group level optimizations. We quantify the impact of these optimizations on BGPsec processing at the core cryptographic operations level as well as at the update message processing level. ECDSA signing and verification speeds with the proposed enhancements are compared against the fastest available OpenSSL implementation for the same. Further, we also report results on the speed of BGPsec update processing including the essential BGPsec functions such as data assembly, packet parsing, sorting AS path segments, fetching public keys, and executing ECDSA P256 signing and verification. Finally, we make use of reasonable projections for IPv4 and IPv6 growth rates, BGPsec adoption rate, and processor speedup, and present a model for BGPsec routing convergence time. This model considers BGPsec processing as incremental to the basic BGP processing, which includes best path selection, route filtering, applying policy filters, etc. A relative comparison is provided for convergence time projections for the BGP only scenario vs. mixed (BGP + BGPsec) scenario, which assumes that BGPsec adoption takes about two decades to go from zero to nearly complete global adoption.
View full abstract page. | Speakers:
- Mehmet Adalier, Antara Teknik LLC
Mehmet Adalier is the Founder and CEO of Antara Teknik LLC and leads the innovation and development of interoperable, efficient, and secure communications solutions. Previously, during his 22-year career with Intel Corporation, he held senior leadership positions in Research and Development of disruptive technologies; in Corporate Development setting strategy and establishing alliances with global software and hardware companies to mature ecosystem readiness; and in defining and delivering Consulting Services to Federal Agencies and Commercial Enterprises to enhance their computing infrastructure with improved TCO. - KOTIKALAPUDI SRIRAM, National Institute of Standards and Technology
Kotikalapudi Sriram holds a Ph.D. degree in electrical engineering from Syracuse University. He is currently a senior researcher in the Advanced Networking Technologies Division at the National Institute of Standards and Technology (NIST). Previously he held various positions at Bell Laboratories. His current interests are in Internet routing security and scalability, DDoS prevention, and SDN. He is a Fellow of the IEEE.
| High Performance BGP Security: Algorithms and Architectures(PDF)
High Performance BGP Security: Algorithms and Architectures
|
2:00pm - 2:30pm
| Independence Ballroom A (5B Level) | BGP best path selection modifications: Various validation systems, how they work and how they should workAs we look to the future of prefix validation we see two sets of useful information: Prefix set to AS validation and Path validation, however, both are somewhat challenging to implement. This talk proposes adding a third, far more simplified level of attesting your prefixes in BGP.
Validation array v(v,v) -> v(v,v,v)
With two points, we can say either PATH or ROA validation are good, but both are better. I would propose that something like, but not necessarily, POC validation via clicking a link (or something like that) could become the new bronze level.
There are 3 massive benefits gained by implementing something like this.
1 - Prevents hijacking without the hassle of RPKI implementation.
2 - Makes the unknown lists of prefixes easy to identify in the BGP table.
3 - Creates a valid, known contact for all who participate in very basic attestation.
There are two basic questions we need to answer as a community:
- Do we want something like this, a low level, easy to implement validation system?
- If so, where does it live? (RIRs, IANA, something entirely different)
View full abstract page. | Speakers:
- Aaron Hughes, 6connect
Aaron Hughes is the President and CEO of 6connect, a leader in network provisioning automation including global resource management of IPv6/IPv4 Addressing, DNS/DNSSEC Control from the cloud or behind the firewall for Service Providers and Enterprises. He is deeply rooted in the community, supporting organizations such as ARIN, NANOG, RIPE, Rocky Mountain IPv6 Task Force, go6.si and GPF. He is also a contributor to IFG, EPF, Interop, Cable Labs, EuroIX, BCP/BCOP and IPv6 outreach programs. Aaron has held network and system architecture and Sr. level management roles at Lockheed Martin, Cariden Technologies, Terremark, Certainty Solutions, UnitedLayer, Quest Technologies, RCN, UltraNet and Channel(1) Communications among others. He is the President and Chairman of the Board for PeeringDB.
| BGP best path selection modifications: Various validation systems, how they work and how they should work(PDF)
BGP best path selection modifications: Various validation systems, how they work and how they should work
|
2:30pm - 3:30pm
| Independence Ballroom A (5B Level) | Are We There Yet?The Resource Public Key Infrastructure (RPKI) binds IP address blocks to owners’ public keys. RPKI enables routers to perform Route Origin Validation (ROV), thus preventing devastating attacks such as IP prefix hijacking. Yet, despite extensive effort, RPKI’s deployment is frustratingly sluggish, leaving the Internet largely insecure. We tackle fundamental questions regarding today’s RPKI’s deployment and security: What is the adoption status of RPKI and ROV? What are the implications for global security of partial adoption? What are the root-causes for slow adoption? How can deployment be pushed forward? We address these questions through a combination of empirical analyses, a survey of over 100 network practitioners, and extensive simulations. Our main contributions include the following. We present the first study measuring ROV enforcement, revealing disappointingly low adoption at the core of the Internet. We show, in contrast, that without almost ubiquitous ROV adoption by large ISPs significant security benefits cannot be attained. We next expose a critical security vulnerability: about a third of RPKI authorizations issued for IP prefixes do not protect the prefix from hijacking attacks. We examine potential reasons for scarce adoption of RPKI and ROV, including human error in issuing RPKI certificates and inter-organization dependencies, and present recommendations for addressing these challenges.
View full abstract page. | Speakers:
- Avichai Cohen.
- Yossi Gilad, Boston University and MIT
Yossi Gilad is a postdoctoral researcher at Boston University and the Massachusetts Institute of Technology. His research involves networks, systems, and their security. - Amir Herzberg.
- Michael Schapira.
- Haya Shulman.
| Are We There Yet?(PDF)
Are We There Yet?
|
| 3:30pm - 4:00pm | Independence Foyer (5B Level) | Break | | |
4:00pm - 4:10pm
| Independence Ballroom A (5B Level) | Why Go?Why consider Go (golang) programming language. Why did I move from Python to Go, and why you might want to.
Problems I experienced with Python
Features of Go: type safety, concurrency, cross compilation, etc.
Things you can do with Go. Who's using Go.
View full abstract page. | Speakers:
- James Boswell, Charter Communications.
| Why Go?(PDF)
Why Go?
|
4:10pm - 4:40pm
| Independence Ballroom A (5B Level) | Let's Encrypt with DaneA discussion of the limitations of browser-based SSL security on the Internet and experiences using DANE TLSA resource records to validate server certificates.
View full abstract page. | Speakers:
- Geoff Huston, APNIC
GEOFF HUSTON is the Chief Scientist at APNIC, the Regional Internet Registry serving the Asia Pacific region. He has been closely involved with the development of the Internet for many year. He was a member of the Internet Architecture Board from 1999 until 2005, and continues as an active participant in the IETF. He has worked as a research scientist, as an ISP systems architect and a network operator at various times.
| Let's Encrypt with Dane(PDF)
Let's Encrypt with Dane
|
4:40pm - 5:10pm
| Independence Ballroom A (5B Level) | Reflections on the Internet and the US GovernmentA presentation highlighting some of the recent developments in Internet coordination and the US Government, including an outlook on topics likely to be active over the next few years that will affect ISPs.
View full abstract page. | Speakers:
- John Curran, American Registry for Internet Numbers (ARIN).
| Reflections on the Internet and the US Government(PDF)
Reflections on the Internet and the US Government
|
5:10pm - 5:30pm
| Independence Ballroom A (5B Level) | Conference Close | Speakers:
- Betty Burke, NANOG
Currently serving as the NANOG Executive Director, responsible for all aspects of NANOG, reporting to the Board of Directors. Previous 37 years of experience serving in technology, business, and management within the Michigan Information Technology Services, University of Michigan, and Merit Network. Proven leadership and experience in development of strategic and operational plans, creation and implementation of marketing campaign for conference center and high tech facilities including a data center, conference and office building, library and campus fiber assets. Proven operational success through project management, along with leadership through community and team building.
| Conference Close(PDF)
Conference Close
|
|
|
NANOG Event Calendar
NANOG Meetings
.jpg){kind=logo}
