Saturday, October 11, 2008
Topic/Presenter |
---|
Full AbstractThis presentation will be useful to network operators and technical decision makers who are embarking upon building segments of their network to superbly run voice products, or want to better support voice customers. Speakers |
Full AbstractThe tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The tutorial then looks at deployment techniques, including aggregation, announcing and receiving prefixes, pressure points on the routing system, and some of the newer features available. Speakers |
Sunday, October 12, 2008
Topic/Presenter |
---|
Full AbstractThe tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The tutorial then looks at deployment techniques, including aggregation, announcing and receiving prefixes, pressure points on the routing system, and some of the newer features available. Speakers |
Full AbstractRecent Events, DNSSEC Tools, Analysis Speakers |
Full AbstractProvides a thorough understanding of the end-to-end protocol, mechanics and service elements of IP multicast technologies used in IPTV networks. Transit transport design options will be presented. Source and network resiliency will be discussed along with path selection, admission control and channel changing Speakers |
RecordingsFull AbstractSpeakers |
Full AbstractSwitch |
Full AbstractThe Locator/ID Separation Protocol (LISP) is designed to ease the route scaling problem for both IPv4 and IPv6. This talk describes early practice and experiences deploying LISP on the operational Internet, and describes three independent implementations. It also describes practice and experience with the interworking techniques described in draft-lewis-lisp-interworking-00.txt. The base LISP spec can be found in draft-farinacci-lisp-07.txt, and the LISP control plane spec can be found in draft-fuller-lisp-alt-02.txt. Speakers |
Full AbstractAn update on recent developments in the IEEE P802.3ba Task Force that is developing the 40 GbE and 100 GbE standards Speakers |
RecordingsFull AbstractThe point of this survey is to gather useful data to help discover trends or common issues that we can all spend our time focusing on. Speakers |
Full AbstractThe Internet was designed in the era when data calls were terminal to computer with one flow each way per person, and a long history of voice calls with one flow per person. Thus it should be no surprise that TCP and the Internet equipment were designed such that when congestion occurred, the result was “equal capacity per flow”. This results from large flows losing more packets than small flows when a queue overflows, which tends to equalize the rates. It was satisfying because this made users equal. Speakers |
Monday, October 13, 2008
Topic/Presenter |
---|
Full AbstractUsing structured metadata, we discuss automatic configuration generation, problems encountered, and auditing of a somewhat large global network Speakers |
Full AbstractWes Hardaker-Lead Developer DNSSEC-Tools package Speakers |
Full Abstract16:30 - 17:00: An interim solution to the threat of DNS cache poisoning while waiting for DNSSEC. -- Rodney Joffe Speakers |
RecordingsFull AbstractThis tutorial will provide an overview of IPv6 routing concepts and provide examples of IPv6 configurations for routers using Cisco and Juniper CLI. There will be a question and answer period at the end of the tutorial for specific technical questions related to deploying IPv6 on existing networks. Speakers Philip Smith, Cisco Systems |
Full AbstractAlcatel-Lucent |
Full AbstractNewcomer's Breakfast Speakers |
RecordingsFull AbstractSpeakers |
Full AbstractCRG West |
RecordingsFull AbstractSpeakers |
Full AbstractRecent concern over the impending exhaustion IPv4 allocations has re-energized interest in the status of IPv6 deployment in the Internet. While previous studies have explored rates of IPv6 registry allocations or BGP statistics, little data exists on the overall level of IPv6 traffic. Speakers Danny McPherson, Arbor Networks Haakon Ringberg, Princeton University |
|
Tuesday, October 14, 2008
Topic/Presenter |
---|
Full AbstractMany Service Providers are migrating to a converged infrastructure capable of offering multiple services including Residential Triple Play and Business VPN Applications. While this reduces infrastructure costs, ensuring service quality and security becomes more complex. Proactive network monitoring using standards based protocols can be used to study traffic patterns, identify top talkers, monitor service quality, and detect anomalies in such networks. The presentation provides solutions for monitoring residential services like video, voice and HSIA, and business services like Layer 2/Layer 3 VPNS. Speakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
|
Full AbstractWidespread use of "Trust-on-first-use" (tofu) host authentication, most commonly associated with protocols like SSH and SSL with self-signed certificates, demonstrates significant demand for a host authentication mechanism that is low-cost and easy to deploy. While tofu applications are a clear improvement compared to completely insecure protocols, they can leave users vulnerable to even simple network attacks. Our system, Perspectives, thwarts such attacks using a network overlay that observes a server’s public key via multiple network vantage points (detecting localized attacks) and keeps a record of the server’s key over time (recognizing short-lived attacks). Clients that receive an unauthenticated key can contact this overlay and check the key against these records, detecting many common attacks. The Perspectives design explores a promising part of the host authentication design space: tofu applications gain significant attack robustness while retaining the basic ease-of-use that makes "Trust-on-first-use" so popular. We present a full network overlay and client design, analyze the security provided by the system, and describe our experience building and deploying a publicly available implementation. Speakers |
|
Full AbstractIn this paper, we introduce a novel approach for profiling and classifying endpoints, i.e., IP addresses. We implement and deploy a Google-based profiling tool, which accurately characterizes endpoint behavior by collecting and strategically combining information freely available on the web. Our 'unconstrained endpoint profiling' approach shows remarkable advances in the following scenarios: (i) Even when no packet traces are available, it can accurately predict application and protocol usage trends at arbitrary networks; (ii) When network traces are available, it dramatically outperforms state-of-the-art classification tools; (iii) When sampled flow-level traces are available, it retains high classification capabilities when other schemes literally fall apart. Using this approach, we perform unconstrained endpoint profiling at a global scale: for clients in four different world regions (Asia, South and North America and Europe). We provide the first-of-its kind endpoint analysis which reveals fascinating similarities and differences among these regions. Speakers Ionut Trestian, Northwestern University |
Full AbstractSpeakers |
|
Full AbstractSpeakers |
|
Full AbstractSpeakers |
|
Full AbstractAlcatel-Lucent |
Full AbstractThis presentation will include: Speakers |
RecordingsFull AbstractIn order to provide a technology demonstration, IANA has prepared a secure, trustable, and accountable DNSSEC signing infrastructure to sign the zones for which IANA is responsible. This presentation will provide an overview of the design goals, discuss the architecture and implementation, and discuss the next steps needed to be undertaken to facilitate greater DNSSEC deployment. Speakers |
Full AbstractSpeakers |
RecordingsFull AbstractWhile it's understood that each network will make its own decisions in deploying IPv6, there hasn't been much dialog on the overall coordination of expectations between networks that is necessary to maintain "one connected Internet" during this transition. In this talk, John will cover one possible timeline and set of expectations which could be used to coordinate overall transition to IPv6. Speakers |
RecordingsFull AbstractIn "Stealing the Internet" Kapela and Pilosov will describe a method where an attacker exploits the BGP routing system to facilitate transparent interception of IP packets. The method will be shown to function at a scale previously thought by many as unachievable. The talk highlights a new twist in sub-prefix hijacking that we demonstrated at Defcon 16: using intrinsic BGP logic to both "attract" network traffic and simultaneously create a 'feasible path' towards the target network. This method will be shown to preserve end-to-end reachability while creating a virtual 'wire tap' at the attackers network. Speakers Alex Pilosov, Pilsoft |
Wednesday, October 15, 2008
Topic/Presenter |
---|
|
RecordingsFull AbstractInternet pioneers Van Jacobson, Lixia Zhang, Danny Cohen, Bob Braden, and Paul Mockapetris will share their recollections of the "behind the scenes" discussions that went on in the "early" days, some 15 or 20 years ago, and you may be surprised at how they mirror the very same threads currently being seen on message lists in our community. Speakers Panelist - Bob Braden, ISI. Panelist - Van Jacobson, PARC Panelist - Paul Mockapetris, Nominum. |