^ Top
Nanog live
NANOG Live is Offline. Stay tuned for nanog56 information.

NANOG Meeting Presentation Abstract

BGP Data Analysis
Meeting: NANOG35
Date / Time: 1970-01-01 12:00am - 12:00am
Room: Hiro
Presenters: Speakers:
Mohit Lad, UCLA.
Lixia Zhang, UCLA.
Yiguo Wu, UCLA.
Nick Feamster, MIT.
Dan Massey, Colorado State University.
Manish Karir, Merit Network.
Abstract: In recent years various non-commercial tools have been developed to analyze BGP data. When combined with BGP data collected by individual ISPs as well as by public archives such as RouteViews and RIPE RIS, these tools can potentially provide invaluable insight into the operations of inter-domain routing. The goal of this second BGP Analysis Tools BOF is to realize the potential of these tools by fostering a closer interaction between non-commercial tool developers and the potential users represented by NANOG. <BR><BR> The tool discussions will focus on the following topics: <OL> <LI> BGP::Inspect: The BGP::Inspect service allows users to quickly extract information from RouteViews-archived data. BGP::Inspect pre-processes RouteViews data into an easily queryable format, and stores it in a custom database. This database can then be queried via a web interface to extract relevant AS or prefix information. In addition to the raw update messages, BGP::Inspect provides useful and relevant summary statistics that make it easier to extract information about routing events. <BR><BR></LI> <LI> Routing Configuration Checker: rcc is developed to allow network operators to verify that their networks\' router configurations satisfy high-level properties. <BR><BR></LI> <LI> Link-Rank Visualization: An open source visualization tool that weighs AS-AS links by routes carried, Link-Rank captures link-level events by summarizing thousands of BGP updates in compact graphs. Besides this, scripts and instructions will be provided on setting up Link-Rank at an ISP site. <BR><BR></LI> <LI> BGP-Repository: A project in its early design stage, which aims at improving the organization of BGP data to offer efficient data retrieval and real time information dissemination from routing updates. <BR><BR></LI> </OL> The basic concept of Link-Rank and BGP::Inspect was introduced at the first BOF during NANOG34. However, the audience did not get any hands-on experience due to network problems, which we plan to remedy this time. <BR><BR> The schedule for the BOF is: <OL> <LI> Introduction to BOF and objectives—Lixia Zhang</LI> <LI> rcc: Routing Configuration Checker—Nick Feamster</LI> <LI> BGP::Inspect basics—Manish Karir</LI> <LI> Link-Rank BGP visualization—Mohit Lad</LI> <LI> BGP-Repository: Objectives of BGP data organization—Dan Massey</LI> <LI> Demo session <BR><BR></LI> </OL> Speakers will provide a quick tutorial of their tool with basic usage instructions. The demo session that follows will be set up in four demo areas in the room for each of the four topics of focus. BOF participants can then go to the tool areas of interest and get further details on installation and usage of the tools. Although each tool demo area will provide the setup for hands-on trial, participants in the BOF are highly encouraged to bring their own laptops to be able to download and install the tools during the demo session. <BR><BR> Objectives of the demos include: <UL> <LI> The BGP::Inspect demo will serve to familiarize users with the BGP::Inspect query interface, and walk them through some simple queries and scenarios. It will illustrate how users can perform some fairly powerful preliminary analysis of routing events via relatively simple queries. <BR><BR></LI> <LI> The rcc area will demonstrate rcc operating on public configuration data (e.g., Abilene). Support will be provided for installing and running rcc as well as for existing users. The developers will be actively soliciting suggestions for additional features and checks to add to the tool. <BR><BR></LI> <LI> The Link-Rank demo will focus on how to download and install the visualization client, basic and advanced usage of the client, and visualizing data from public archives such as RouteViews and RIPE. In addition, instructions will be provided on installing scripts to visualize BGP data from your own ISP. The Link-Rank corner will provide a limited number of terminals to try out the client. <BR><BR></LI> <LI> The BGP-Repository corner will present some preliminary ideas on BGP data organization for public sites such as RouteViews and RIPE. Attendees can access the revised data format and provide feedback on BGP data needs. The aim of this corner is to brainstorm on some initial ideas for BGP data organization and collect feedback on BGP data requirements. <BR><BR></LI> </UL> BGP::Inspect is available from <A HREF=\"http://bgpinspect.merit.edu\">http://bgpinspect.merit.edu</A> and Link-Rank is available from <A HREF=\"http://linkrank.cs.ucla.edu\">http://linkrank.cs.ucla.edu</A>; rcc can be found at <A HREF=\"http://nms.csail.mit.edu/bgp/rcc/\">http://nms.csail.mit.edu/bgp/rcc/</A>.
Files: pdfDan Massey Presentation(PDF)
pdfLixia Zhang(PDF)
pdfManish Karir Presentation(PDF)
pdfMohit Lad Presentation(PDF)
pdfNick Feamster Presentation(PDF)
Sponsors: None.
BLINC: Multilevel Traffic Classification in the Dark
Meeting: NANOG35
Date / Time: 1970-01-01 12:00am - 12:00am
Room: Sierra BCD
Presenters: Speakers:

Thomas Karagiannis, UC Riverside

Thomas Karagiannis is a Ph.D. Candidate in the Department of Computer Science at the University of California, Riverside. He received his B.S. from the Applied Informatics department at the University of Macedonia in Greece. He is currently an intern with Intel Research at Cambridge, UK. His research interests include Internet measurements and monitoring, analysis of Internet traffic dynamics, traffic classification, and peer-to-peer networks.
Michalis Faloutsos, UC Riverside.
Konstantina Papagiannaki, Intel Research.
Abstract: We present a fundamentally different approach to classifying traffic flows according to the applications that generate them. In contrast to previous methods, our approach is based on observing and identifying patterns of host behavior at the transport layer. We analyze these patterns at three levels of increasing detail (i) the social, (ii) the functional and (iii) the application level. This multilevel approach of looking at traffic flow is probably the most important contribution of this work. Furthermore, our approach has two important features. First, it operates in the dark, having (a) no access to packet payload, (b) no knowledge of port numbers and (c) no additional information other than what current flow collectors provide. These restrictions respect privacy, technological, and practical constraints. Second, it can be tuned to balance the accuracy of the classification versus the number of successfully classified traffic flows. We demonstrate the effectiveness of our approach on three real traces. Our results show that we are able to classify 80%- 90% of the traffic with more than 95% accuracy.
Files: ramBLINC.ram(RAM)
pdfThomas Karagiannis - BLINC(PDF)
Sponsors: None.
Best Practices for Determining the Traffic Matrix in IP Networks<BR>Level: Intermediate
Meeting: NANOG35
Date / Time: 2005-10-23 1:30pm - 3:00pm
Room: Sierra A
Presenters: Speakers:

Thomas Telkamp, Cariden

Thomas Telkamp is responsible for deploying Cariden products, and guides product development. Previously, he worked for Global Crossing as Director of Network Engineering, Director of IP Global Architecture, and Director of Networking Research. Before joining Global Crossing, Thomas worked as a consultant at AT&T-Unisource Communications Services, SURFnet Expertise Centrum, SURFnet, DANTE, and Wunderman Cato Johnson. Thomas\' professional interests include network modeling and analysis, traffic characterization, and traffic engineering.
Abstract: Knowledge of the amount of traffic between source and destination pairs of a network is crucial to fundamental operational tasks such as capacity planning, traffic engineering, and peering management. Router vendors, third parties, academic researchers, and ingenious network engineers have devised multiple ways of collecting and estimating traffic matrices. This session presents an overview of applications of traffic matrices and operational experiences with the various approaches, including NetFlow-based methods, mathematical estimation models, and MPLS (both RSVP and LDP) methods. Emphasis will be on practical experiences with each method. The tutorial has been slightly revised since its presentation at the Seattle meeting. In LA, there will be less focus on NetFlow (only new advances will be covered), a more detailed description of how to build a traffic matrix from MPLS LDP counters, more coverage of measuring/estimating peering traffic (external in addition to internal traffic matrix), and another \'real-life\' example.
Files: pdfThomas Telkamp Presentation(PDF)
Sponsors: None.
Tutorial: BGP Multihoming Techniques<BR>Introductory/Intermediate
Meeting: NANOG35
Date / Time: 2005-10-23 1:30pm - 3:00pm
Room: Hiro
Presenters: Speakers:

Philip Smith, Cisco Systems

Philip Smith joined Cisco Systems in January 1998. He is a member of the Service Provider Architectures Group of Consulting Engineering, within Corporate Development. His role includes working with many ISPs in the Asia-Pacific region and the rest of the world, specifically in network strategies, design, technology, and operations, as well as helping with network configuration and scaling. Other areas of interest also include Internet routing, Internet protocols, IPv6, and encouraging the growth of the Internet around the world. Prior to joining Cisco, he spent five years at PIPEX (now part of UUNET\'s global ISP business), the UK\'s first commercial Internet Service Provider. He was one of the first engineers working in the UK Internet, and played a fundamental role in building the modern Internet in the UK and Europe. Philip is co-author of Cisco ISP Essentials, published by Cisco Press. He holds a Doctor of Philosophy and has a First Class Honours Degree in Physics. He lives in Brisbane, Australia.
Abstract: This tutorial introduces service providers to some of the features available in BGP to aid multihoming to the Internet. After an explanation of multihoming and the principles being followed in this tutorial, several examples involving different scenarios will be given. Configuration techniques for modifying inbound and outbound traffic flows are covered, as are some examples on how to use BGP communities in inter-AS relationships. The tutorial finishes by covering some common multihoming security issues.
Files: ramBGP Multihoming Techniques(RAM)
Sponsors: None.
Tutorial: Scaling Considerations in MPLS Networks<BR>Intermediate/Advanced
Meeting: NANOG35
Date / Time: 2005-10-23 3:30pm - 5:00pm
Room: Sierra A
Presenters: Speakers:

Ina Minei, Juniper

Ina Minei is a network protocols engineer at Juniper Networks, where she focuses on MPLS protocols and applications. She is an active participant in industry fora and conferences and has co-filed several patents in the area of IP and MPLS. She is co-author of the new book, MPLS-Enabled Applications, to be published by Wiley UK in October 2005. The book provides an overview of current MPLS topics, and contains several discussions on scaling issues that arise in MPLS networks.
Abstract: This tutorial discusses some of the scaling considerations in MPLS deployments, concentrating on the tradeoffs between the cost and benefit of creating extra state in the network. In particular, the tutorial will look at how the amount of state (for example LSPs and forwarding state) is affected by different MPLS signaling protocols, features deployed, and network design choices. Furthermore, the cost of this state in terms of both platform resources and operations/management overhead is evaluated (for example, when is it necessary to upgrade a platform or add a new device in the network, or how difficult is it to configure and troubleshoot a particular deployment?). The material presented is vendor-independent. The tutorial is targeted for network engineers and service providers who want to gain a deeper understanding of MPLS networks. Attendees should have a basic understanding of MPLS and BGP/MPLS VPNs.
Files: pdfIna Minei Presentation(PDF)
Sponsors: None.
Steering Commitee Community Meeting
Meeting: NANOG35
Date / Time: 2005-10-23 5:15pm - 7:15pm
Room: Sierra A
Presenters: Moderators:

Randy Bush, IIJ

Randy Bush is a Principal Scientist at IIJ (an actual ISP) and chairs the NANOG Steering Committee. He was a Founding Engineer at Verio (now retired) and has spent 40 years in computing: compiler geek, real-time systems, actually configures routers, servers, architects networks ... Randy also has 18 years of experience in internet tech transfer to developing countries. He has served as Principal Investigator at the Network Startup Resource Center (NSRC, http://nsrc.org/) and was on the NANOG Program Committee for many years. Randy was one of the members of the Founding Board of ARIN, and has also served as the IVTF Ops Director (retired).
Abstract: We invite you to join us on Sunday evening from 5:00-7:00, between the tutorials and the opening reception, when the NANOG Steering Committee will hold an open meeting for those interested in discussing general NANOG concerns. The meeting will be broadcast, and a method for external input (e.g. jabber) will be provided. <BR><BR> The agenda the SC has come up with so far is: <UL> <LI> Steeering Committee progress/status report</LI> <LI> Open microphone</LI> <LI> Steve Feldman, CNET - Program Committee report</LI> <LI> Open microphone</LI> <LI> Betty Burke, Merit - Finance report</LI> <LI> Open microphone</LI> <LI> Mailing List issues <UL> <LI> Policy and process</LI> <LI> Appeal process</LI> <LI> SC process regarding ML committee, i.e. terms, selection, ... as this is not covered well in the NANOG charter. </LI> </UL> </LI> <LI> Other open issues</LI> <LI> Open microphone <BR><BR></LI> </UL> Oh, and did we mention open microphone? :-) <BR><BR> If you have a flash presentation (five minutes max) you wish to make, please tell us and send a draft of the presentation.
Files: pdfRandy Bush - Community Meeting(PDF)
ramSteering Committee Community Meeting(RAM)
Sponsors: None.
AS Numbers
Meeting: NANOG35
Date / Time: 2005-10-24 9:15am - 9:45am
Room: Sierra BCD
Presenters: Speakers:
Geoff Huston, APNIC.
Abstract: The AS number space uses a 16-bit field. There are 65,536 unique as numbers, of which 64,510 are useable. At present some 38,910 AS numbers have been passed into the RIR system, leaving 25,600 in the unallocated pool. This presentation explores a number of techniques of trend analysis to derive a predictive model of AS number consumption to derive an estimate of AS number exhaustion. The presentation looks at the 4-byte AS number proposal and the associated transition plan, and makes some recommendations as to a schedule for a transition from the 2-byte to a 4-byte AS number.
Files: ramAS Consumption Patterns(RAM)
pdfGeoff Huston - AS Consumption Patterns(PDF)
Sponsors: None.
ASNs MIA: A Comparison of RIR Statistics and RIS Reality
Meeting: NANOG35
Date / Time: 2005-10-24 9:45am - 10:15am
Room: Sierra BCD
Presenters: Speakers:

Rene Wilhelm, RIPE NCC

Henk Uijterwaal is the manager of the New Projects Group at the RIPE NCC. His interests include active measurements and analysis of data on the Internet.
Henk Uijterwaal, RIPE NCC.
Abstract: We studied ASN assignments by the RIRs and the number of unique ASNs seen by routers on the Internet. The (net) growth rate of ASNs assigned by the RIRs is about 260 +/- 30 ASN/month. At this rate, all available ASNs will have been assigned between 2013 and 2016. By comparison, the routing table only grows by about 195 +/- 45 ASN/month. We show that this is due to two effects: (1) ASNs which are assigned based on future plans but never used in practice, and (2) ASNs which are no longer in use but not returned to the RIRs. If all these unused ASNs could be recovered, the pool of ASNs would last until 2025 to 2030. If not, then the ISP community should start to make plans for the deployment of 4-byte ASNs in the near future. We will make some recommendations for ASN policy changes that would allow the RIRs to better allocate ASNs to end users.
Files: ramASNs MIA(RAM)
pdfRene Wilhelm Presentation(PDF)
Sponsors: None.
Shim6: Network Operator Concerns
Meeting: NANOG35
Date / Time: 2005-10-24 10:45am - 11:15am
Room: Sierra BCD
Presenters: Speakers:

Jason Schiller, UUNET

Jason Schiller is a Senior Internet Network Engineer in the IP Network Engineering Department at UUNET / MCI. He has been with the company for over seven years. His current role includes designing, evaluating, and qualifying networks for deployment in UUNET\'s backbone for the Americas region. Jason also completes field trials and acts as highest level of escalation for issues in the Americas continental networks and for multicast issues globally. He is also responsible for defining and maintaining global standards for each of the continental UUNET networks. Previous projects include designing the UUCast multicast network and the Latin American network. Current interests include Internet routing, multicast, and IPv6.
Abstract: IETF is moving forward with shim6 as the IPv6 multihoming solution. The current focus is on protocol interaction and forwarding plane outage detection. Little work is being pursued on inter-AS traffic engineering. <BR><BR> Inter-AS traffic engineering will be a function of the locator pair chosen by the source and destination end hosts. As a result, the following operational concerns come up: <UL> <LI> How does a destination provide information about inbound link utilization preferences so that a source can put the locator set in the correct order?</LI> <LI> Is it desirable for the inbound traffic engineering preference to be configured on all multi-homed destination end hosts?</LI> <LI> What are the implications traffic engineering on transit ASes? <BR><BR></LI> </UL> The involvement of network operators is critical at this stage to ensure that all of the needed operational requirements are considered and met.
Files: pdfJason Schiller - Shim6(PDF)
ramShim6: Network Operator Concerns(RAM)
Sponsors: None.
IPv6 Deployment Issues: A Tier 1 Perspective
Meeting: NANOG35
Date / Time: 2005-10-24 11:15am - 11:45am
Room: Sierra BCD
Presenters: Speakers:

Stewart Bamford, Level3

After receiving his B.Sc. in Computer Science from the University of East Anglia in 1995, Bamford started work in the ISP business, launching a small ISP in Norwich, England. In 1996, he joined PIPEX in Cambridge (UK), which was later known as UUNET, WorldCom, and then MCI. In 2004 he moved to Level3 Communications, where he is currently employed as a Senior IP Engineer based in London. Bamford was the lead engineer in the recent deployment of IPv6 on the Level3 (AS3356) network. He is also also a Chartered IT Professional, a Chartered Engineer and a member of the British Computer Society.
Abstract: This presentation takes a look at standard problems encountered during deployment and support of IPv6 in a (tier-1) service provider network. The presentation is <I>not</I> intended to be a discussion of the pros and cons of IPv6, but more a look at the \"golden four\" problems encountered: decision-making, network, people-and-politics, and systems. Some information is also given about the way that Level3 approached some of these issues.
Files: ramIPv6 Deployment Issues(RAM)
pdfStewart Bamford - IPv6 Deployment Issues(PDF)
Sponsors: None.
Identifying Compromised Hosts by Analyzing Real-Time Blacklists
Meeting: NANOG35
Date / Time: 2005-10-24 11:45am - 12:05pm
Room: Sierra BCD
Presenters: Speakers:
Rick Wesson, Alice\'s Registry.
Abstract: We inverted DNSRBLs and aggregated them in a database with a real-time BGP feed to compile a \"hit list\" of potential issues. The reports aided network managers in discovering abuse, compromised systems, and stale DNSRBL listings. The experience continues to be interesting and beneficial.
Files: ramIdentifying Compromised Hosts(RAM)
pdfRick Wesson Presentation(PDF)
Sponsors: None.
Infrastructure Security Survey Overview
Meeting: NANOG35
Date / Time: 2005-10-24 12:05pm - 12:25pm
Room: Sierra BCD
Presenters: Speakers:
Craig Labovitz, Arbor Networks.
Danny McPherson, Arbor Networks.
Abstract: As network operators begin to converge services onto a single ubiquitous IP infrastructure, a renewed focus on infrastructure security and services availability has emerged. This discussion will present the results of a survey conducted earlier this year that explores what threats network operators are facing, the scale and frequency of these threats, as well as the organizational and operational tool sets network operators employ to address these threats. The desire is that the information provided in this survey, which we intend to conduct on a biannual basis, will assist both network operators and their vendors in obtaining a better understanding of trends in the infrastructure security landscape, what tools and techniques are utilized, and where they should be looking to address emerging threats.
Files: pdfCraig Labovitz Presentation(PDF)
ramInfrastructure Security Survey Overview(RAM)
Sponsors: None.
IAB IPv6 Multihoming
Meeting: NANOG35
Date / Time: 2005-10-24 2:00pm - 3:30pm
Room: Sierra BCD
Presenters: Moderators:
Dave Meyer, Cisco Systems.
Abstract: With the advent of the growing and widespread deployment of IPv6, many familiar operational issues have arisen. Among the current IPv6 \"hot topics\" are RIR policy (including the HD ratio discussion) and site multi-homing. This BOF focuses on the multi-homing issue, since multi-homing is a one of the significant drivers of the growth and dynamic properties of Default Free Zone (DFZ). In particular, there is concern that the amount of multi-homing will grow beyond the organizations who use it today in the IPv4 Internet and that we need new mechanisms to handle the potential growth (both in terms of the size of the DFZ, and its dynamic properties). The current direction that the IETF is taking is being defined by the shim6 working group. Briefly, shim6 seeks to find a mechanism which provides most the functional benefits of multi-homing while still allowing reasonable scalability of the DFZ. More precisely, shim6 seeks to find scalable solutions that allow sites to multi-home for the purposes of redundancy, traffic engineering, or other policy. However, there has been quite a bit of discussion in various venues as to whether shim6 actually accomplishes what most might traditionally think of as traffic engineering. In particular, traffic engineering can be thought of as the practice and mechanisms needed to place traffic where capacity exists (in contrast to capacity planning, which puts capacity where traffic exists). One can note that in order to accomplish site-wide inbound traffic engineering under shim6, some control mechanism would be required that is capable of causing all of the hosts within the site to change the destination address that their correspondents are using. Some feel that this is overly complex. In the outbound traffic engineering case, a similar capability would require a control mechanism that has knowledge of the site\'s external routing tables and can affect the destination addresses used by the site\'s hosts, which has also raised concerns about its potential complexity. The purpose of this BOF for the IAB is to solicit community feedback on the progress and direction of the IPv6 multi-homing work in the IETF, and to help the IAB determine if there is meaningful work that the IETF (and the IAB in particular) can do to address any problem(s) that may be perceived with the current direction. The BOF is IAB-sponsored, and is the first in a series held at the various NOGs (NANOG, RIPE, APRICOT, etc) in support of this effort. A possible outcome might be an IAB workshop on multi-homing in IPv6.
Files: pdfDave Meyer Presentation(PDF)
ramIAB IPv6 Multi-Homing BOF(RAM)
pdfJason Schiller Presentation(PDF)
Sponsors: None.
Won\'t Get.Fooled Again?
Meeting: NANOG35
Date / Time: 2005-10-25 9:00am - 9:30am
Room: Sierra BCD
Presenters: Speakers:
Geoff Huston, APNIC.
Abstract: This is a personal view of the next three to five years for the Internet industry, looking at the world from the perspective of the Carrier ISP. The presentation explores some of the common perceptions about value propositions for the industry and makes some predictions concerning future sustainable business models.
Files: ramNear-term Futures(RAM)
Sponsors: None.
BGP Filtering—Myths, Legends and Reality: Peer Filtering in the Modern Backbone
Meeting: NANOG35
Date / Time: 2005-10-25 9:30am - 10:00am
Room: Sierra BCD
Presenters: Speakers:

Jim Deleskie, Teleglobe

Jim DeLeskie is a Senior Network Engineer at Teleglobe. His core areas of responsibility are core routing, peering, security, and network architecture. Prior to joining Teleglobe, Jim held several positions in both the vendor and service provide space over the past 10 years, including time at Rogers Cable, Avici Systems, and internetMCI.

Tom Scholl, SBCIS

Tom Scholl is a senior network engineer at SBC Internet Services, IP Core NP&E - Design & Standards. He currently works on defining SBCIS routing protocol policies, network architecture of both the IP and FTTx networks. and testing router code and hardware. Previously, Tom worked at Ameritech and various other Chicago ISPs.

Todd Underwood, Renesys Corporation

Todd Underwood is in charge of operations and peering for Renesys. Before that he was CTO of Oso Grande, a New Mexico ISP. He has a background in systems engineering and security and has worked on a variety of systems architecture and scalability problems. Todd has presented work related to Internet routing dynamics and relationships at NANOG and various peering forums (LINX, S&D, NOTA).
Abstract: In this presentation, we examine facts and fiction of the filtering of peering sessions in the Internet core. Large networks have traditionally not filtered peering sessions, preferring instead to trust their peers to correctly filter all customer connections. Although several incidents have caused network operators to reexamine this approach, few have been willing to attempt to filter all peering sessions due to the perceived difficulty of building and deploying the necessary prefix filters. We present a novel technique for generating prefix filters in the absence of up-to-date IRR data, including an analysis of the accuracy that may be possible using the new technique. We also look at the operational impact and performance of using this technique on real-world infrastructures.
Files: ramBGP Filtering(RAM)
pdfJim DeLeskie Presentation(PDF)
Sponsors: None.
Should Internet Service Providers Fear Peer-Assisted Content?
Meeting: NANOG35
Date / Time: 2005-10-25 10:00am - 10:30am
Room: Sierra BCD
Presenters: Speakers:

Thomas Karagiannis, UC Riverside

Thomas Karagiannis is a Ph.D. Candidate in the Department of Computer Science at the University of California, Riverside. He received his B.S. from the Applied Informatics department at the University of Macedonia in Greece. He is currently an intern with Intel Research at Cambridge, UK. His research interests include Internet measurements and monitoring, analysis of Internet traffic dynamics, traffic classification, and peer-to-peer networks.
Pablo Rodriguez, Microsoft Research.
Konstantina Papagiannaki, Intel Research.
Abstract: Recently, peer-to-peer (P2P) networks have emerged as an attractive solution to enable large-scale content distribution without requiring major infrastructure investments. While such P2P solutions appear highly beneficial for content providers and end-users, there seems to be a growing concern among ISPs that now need to support the distribution cost. In this work, we explore the potential impact of future P2P file delivery mechanisms as seen from three different perspectives: i) the content provider, ii) the ISPs, and iii) individual content consumers. Using a diverse set of measurements, including BitTorrent tracker logs and full-payload packet traces collected at the edge of a 20,000 user access network, we quantify the impact of peer-assisted file delivery on end-user experience and resource consumption. We further compare it with the performance expected from traditional distribution mechanisms based on large server farms and Content Distribution Networks (CDNs). While existing P2P content distribution solutions may provide significant benefits for content providers and end-consumers in terms of cost and performance, our results demonstrate that they have an adverse impact on ISPs\' costs by shifting the associated capacity requirements from the content providers and CDNs to the ISP itself. Further, we highlight how simple \"locality-aware\" P2P delivery solutions can significantly alleviate the induced cost at the ISPs, while providing an overall performance that approximates that of a perfect world-wide caching infrastructure.
Files: ramPeer-Assisted Content(RAM)
pdfThomas Karagiannis - Peer-Assisted Content(PDF)
Sponsors: None.
Route/Flow Fusion—Making Traffic Measurement Useful
Meeting: NANOG35
Date / Time: 2005-10-25 11:00am - 11:30am
Room: Sierra BCD
Presenters: Speakers:

Van Jacobson, Packet Design

Van Jacobson did some networking stuff a long time ago. These days he spends most of his time chauffeuring a grumpy teenager & a loud seven year old. Occasionally he gives talks for people who are too busy doing real work to talk about it.
Haobo Yu, Packet Design.
Bruce Mah, Packet Design.
Abstract: An ISP\'s business revolves around traffic but traffic behavior is very difficult to extract from a network. SNMP MIB interface counters can give a link\'s loading but offer no clue as to why it\'s loaded. NetFlow collectors give a detailed source/destination breakdown of the traffic on a link but the data is so voluminous that it\'s difficult even to acquire, much less analyze, categorize and correlate across an entire topology. Although we have lots of traffic data, little useful information gets extracted from it. Route/flow data fusion—combining flow measurements (NetFlow, sflow, MPLS tunnel counters, sniffer traces, etc.) with IGP and BGP routing data—makes it possible to construct tools that show, in real time, where traffic is distributed across a topology. Unlike a simple traffic matrix, this analysis can show not only what are the ingress to egress loads but also how loaded are the intermediate links, who loaded them, and why. Route/flow fusion is scalable and doesn\'t require much effort to set up: since routing transforms a flow measurement made at a point to flow along an entire path, flows only need to be collected on customer and peering links. Since the meta information needed to classify and aggregate the flow data is already in the routing data (e.g., address-to-prefix mappings, prefix-to-AS, and prefix-to-community mappings) the tools can almost entirely self-configure. This talk will describe algorithms and give examples of how to fuse flow and routing data and how to analyze and visualize the results. Examples will use real flow and routing data from a large ISP and emphasize solving real operational, engineering and business problems.
Files: ramRoute/Flow Fusion(RAM)
pdfVan Jacobson Presentation(PDF)
Sponsors: None.
NetFlow-based Traffic Analysis Techniques for Peering Networks
Meeting: NANOG35
Date / Time: 2005-10-25 11:30am - 12:00pm
Room: Sierra BCD
Presenters: Speakers:

Richard Steenbergen, nLayer Communications

Richard Steenbergen is the Co-Founder of nLayer Communications, where he currently serves as Chief Technical Officer and devotes a significant amount of time to the strategic management of peering and transit relationships. Previously, he served as a Sr. Network Engineer for several large NSPs, and was the Sr. Software Engineer responsible for developing optimized routing technologies at netVmg, Inc.
Nathan Patrick, Sonic.net.
Abstract: For network operators engaged in peering, an accurate analysis of their traffic is essential for: <UL> <LI> Making determinations about potential new peering partners </LI> <LI> Convincing other networks to peer with you </LI> <LI> Traffic engineering to external networks </LI> <LI> Defending your network against depeering </LI> <LI> Making intelligent transit purchase decisions that support your peering strategies <BR><BR></LI> </UL> NetFlow can be a powerful tool for obtaining information about the traffic on your network, but existing tools are only equipped to provide information about the current path, or the final destination for the traffic. Because the vast majority of Internet routes are reachable through more than one AS path, a full understanding of the non-active but available paths is critical to making intelligent decisions about peering and transit purchasing strategies. However, because BGP obscures all but the best-path information, new techniques must be developed in order to analyze these alternate paths. This presentation aims to discuss some of these techniques, based on the practical experiences of network operators, as well as share concepts and examples for analysis which historically could only be accomplished through trial and error methods. <BR><BR> Some example uses include: <UL> <LI> Accurately determining the amount of traffic that would be exchanged with a potential new peer, as well as what other paths are available to that traffic. </LI> <LI> Convincing networks to peer with you, by being able to show them the missed business in traffic that is delivered via alternate paths. </LI> <LI> Finding alternate paths to the largest customers of networks who will not peer with you (\"Donut\" peering analysis). </LI> <LI> Analyzing the routing policies of existing or potentially new transit providers as it impacts your network\'s traffic, without actually having to purchase transit or shift traffic. <BR><BR></LI> </UL>
Files: ramNetFlow-based Traffic Analysis(RAM)
pdfRichard Steenbergen - NetFlow-based Traffic Analysis(PDF)
Sponsors: None.
Tutorial: Getting to Know ARIN
Meeting: NANOG35
Date / Time: 2005-10-25 1:30pm - 2:00pm
Room: Hiro Room
Presenters: Speakers:

Ray Plzak, ARIN

Ray Plzak, ARIN President and CEO, has been involved in Internet registry operations since 1991. Prior to assuming his duties with ARIN in 2000, he managed the DoD NIC. He has extensive experience in managing the allocation of Internet Number Resources; the administration of domain names (the .MIL domain); managing an Internet root server (g.rootserver.net); managing directory services such as WHOIS and IRR; and help desk operations. Ray is a past co-chair of the Domain Name System (DNS) Operation Working Group of the IETF and is the co-author/contributor of several RFCs. He is a member of the Advisory Committee of the Internet Society and Root Server System Advisory (RSSAC) and Security and Stability Advisory (SSAC) Committees of the Internet Corporation for Assigned Names and Numbers (ICANN).
Abstract: This informal tutorial is intended for those forming a new relationship with ARIN or new to ARIN meetings. The program provides answers to many questions concerning ARIN\'s purpose, structure, and activities. In addition, it offers tips on how to get the most from participation in ARIN community activities, such as attending ARIN Public Policy and Members Meetings and participating in ARIN\'s open, bottom-up policy process.
Files: None.
Sponsors: None.
Mitigating Superfluous Multicast Data Traffic and Control State
Meeting: NANOG35
Date / Time: 2005-10-25 2:00pm - 2:20pm
Room: Sierra BCD
Presenters: Speakers:

John Kristoff, Northwestern University

John Kristoff is a network engineer in the Telecommunications and Network Services division at Northwestern University. He is primarily interested in TCP/IP-based networks and in particular end-to-end issues, switching/routing, multicast, and network security.
Abstract: Hosts attached to multicast-enabled networks influence and alter multicast forwarding and group state in network devices such as LAN switches and IP routers. In addition, data packets to multicast destinations may be replicated throughout the internetwork, which results in unconventional workloads when viewed in comparison to unicast traffic patterns. Either through suboptimal configuration or malicious intent, excessive or unwanted multicast data traffic and control state can be detrimental to the operation of a network. This is especially apparent in typical network configurations where both multicast and unicast devices co-mingle, resulting in shared fate. This talk describes some of the currently available options that may help mitigate the superfluous traffic and state that often plague multicast-enabled networks.
Files: pdfJohn Kristoff Presentation(PDF)
ramMitigating Superfluous Multicast Data Traffic and Control State(RAM)
Sponsors: None.
Stager: Web-Based Statistics Displays
Meeting: NANOG35
Date / Time: 2005-10-25 2:20pm - 2:50pm
Room: Sierra BCD
Presenters: Speakers:

Arne Oslebo, Uninett

Arne Oslebo received an M.Sc. degree from the Norwegian University of Science and Technology (NTNU) in 1997. From 1997 to 2001 he worked as a research fellow at NTNU, where he studied network management. Arne started working for UNINETT, the Norwegian NREN, in 2001, where he focuses on network management and monitoring.
Abstract: Stager is a web-based application that can display most types of network statistics. It was originally designed for displaying NetFlow-based reports, but its generic and modular design made it easy to add support for other types of statistics. The current version supports NetFlow, SNMP, and round trip measurements. Each backend collects the raw data, processes it, and inserts reports into a database. For NetFlow data, typical reports can be the most commonly used IP protocols, the most commonly used transport layer source port, etc. It is a high-performance application that supports large networks and large databases. The current installation at UNINETT collects NetFlow data from 24 routers with 215 interfaces. At peak hours there are more than 100 new entries in the database every second and the largest tables have more than 300 million entries. The software is released under the GNU General Public Licence and is becoming quite popular with a large user base. Currently more than 100 people have signed up on the public mailing list, and there have been several reports of successful installations. This presentation will be divided into two parts. First a general overview of Stager, its features and design will be given. After that there will be a live demonstration of the software showing the capabilities and limitations. The slides contain several screen shots of Stager and are meant for people who view the presentation without being able to see the live demonstration.
Files: pdfArne Oslebo Presentation(PDF)
ramStager: Web-Based Statistics Displays(RAM)
Sponsors: None.
D(3)peered: Just the Facts Ma\'am
Meeting: NANOG35
Date / Time: 2005-10-25 2:50pm - 3:05pm
Room: Sierra BCD
Presenters: Speakers:
Alin Popescu, Renesys Corporation.
Todd Underwood, Renesys Corporation.
Abstract: Recent depeerings by Level (3) (AS3356) of XO (AS2828) and Cogent (AS174) have captured the attention of the network operations community, due to the resulting partitioning of major Internet backbones. The depeerings have also captured the attention of the mainstream press and politicians. Very little of the public commentary, however, has been based on facts regarding the routing. Using a large, globally distributed peerset, we look specifically at the Cogent depeering. We characterize the weight of the 3356_174 edge (in both directions) in terms of prefixes announced and prefixes commonly selected, the single-homed downstreams of each, and try to describe the actual impact of the depeering on Internet accessibility for customers of both networks.
Files: ramD(3)peered: Just the Facts Ma'am(RAM)
pdfTodd Underwood Presentation(PDF)
Sponsors: None.
Research Forum: Dynamic AS Renumbering—Research & Results on New BGP Mechanisms
Meeting: NANOG35
Date / Time: 2005-10-25 3:35pm - 4:20pm
Room: Sierra BCD
Presenters: Speakers:

Sue Hares, NextHop

Sue Hares is the founder and CTO of NextHop Technologies. Prior to launching NextHop, Sue spent 13 years at Merit Network, where she directed the GateD Consortium. An active participant in the design, specification, and implementation of routing protocols, Sue co-chairs the IETF IDR Working Group. She holds a B.S. in Computer Engineering from the University of Michigan.
Patrick Bose, Lockheed Martin.
Abstract: This research paper examines initial experimental results for BGP mechanisms for dynamically changing BGP AS numbers without dropping the AS connection. The mechanisms proposed have two flavors: Non-Confederation (draft-hares-bose-dynamic_as-02.txt) and confederation-specific (draft-hares-confed-edge-AS-02.txt). The talk will review the real work problems this mechanism tries to solve, the BGP mechanisms, and the experimental results. The initial tests look at small, medium and large numbers of BGP peers into one peer using Dynamic AS. The peers attached to a Dynamic AS renumbering peer are both IBGP and EBGP and IPv4 and IPv6 pathways. The initial tests use both Internet route mixtures and generated routes (LAN routes).
Files: None.
Sponsors: None.
Geographic Locality of IP Prefixes
Meeting: NANOG35
Date / Time: 2005-10-25 3:35pm - 4:20pm
Room: Sierra BCD
Presenters: Speakers:
Mike Freedman, NYU.
Mythili Vutukuru, MIT.

Nick Feamster, MIT

Nick Feamster will join the College of Computing at Georgia Tech as an assistant professor in January 2006. He plans to receive his Ph.D. in computer science from MIT in 2005. He received his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively. His research focuses on many aspects of computer networking and networked systems, including the design, measurement, and analysis of network routing protocols, network security, anonymous communication systems, and adaptive streaming media protocols. His honors include award papers at the NSDI 2005 conference (fault detection in router configuration), Usenix Security 2002 (circumventing web censorship using Infranet), and Usenix Security 2001 (web cookie analysis).
Hari Balakrishnan, MIT.
Abstract: Information about the geographic locality of IP prefixes can be useful for understanding the issues related to IP address allocation, aggregation, and BGP routing table growth. In this study, we use traceroute data and geographic mappings of IP addresses to study the geographic properties of IP prefixes and their implications on Internet routing. We find that (1) IP prefixes may be too coarse-grained for expressing routing policies, (2) address allocation policies and the granularity of routing contribute significantly to routing table size, and (3) not considering the geographic diversity of contiguous prefixes may result in overestimating the opportunities for aggregation in the BGP routing table. The complete paper is available at <A HREF=\"http://nms.lcs.mit.edu/~feamster/papers/imc05.pdf\">http://nms.lcs.mit.edu/~feamster/papers/imc05.pdf</A>
Files: ramGeographic Locality of IP Prefixes(RAM)
pdfNick Feamster Presentation(PDF)
Sponsors: None.
Mining Anomalies in Network-Wide Flow Data
Meeting: NANOG35
Date / Time: 2005-10-25 3:35pm - 4:20pm
Room: Sierra BCD
Presenters: Speakers:

Anukool Lakhina, Boston University

Anukool Lakhina is a Ph.D. candidate at Boston University, where he is advised by Prof. Mark Crovella. Anukool spent four months at Sprint Labs, where he worked on problems faced by network operators. His Ph.D. dissertation was inspired by these problems, and develops methods for analyzing network-wide traffic in order to detect unusual network events, such as attacks, scans, shifts in traffic, outages, etc. Anukool intends to graduate in dall 2005.
Mark Crovella, Boston University.
Christophe Diot, Thomson Paris Research.
Abstract: Network operators are routinely confronted with a wide range of anomalies—ranging from abuse-related events (DOS attacks, worms, scans) to maintainance issues (outages, misconfigurations, etc.) to unusual customer behavior (flash crowds, shift in customer demands, etc.). To mitigate their effect, operators need to mine network-wide data for anomalies as they occur, and once detected, classify them in order to select the appropriate response. In this talk, we will present techniques to detect and classify anomalies in network-wide flow traffic data. We will then apply our methods on data collected from two backbone networks, and show that they can: 1) detect a broad set of anomalies, at a low false alarm rate, and 2) automatically classify anomalies into meaningful categories.
Files: pptAnukool Lakhina Presentation(PPT)
ramMining Anomalies in Network-Wide Flow Data(RAM)
Sponsors: None.
Routers with Small Buffers
Meeting: NANOG35
Date / Time: 2005-10-25 4:20pm - 4:50pm
Room: Sierra BCD
Presenters: Speakers:

Yashar Ganjali, Stanford University

Yashar Ganjali is with the High Performance Networking Group at Stanford University, where he is working toward his Ph.D. degree. He received a B.Sc. in Computer Engineering from Sharif University of Technology, Tehran, Iran, in 1999, and an M.Sc. in Computer Science from the University of Waterloo, Waterloo, Canada, in 2001. He is currently involved with the buffer sizing project: its goal is to determine the impact of reducing the buffer size in core routers from millions of packets to just tens of packets, and thus exploring the possibility of building all-optical networks. His other research interests include analysis and design of high performance switches, scheduling algorithms, congestion control, routing protocols, and network optimization.
Guido Appenzeller, Stanford University.
Ashish Goel, Stanford University.
Tim Roughgarden, Stanford University.
Nick McKeown, Stanford University.
Abstract: Internet routers require buffers to hold packets during times of congestion. The buffers need to be fast, and so ideally they should be small enough to use fast memory technologies such as SRAM or all-optical buffering. Unfortunately, a widely used rule-of-thumb says we need a bandwidth-delay product of buffering at each router so as not to lose link utilization. This can be prohibitively large. In a recent paper, Appenzeller et al. challenged this rule-of-thumb and showed that for a backbone network, the buffer size can be divided by \\sqrt(N) without sacrificing throughput, where N is the number of flows sharing the bottleneck. In this work, we first provide some experimental validation (using data gathered from the Level3 Communications backbone) for the reduced buffer size result. Then, we explore how buffers in the backbone can be significantly reduced even more, to as little as a few dozen packets, if we are willing to sacrifice a small amount of link capacity. We argue that if the TCP sources are not overly bursty, then fewer than twenty packet buffers are sufficient for high throughput. Specifically, we argue that O(\\log W) buffers are sufficient, where W is the window size of each flow. We support our claim with analysis and a variety of simulations. The change we need to make to TCP is minimal—each sender just needs to pace packet injections from its window. Moreover, there is some evidence that such small buffers are sufficient even if we don\'t modify the TCP sources, so long as the access network is much slower than the backbone, which is true today and likely to remain true in the future. We conclude that buffers can be made small enough for all-optical routers with small integrated optical buffers. For details, see the SIGCOMM 2004 paper at <A HREF=\"http://tiny-tera.stanford.edu/~nickm/papers/sigcomm2004.pdf\">http://tiny-tera.stanford.edu/~nickm/papers/sigcomm2004.pdf</A> and the ACM/Sigcomm CCR paper at <A HREF=\"http://yuba.stanford.edu/~yganjali/research/publications/Small-Buffers-CCR05.pdf\">http://yuba.stanford.edu/~yganjali/research/publications/Small-Buffers-CCR05.pdf</A>
Files: ramRouters with Small Buffers(RAM)
pptYashar Ganjali Presentation(PPT)
Sponsors: None.

Return to NANOG35 agenda.

NANOG 35 Abstracts

  • BGP Data Analysis
    Speakers:
    Mohit LadUCLA; .
    Lixia ZhangUCLA; .
    Yiguo WuUCLA; .
    Nick FeamsterMIT; .
    Dan MasseyColorado State University; .
    Manish KarirMerit Network; .
  • BGP Data Analysis
    Speakers:
    Mohit LadUCLA; .
    Lixia ZhangUCLA; .
    Yiguo WuUCLA; .
    Nick FeamsterMIT; .
    Dan MasseyColorado State University; .
    Manish KarirMerit Network; .
  • BGP Data Analysis
    Speakers:
    Mohit LadUCLA; .
    Lixia ZhangUCLA; .
    Yiguo WuUCLA; .
    Nick FeamsterMIT; .
    Dan MasseyColorado State University; .
    Manish KarirMerit Network; .
  • BGP Data Analysis
    Speakers:
    Mohit LadUCLA; .
    Lixia ZhangUCLA; .
    Yiguo WuUCLA; .
    Nick FeamsterMIT; .
    Dan MasseyColorado State University; .
    Manish KarirMerit Network; .
  • BGP Data Analysis
    Speakers:
    Mohit LadUCLA; .
    Lixia ZhangUCLA; .
    Yiguo WuUCLA; .
    Nick FeamsterMIT; .
    Dan MasseyColorado State University; .
    Manish KarirMerit Network; .
  • BGP Data Analysis
    Speakers:
    Mohit LadUCLA; .
    Lixia ZhangUCLA; .
    Yiguo WuUCLA; .
    Nick FeamsterMIT; .
    Dan MasseyColorado State University; .
    Manish KarirMerit Network; .
  • Routers with Small Buffers
    Speakers:
    Yashar Ganjali, Stanford University; Guido AppenzellerStanford University; .
    Ashish GoelStanford University; .
    Tim RoughgardenStanford University; .
    Nick McKeownStanford University; .
  • Routers with Small Buffers
    Speakers:
    Yashar Ganjali, Stanford University; Guido AppenzellerStanford University; .
    Ashish GoelStanford University; .
    Tim RoughgardenStanford University; .
    Nick McKeownStanford University; .
  • Routers with Small Buffers
    Speakers:
    Yashar Ganjali, Stanford University; Guido AppenzellerStanford University; .
    Ashish GoelStanford University; .
    Tim RoughgardenStanford University; .
    Nick McKeownStanford University; .
  • Routers with Small Buffers
    Speakers:
    Yashar Ganjali, Stanford University; Guido AppenzellerStanford University; .
    Ashish GoelStanford University; .
    Tim RoughgardenStanford University; .
    Nick McKeownStanford University; .
  • Routers with Small Buffers
    Speakers:
    Yashar Ganjali, Stanford University; Guido AppenzellerStanford University; .
    Ashish GoelStanford University; .
    Tim RoughgardenStanford University; .
    Nick McKeownStanford University; .

 
^ Back to Top