Sunday, February 4, 2007
Topic/Presenter |
---|
Full AbstractWelcome! If you're new to NANOG, or if you're an experienced attendee and just feel like hanging out, this orientation session and reception are for you. Join us to meet other newcomers as well as members of the NANOG Steering Committee, Program Committee, and List-admin team. We'll demystify the goings-on at NANOG, and also tell you a bit about the birth of the organization way back in the mists of time. Opening Remarks and Welcome - Steve Feldman, CNET NANOG History - Bill Norton, Equinix Merit Overview - Betty Burke, Merit Network Inc. Speakers |
RecordingsFull AbstractSpeakers |
Full AbstractKnowledge of the amount of traffic between source and destination pairs of a network is crucial to fundamental operational tasks such as capacity planning, traffic engineering, and peering management. Router vendors, third parties, academic researchers, and ingenious network engineers have devised multiple ways of collecting and estimating traffic matrices. This session presents an overview of applications of traffic matrices and operational experiences with the various approaches, including NetFlow-based methods, mathematical estimation models, and MPLS (both RSVP and LDP) methods. Emphasis will be on practical experiences with each method. The tutorial has been slightly revised since previous versions. There will be less focus on NetFlow (only new advances will be covered), a more detailed description of how to build a traffic matrix from MPLS LDP counters, more coverage of measuring/estimating peering traffic (external in addition to internal traffic matrix). There will also be a discussion of the combination of traffic data with routing information. Speakers |
Full AbstractSecurity incidents are a daily event for Internet Service Providers. Attacks on an ISP's customers, attacks from an ISP's customer, worms, BOTNETs, and attacks on the ISP's infrastructure are now one of many "security" NOC tickets throughout the day. This increase in the volume and intensity of attacks has forced ISP's to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation. Hence, these ISP Security BOFs are also used as a face-to-face sync up meeting for the NSP-SEC forum (see https://puck.nether.net/mailman/listinfo/nsp-security) Speakers |
Monday, February 5, 2007
Topic/Presenter |
---|
Full AbstractThis tutorial aims to cover the uses of NetFlow to monitor an SP' infrastructure, from the export, router-wise, to the collect and analysis, from a security perspective. While there is certainly a great deal of papers on the subject, there is room - and need, or so I hope - for a comprehensive coverage of NetFlow from theory to practical operations. The questions regularly popping-up in the operators' forums about NetFlow uses, as well as the lack of visibility most operators have regarding attacks against their infrastructure may be good testimonials to support such a tutorial. Speakers |
Full AbstractI'm trying to put together a BOF to be held during the NAOG 39 meeting (Feb 4-7), that looks at when current router/switch architectures run out of TCAM or SRAM on the line-cards (depending on flavor) to hold the fib, and potentially what's being done about it. Part of the whole global routing scalability problem that's been fodder for a couple NANOG meeting now hinges on having the data you need in the fib. Comparatively buying more ram for or scaling your rp is a problem, but not immediately an intractable one by comparison. I'm aiming to do this as a BOF rather than as part of the main program in the hope that vendors will be more free to talk specifically about their own products in a way that is not always appreciated in the main meeting, Feedback has been positive on this approach from the Program Committee... I would expect that this topic would have a significant audience with the NANOG crowd. If I've reached the wrong person in your organization can you please help me find someone who might be interested because I think this topic has serious implications for operators and will probably shape purchasing decisions among other things over the coming year. Currently I've solicited a couple router/switch vendors and a few (two) have already gotten back to me. I intend to also solicit presentations from the operator community, because I know for a fact that people are doing interesting things when confronted with this problem. A large regional ISP that I know in a non-principally-english speaking country is continuing to buy routers with 200k fib entries for example and counting on aggressive filtering and a potentially dramatically incomplete view of the internet to be sufficient. Speakers |
Full AbstractThis tutorial gives an overview of how IP multicast and (MPLS) multipoint technologies can be used in IPTV solutions and beyond. The presentation first sumamrizes such solutions and the resulting strategies to consider when deploying multipoint technologies. It then continues to present an architectural overview highlighting key functions of multipoint IPTV solution. In the remainder of the session those key functions are reviewed SSM, native IP multicast vs. mLDP and RSVP-TE/P2MP tree building, resiliency for multipoint (convergence, fast reroute, dualstream), Path selection for cost optimization, admission control and channel change issues and solutions. Speakers |
Full AbstractArbor Networks |
RecordingsFull AbstractSpeakers |
Full AbstractA succession of major earthquakes in the Luzon Strait on December 26, 2006 caused 7 out of 8 undersea ring-protected subsea cable systems to fail, interrupting the majority of voice, data and Internet communications in Southeast Asia. The physical subsea routes required to build an Internet backbone from the USA to Southeast Asia are depicted. Natural catastrophes remind service providers that physical route diversity planning over multiple subsea cable assets laid in close proximity (Luzon Strait) might not be enough. The severity of damages is shown and the adversity of cable repair conditions and timeline explained. The current growth of Internet traffic within the Asia Pacific region is creating economic incentives to build future cables on a westward route to Europe thus reducing dependency on the Luzon strait route. Speakers |
Full AbstractSix large quakes hit Taiwan in rapid succession on Dec 26, 2006. As a result, at least six major cables were severed causing major disruption to Internet routing. Using internet routing data from 150+ sessions, we look at the effects of these events on routing. We look at instability and outages both, and find that over 19K networks were impacted by the event, including, at peak level, almost 4k networks unreachable. We find that the event is more complicated, and more interesting, than some previous disasters because of the compound nature of the underlying failure (six cables). In particular, the onset of the event is less clearly tied to the timing of the quakes, and the recovery is more complicated as well. Finally, we look at the winners and the losers in the event, from an autonomous system perspective and from a country perspective. Speakers Todd Underwood, Renesys Corporation Earl Zmijewski, Renesys Corporation |
RecordingsFull AbstractSince the controversy over "stateless anycast" refuses to go away--even if it's kept alive mostly by one person--we thought it would be interesting to reexamine some of the data we presented two years at NANOG in our "Life and Times of J Root" paper. In particular, we will again look at all anycast instances of J root to see which source IP addresses show up at multiple locations and how often. We will perform additional analysis to attempt to explain the results, whatever they may be. We will also reexamine the question we considered two years ago, "Who is querying j.root-servers.net's old IP address and why?", to see if the nature of the queriers has changed. Speakers |
Full AbstractOne of the current impediments in advancing the state of the art in Internet security research is the lack of scalable network tracing platform available to researchers. Given the complexity of today's attacks, packet-level tracing tools are inadequate; instead, today's tracing platforms must reconstruct traffic into application state and inspect it for suspicious or deviant behavior. Unfortunately, no such open-source network tracing software is available to researchers. In our project, we are building a highly scalable, open-source network tracing platform that offers adequate privacy and anonymity guarantees to the users whose traffic is monitored. Our tracing infrastructure is reconstructing traffic across several layers, from network to the application layer. We reassemble IP fragments into IP packets, TCP segments into TCP conections, and TCP connections into HTTP transactions. To protect users' anonymity, our platform does not store any unanonymized data in stable storage. Instead, all work (including capturing and reassembly) is done in volatile memory at line speeds. In our presentation at NANOG, we focus on the privacy requirements for tracing the network traffic of a large Internet user population. We start by describing a list of attacks possible when collecting application-level information by network tracing. We argue that the only way to mitigate the privacy implications of all these attacks is to never store any un-anonymized data to stable storage when tracing. We then present a high-level overview of our open-source network tracing infrastructure. Our goal is to get the NANOG's community feedback on our anonymization and privacy protocol as well as their input in the design of our monitoring platform. Speakers |
RecordingsFull AbstractA recent statement by AT\&T CEO Ed Whitacre sparked considerable fear in the public that the Internet may not be open any more: the ISPs dictate which sites/applications flourish and which flounder. The statement triggered the heated debate on net neutrality and ignited the battle to enact net neutrality legislation. However, by the date of writing, all attempts to pass net neutrality laws have failed. This paper states our proposition on net neutrality: ISPs should not be able to discriminate against packets based on contents, application types, or packet sources or destinations that are not their own customers; but they are eligible to offer differentiated services to their customers. We present a technical design that aims to achieve this definition of net neutrality. Our design prevents an ISP from deterministically harming an application, a competing service, or singling out an individual innovator for extortion. Speakers |
Full AbstractMany studies show that when Internet links go up or down, the dynamics of BGP may cause several minutes of packet loss. The loss occurs even when multiple paths between the sender and receiver domains exist, and is unwarranted given the high connectivity of the Internet. Instead, we would like to ensure that Internet domains stay connected as long as the underlying network is connected. We present R-BGP, which ensures continuous path availability with minimal overhead by pre-computing a few strategically chosen failover paths. R-BGP provably guarantees that a domain will not experience any disconnectivity if a policy-compliant path exists after convergence. Surprisingly, this can be done using a few simple and practical modifications to BGP, and, just like BGP, requires announcing only one path per neighbor. Simulations using the current Internet graph show that R-BGP reduces the number of domains transiently disconnected by a down link, from 15% to zero. Speakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
|
Full AbstractPeering BOF Agenda Once again we will gather in the round to discuss and debate issues of relevance to the peering community. Peering vs. transit, peering contact information, capacity planning, transit purchase terms, international peering, and a historical view are all on the agenda during this double-slot NANOG Peering BOF session. Transit Survey - Dan Golding - Tier 1 Research - 10 minutes As an alternative to peering, it is helpful for the community to get a rough idea of the current market price for transit. As prices of transit drop, does it still make sense to peer away some of that traffic at the cost of transport and peering infrastructure? Dan has formatted a survey and has agreed to share the results with the group at the next Peering BOF. PeeringDB.com - TBD - 5 minutes The community resource peeringdb.com is a repository for peering contact information to aid in establishing and maintaining peering relationships. Of course, a database of this kind is only as valuable as its information is valid, and contact information becomes stale very quickly. So rather than having each IX host this contact information on their web site, and track or allow it to get out of date, peeringdb.com provides a single location for hosting this out of date information. This talk will provide an overview and walk through of the utility of the information. 100G ethernet status update -- Greg Hankins - Force 10 Networks - 10 minutes As the next wave of Internet Video traffic enters the US Peering Ecosystem, it is critical to plan for the scaling of the underlying infrastructure. Current backbones consist of bundles of 10G transport links which are quickly growing to unmanageable levels. The AMS-IX is saying that 2009 is far too late for 100G to help with the growth of its switching fabric. The IEEE is exploring specifications for 100G ethernet, so this talk will describe the progress to date and project the date of delivery. Open Peering is Dumb Discussion/Debate - 30 minutes This controversial title highlights a couple schools of thought in this community. The term "Open" peer refers to a company that will peer unconditionally with anyone who asks. The term "Selective" peer refers to a company that will peer but only with some prerequisites satisfied (multi-location peering, traffic volume minimum, out:in ratio maximum, etc.) This discussion/debate will explore the divide between these two philosophies. Transit Purchase Parameter Rationality Discussion. Denver Maddux - LimeLight Networks - 20 minutes Transit terms are rife with variables including commits, caps, reverse tiered burst pricing, etc. that some content heavy customers find onerous and problematic. The plea from one customer is to remove these terms and conditions from transit, and Denver will highlight what several of these terms signal to the marketplace. Of course, there are two sides to this discussion/debate, as transit providers need to manage their own backbone bandwidth, commits, ratios, 95th percentile tricks, etc. International Peering Experiences - Sylvie LaPerrière - VSNL - 20 minutes Even through the integration of TeleGlobe into VSNL over the past year, there has been great progress made expanding peering infrastructure into and throughout Asia. Sylvie will share with the group some of the challenges, surprises, trade offs, and observations from this recent experience. A view of Peering from Past to Present - facilitated by Chris Quesada (Switch & Data) -- 45 minutes The purpose of this mini-session is to bring together a panel of past and present peering coordinators to share their experiences in peering. Speakers will share their experiences on the following topics; Changes in Peering Geography, Challenges peering presents, and the Politics of Peering. The topics will be address from both sides to show both past and present perspectives and perhaps lend creditability to old adage of "history repeating it self". Anybody who has ever wondered what it was like to peer in the "Good Ole Days" or just wants to hear how they do it now will be most welcome to attend. -- Panelists: TBD Peering Personals - ALL In the remaining time, we will open the floor to the peering coordinators to introduce themselves, their AS#, their peering policy, peering locations, what they look for in a peer, and why companies should want to peer with them. Details such as transit volumes, traffic ratios, email address, etc. may also be shared. As we break for the evening, peering coordinators use this opportunity to meet interesting peers and hopefully establish additional peering sessions. Speakers Christopher Quesada, Switch & Data. |
Full AbstractThis tutorial covers common problems ISPs have when deploying BGP within their network. It looks at problems with peer establishment, missing routes, inconsistent route selection, and convergence issues. It also looks at real world examples of common errors which are made when deploying BGP, both as iBGP and eBGP, in service provider networks. Speakers |
Full AbstractThis BOF is intended to be for those who either run an IPv6 network or are interested in doing so. It is NOT intended to be a place to argue the pros or cons of IPv6. Various issues to do with operating an IPv6 network will be discussed, including; transition methods, peering, tunnelling, filtering, support, network capacity and future issues. Speakers |
Tuesday, February 6, 2007
Topic/Presenter |
---|
Full AbstractSpeakers |
RecordingsFull AbstractThe purpose of this BOF is the demystification of NANOG hosting. Commonly thought to be a tremendously expensive and soul-destroying exercise, hosting a NANOG meeting can actually be a relatively affordable and effective way to spend your company's marketing budget, to say nothing of the money you can save in travel expenses by having your staff attend a local meeting instead of one far away. Previous meeting hosts will be available to share their experience, and Merit staff will also be on-hand to provide advice and commentary on requirements and logistics. Anybody who has ever wondered what it would take to host a NANOG meeting is most welcome to attend. Speakers |
Full AbstractSpeakers |
Full AbstractWith the rise in consumer demand for video over the internet bandwidth usage will continue to climb significantly faster than subscriber counts. Should we be concerned with this or will capacity keep up with demand? Is it possible that a single event could cause significant issues for a large percentage of our audience? Speakers |
Full AbstractThe Regional Registries commenced allocation of 4-Byte AS numbers as of 1 January 2007. What are the implications of this for the existing 2-Byte AS BGP deployed base? What needs to change in the 2-Byte world and what stays the same? This presentation describes the transition mechanisms for 4-Byte AS numbers and the implications of this to the 2-Byte BGP world, both in terms of BGP configuration and the ISP's Operational Support Systems. Speakers |
RecordingsFull AbstractThis talk will consist of two parts: * A summary of the policy changes made in proposal 2005-12 (in the RIPE Region and similar in the ARIN region) and the consequences it has when applying for an ASN. * An overview of changes we have to make at the RIPE NCC in order to be able to handle 32-bit ASNs. This includes changes to our general infrastructure, documentation and supporting systems. The talk will give operators an idea of the work involved and, hopefully, trigger thought about how to approach this now, rather than wait until January 2009 when requests for an ASN will return a 32-bit number. This talk will be roughly based on what I said at RIPE 53 with the main difference being that the RIPE 53 talk was about a project that just started with lots of unknowns, while this talk is about a project that will be (almost) finished and where we hit (and hopefully) solved all the issues one encounters when implementing plans. Speakers |
RecordingsFull AbstractSpeakers |
Full AbstractTo maintain high availability in the face of changing network conditions, network operators must quickly detect, identify, and react to events that cause network disruptions. One way to accomplish this goal is to monitor routing dynamics, by analyzing routing update streams collected from routers. Existing monitoring approaches typically treat streams of routing updates from different routers as independent signals, and report only the ``loud'' events (i.e., events that involve large volume of routing messages). In this paper, we examine BGP routing data from all routers in the Abilene backbone for six months and correlate them with a catalog of all known disruptions to its nodes and links. We find that many important events are not loud enough to be detected from a single stream. Instead, they become detectable only when multiple BGP update streams are simultaneously examined. This is because routing updates exhibit network-wide dependencies. This paper proposes using network-wide analysis of routing information to diagnose (i.e., detect and identify) network disruptions. To detect network disruptions, we apply a multivariate analysis technique on dynamic routing information, (\ie, update traffic from all the Abilene routers) and find that this technique can detect every reported disruption to nodes and links within the network with a low rate of false alarms. To identify the type of disruption, we jointly analyze both the network-wide static configuration and details in the dynamic routing updates; we find that our method can correctly explain the scenario that caused the disruption. Although much work remains to make network-wide analysis of routing data operationally practical, our results illustrate the importance and potential of such an approach. Speakers Yiyi Huang, Georgia Tech University |
RecordingsFull AbstractSpeakers |
Wednesday, February 7, 2007
Topic/Presenter |
---|
|
RecordingsFull AbstractNetwork infrastructure case study, recently presented to a research-focused audience (CANS 2006, Chicago, 8-Dec-06). Goals of the project included proof of concept for international facilitation of any-to-any connectivity without direct connection of layer-2 switching devices, encounters with shared and private VLANs intersite, in-region, across multiple states and more. Speakers |
RecordingsFull AbstractAn overview of past scaling hurdles at AMS-IX (the Amsterdam Internet Exchange, a layer-2 platform interconnecting hundreds of ISPs, webhosters, content providers and other parties) and upcoming performance walls to scale. Speakers |
Full AbstractSpeakers |
Full AbstractSpeakers |
Full AbstractSpeakers |
Full AbstractSpeakers |
|
RecordingsFull AbstractsFlow is a standards based protocol for exporting flow information from routers and switches, for the purposes of external analysis. This presentation addresses some of the advantages of sFlow over various versions of competing protocols like NetFlow, and provides working code for a very efficient C library to parse sFlow messages. Speakers |
Full AbstractBidirectional Forwarding Detection (BFD) is becoming a must deploy feature for fast failure detection not only in internet access solutions but even more in hosted VPN services. BFD is for detecting faults in the bidirectional path between two forwarding engines with very low latency. This presentation will cover the motivations behind BFD, similar technologies, and the problems that BFD is supposed to solve (and not solve). Additionally, the application of BFD to various topologies (shared, point to point, sub-interfaces) and technologies (eg, Gracefull-restart) will also be covered. Speakers |
RecordingsFull AbstractDiscussing operational issues arising from architectural decisions made in an MPLS-TE enabled network. Speakers |
RecordingsFull AbstractSpeakers |