Full Abstract

Being able to develop or customize tools using shell or Perl scripts is a skill all network operators should possess. This tutorial will provide a survey of scripting constructs from basic to advanced using real world examples throughout. While this tutorial is too short to comprehensively cover programming and the nuances of the tools available, newcomers can expect to come away with enough knowledge to start hacking their own useful tools, or to make use of the example scripts provided as a foundation towards something even more useful in their own real networks.

Speakers
John Kristoff, Team Cymru
John Kristoff is a researcher with Team Cymru, an Internet security research firm. John has worked at UltraDNS/Neustar as a network architect and held network engineering positions at both Northwestern University and DePaul University. John remains affiliated with Northwestern and DePaul as a collaborator, student and instructor. John has been an active participant in a number of related trusted security communities including nsp-security, YASML, ops-trust, FIRST, REN-ISAC and DNS-OARC.

Full Abstract

You know you're going to have to implement IPv6 at some point. But you don't have all the operational experience with it you have with IPv4. What's the same? What's different? What are you going to have to change in how you build and run your network? This session will break down what operational and protocol issues are going to affect you and tell you how to make a better, more robust network.

Speakers
Paul Ebersman, Infoblox
Paul Ebersman has been involved with NANOG to varying degrees since the late 90s and has been working with TCP/IP networks since the mid 80s. Paul currently works in the Infoblox IPv6 Center of Excellence as a technical resource, both internally and to the internet community. He first worked on the internet for the Air Force in 1984. He was employee number 10 at UUNET and helped build AlterNET and the modem network used by MSN, AOL and Earthlink. He has maintained his roots in the internet and the open source community, working for various internet infrastructure companies including ISC and Nominum before coming to Infoblox.

Full Abstract

This session is a brief introduction to DNSSEC and how it works. We'll discuss the motivations for its creation, what it does (and doesn't do), and how it works. We'll describe the new DNS resource records used by DNSSEC and how a DNSSEC validator uses them to verify the authenticity and integrity of DNS data. Basic knowledge of how DNS itself works is helpful but not strictly required.

Speakers
Matt Larson, Verisign
Matt Larson is Vice President of DNS Research in Verisign Labs, where he works as a specialist in DNS protocol and operational issues. He is an active participant in the wider DNS community and the co-author of three O'Reilly & Associates Nutshell Handbooks ("DNS on Windows Server 2003", "DNS on Windows 2000" and "DNS on Windows NT"). He also co-authored the core DNSSEC standards documents: RFCs 4033, 4034 and 4035.

Full Abstract

Top techniques, tools, and approaches that needs to be deployed before the crisis. Don’t wait for a security crisis before deploying the tools you need to protect your backbone, cloud, data center, mobile, or broadband infrastructure. There are proven tools, techniques, and approaches to security that is tuned for “Big Networks.” These tools in a “SP Security Toolkit” have proven to work in some of the biggest networks on the planet. This tutorial will review all these techniques – focusing on the how and why they need to be deployed along with usage examples. The hope is for operators attending the session to consider convincing their management that many of the tools in the toolkit need to be deployed before a crisis – to prepare the network to mitigate risk in the middle of a crisis. This session is an updated session from past SP Security and NSP-SEC Top Ten tutorials. It will be tuned to be a productive review for operators who deploy many of these techniques today while empowering new operators with the knowledge to return and make changes to their network.

Speakers
Barry Raveendran Greene

Full Abstract

This tutorial, the second in a series, builds on the introduction scripting tutorial by covering more advanced topics and real world coding solutions including database access, network programming, module development and references. While our time is too limited , we will learn about and implement these constructs by example. We will step through the process of creating our own network-based service application that implements modules, communicates with a database, handles command line arguments, writes logs to a syslog server and more. Participants can expect to come away with enough knowledge to start hacking their own advanced applications or make use of the example code provided as a foundation towards something even more useful in their own real networks.

Speakers
John Kristoff, Team Cymru
John Kristoff is a researcher with Team Cymru, an Internet security research firm. John has worked at UltraDNS/Neustar as a network architect and held network engineering positions at both Northwestern University and DePaul University. John remains affiliated with Northwestern and DePaul as a collaborator, student and instructor. John has been an active participant in a number of related trusted security communities including nsp-security, YASML, ops-trust, FIRST, REN-ISAC and DNS-OARC.

Full Abstract

SoftLayer

Full Abstract

More than 40% of the global routing table is polluted by more specific prefixes, according to the CIDR report. These more specifics affect ratio between transit and peering significantly in favor of the more expensive transit, which is real money for outbound-heavy networks. To avoid these unnecessary spendings is worth a thought.

Speakers
Fredy Kuenzler, Init7
Fredy Kuenzler is founder/CTO/network architect of the Switzerland based operator Init7 (AS13030) and has more than 15 years of industry expericence, especially in BGP routing, streaming services and IP television.

Full Abstract

Knowing what paths packets are taking within a network is crucial for several network management tasks. When the network is running OSPF, determining paths is supposedly straight-forward, since OSPF is basically a link-state protocol, and with link-state protocols, a packet follows the shortest path in terms of link weights from its source to the destination. However, OSPF allows a network to be divided into areas for scalability, and this makes it more than a link-state protocol. As a result, though packets still follow shortest paths within an area, this is not guaranteed to be the case across areas. In fact, paths followed by packets with areas can often be unexpected and non-intuitive. Some recent extensions to OSPF, namely multi-area adjacencies (RFC 5185) and alternative implementation of border routers (RFC 3509), have further exacerbated the situation. This presentation illustrates such cases with examples, while providing insights into why OSPF paths can look so strange with areas.

Speakers
David Applegate , AT&T Labs - Research
David Applegate is a Lead Member of Technical Staff at AT&T Shannon Labs, where he has been since 2000. Prior to that he was an Associate Professor of Computational and Applied Mathematics at Rice University and a Member of Technical Staff at AT&T Bell Labs.

Full Abstract

Speakers
Richard A Steenbergen, nLayer Communications
Richard Steenbergen is the co-founder of nLayer Communications, a respectably sized and profitable North American based IP backbone, where he currently serves as the Chief Technical Officer. Richard brings years of experience in practical techniques for network operators, and is a frequent contributor in many community forums. Previously, Richard served as a Senior Network Engineer at several large NSPs, and was the Senior Software Engineer responsible for developing optimized routing technologies at netVmg, Inc. Richard is also an active developer for tools and software used by the network operator community. Some notable projects include PeeringDB, a portal used by many networks to help coordinate their peering activities, and IRRPT, a software package used by ISPs to maintain IRR-based prefix filters.

Full Abstract

The DNS Track is an opportunity for NANOG attendees with an interest in DNS to meet and share operational experiences and recent research activities. Attendees are welcome to contact the track moderator with presentations or ideas for discussion topics.

Speakers
Duane Wessels, Verisign
Following his college education in Physics and Telecommunications, Duane worked on the Squid/IRCache project at UCSD. For many years his company, The Measurement Factory, developed open source testing and measurement tools for HTTP and DNS. Recently he was the Director of the Domain Name System Operations Analysis and Research Center (DNS-OARC). Currently Duane researches DNSSEC deployment for Verisign.

Full Abstract

MRV

Full Abstract

Speakers
David Temkin, Chair, NANOG Program Committee.

Full Abstract

With TCO reduction being a goal, managment of the network is more important today than ever before. This is because with convergence, comes less equipment on the one hand, but more functionality per device/system on the other – as a result, management of such systems and networks assumes greater importance, a single malfunction can impact multiple layers of operation (since packet, Ethernet and transport may all be resident in the same device now), wreaking havoc on an operator's network and services. Indeed, today’s large, dynamic, and complex IP networks must be reliable & secure, provide QoS for diverse applications, and need to comply with regulations (such as FISMA, HIPPA, and PCI DSS ). Thus, the cost to an operator (large or small) of not having a proper management framework in place can be substantial. Configuration and security loopholes and lack of a consolidated view of the network infrastructure can be very expensive! (Unnecessarily high opex, poor network and application/service performance, customer dissatisfaction and churn, and potential loss of revenue, are just a few of these expenses.) With the average cable, wireless, or global telco having between 2000-9000 lines of configuration code per device, and with over 4-5 critical errors per IP network device, the cost per network downtime incident can be as high as three-quarters of a million dollars! With a proper network management framework in place, the labor-cost (opex) saving and risk reduction becomes significant, even for operators with as few as 100 devices in the network, and could be in the millions of dollars for operators with 1000+ IP network devices. Thus, the purpose of this Panel is to explore, discuss, and debate a set of issues that focus on better management of the network to both operate a healthy network and reduce the operator’s cost of ownership. In particular, of the 3 key areas of network management -- network configuration/audit, network monitoring/measurement, and network tuning, we will focus, in this panel, on network configuration/audit and it's critical role in lowering operators' TCO.

Speakers
Moderator - Dr. Vishal Sharma, Metanoia, Inc.
Vishal Sharma (SM IEEE, Fellow IETE) is a seasoned international technologist, telecom industry expert, & entrepreneur with global exposure, and 20-years of experience spanning consulting, industry, academia, labs. & research. At Metanoia, Inc., he has provided deep-dive expertise in strategy and telecom network- and systems-design to clients on 4 continents – N. America, Europe, Asia, Australia. He and his team have helped players across the full telecom ecosystem (spanning chip/semi-conductor companies, system vendors, operators/carriers, technology houses, and telecom software and tool companies) solve complex problems, by providing services in technology strategy, architecture & design trade-offs, product development, hardware/software architecture, & competence building. Presently, he is leading an industry initiative on how to lower carriers' total cost of ownership (TCO) through better assessment and optimization of a carrier's business models, operations, networks, and technology. More details are at http://www.linkedin.com/in/vishalsharma.

Colby Barth, Juniper Networks
Colby Barth is a Distinguished Engineer at Juniper Networks, working in the Platforms Systems Division, CTO Group. Contact him at [email protected].

Robert Bender, CTS Telecom
Robert Bender is Network Operations Manager at CTS Telecom, a 100-year old independent service provider in SW Michigan. In 14 years at CTS Telecom, Robert has spearheaded the development of ISP operations, softswitch deployment, and currently is the lead optical and IP networking architect. His vision continues to move CTS Telecom forward, from legacy SONET and TDM systems to Carrier Ethernet and FTTP services.

Bruce Katzel, Amartus
Bruce is the most recent addition to the Amartus senior executive team and assumes responsibility for business development and product direction in North America. He is a career business and product development professional with 20+ years’ experience in senior roles at leading technology companies. He has been instrumental in success of a number of start-up OSS / BSS companies including Intelliden (acquired by IBM), Ineo, Granite Systems (acquired by Telcordia), Cross Keys (acquired by Oracle), CCMI & ACE*COMM (now Ventraq), he has a deep understanding of the Large Enterprise and Service Provider market place.

Jay Moran, AOL Technology Operations
Jay Moran is the Distinguished Engineer for the AOL Technology Operations organization. AOL Tech Ops ensures 24x7xForever availability for AOL's hundreds of millions visitors to premium content sites such as HuffingtonPost, Engadget, MapQuest, Winamp/Shoutcast, and their advertising networks. Jay’s technology responsibility spans the end-to-end infrastructure from the data center facilities up through application operations. Prior, he was the Sr. Tech Director of all AOL networks from the dark fiber to the US/EU backbone - ATDN (AS1668). Jay and his teams brought the first large scale data center network redesign in a decade to AOL, IPv6 across ATDN and several key websites, and convergence to a single router platform across multiple networks. Prior to joining AOL in 1999 Jay has held various positions at Williams Communications, Perot Systems, Tenet Healthcare, and Eastern Data since 1988.

Shawn Morris, NTT America
As manager of IP development for NTT America, Shawn coordinates the Global IP Network Development testing staff and facilities, which are responsible for qualifying both hardware & software for the NTT Com Global IP Network. He also oversees the development team responsible for the GIN configuration tools. Shawn has thirteen years of experience in the IP networking industry and previously served as a member of the IP engineering staff at Verio, which was acquired by NTT Communications in August of 2000.

Full Abstract

Verisign

Full Abstract

In previous talks, we looked at the rapidly evolving "Hyper-Giants", or the 150 large content and hosting networks (e.g. Facebook, Google, etc.) that now contribute an amazing 50% of all Internet traffic globally. This talk looks at the other 50% of traffic. Specifically, FileSharing, P2P and adult traffic represent a massive and growing portion of Internet traffic globally (as well as a sizable economic activity). From first appearances, the universe of adult domain names, number of seed boxes / trackers and file sharing sites appears limitless and endlessly varied. But in this talk, we take a deeper look at the Internet infrastructure supporting these Internet industries. We show that a small number of companies manage these thousands of domain names and an even smaller number of specialized hosting, CDN, analytics and advertisement companies provide the infrastructure. In the case of file sharing, we show that four hosting companies provide the infrastructure for more than 80% of all file sharing traffic globally.

Speakers
Craig Labovitz, DeepField Networks
Dr. Craig Labovitz is co-founder and president of DeepField Networks, a recently founded cloud networking startup. He has spent the last two decades studying the Internet infrastructure and cloud evolution, including several seminal papers on Internet topology and economics. Previously, he designed and built the largest carrier security solution in the world as the Chief Architect at Arbor Networks. Labovitz has also held research and management positions at Microsoft and Merit Networks.

Full Abstract

Telex is a new approach to resisting state-level Internet censorship. Rather than attempting to win the cat-and-mouse game of finding open proxies, we leverage censors’ unwillingness to completely block day-to-day Internet access. In effect, Telex converts innocuous, unblocked websites into proxies, without their explicit collaboration. We envision that friendly ISPs would deploy Telex stations on paths between censors’ networks and popular, uncensored Internet destinations. Telex stations would monitor seemingly innocuous flows for a special “tag” and transparently divert them to a forbidden website or service instead. We propose a new cryptographic scheme based on elliptic curves for tagging TLS handshakes such that the tag is visible to a Telex station but not to a censor. In addition, we use our tagging scheme to build a protocol that allows clients to connect to Telex stations while resisting both passive and active attacks. We also present a proof-of-concept implementation that demonstrates the feasibility of our system, and encourage ISPs and interested researchers to talk to us about future collaboration.

Speakers
J. Alex Halderman, University of Michigan
J. Alex Halderman is an assistant professor of computer science and engineering at the University of Michigan, where his research spans applied computer security and tech-centric public policy. Dr. Halderman has studied topics ranging from web security, data privacy, digital rights management, and cybercrime to technological aspects of intellectual property law and government regulation. He is known for helping to introduce the "cold-boot attack," which breaks encryption by literally freezing a computer's memory, and for exposing Sony’s "rootkit" DRM and other harmful copy-protection technologies. A noted expert on electronic voting security, Dr. Halderman demonstrated the first voting machine virus and helped perform California's "top-to-bottom" electronic voting review. With students at Michigan, he revealed that China's Green Dam Youth Escort censorship software made users vulnerable to remote code execution. His recent work includes the first independent security analysis of India's electronic voting machines, and "hacking" into the District of Columbia's proposed Internet ballot return system. He holds a Ph.D. from Princeton University.

Eric Wustrow, University of Waterloo
Eric Wustrow is a PhD candidate at the University of Michigan in Computer Security, working with Professor J. Alex Halderman. His research focuses on developing technologies to support freedom and government transparency throughout the world. Previously, he has worked to expose vulnerabilities in insecure electronic voting systems in the US and abroad, and has developed new tools and techniques for circuventing Internet censorship in countries such as Iran and China.

Full Abstract

Start your day with a vast selection of hot/cold food for all tastes!

Full Abstract

Speakers
Aaron Hughes
Aaron brings more than 15 years of experience in the telecommunications industry. Aaron Hughes is President and CTO at 6connect, Inc specializing in Internet Engineering automation solutions, cooling technologies and distributed managed services with a focus on IPv6. He is also the Chief Network Architect at UnitedLayer bringing more than 15 years of experience in the telecommunications industry and is responsible for network topology planning, design and operations. Aaron has also held network and system architecture and Sr. level management roles at Lockheed Martin, Cariden Technologies, Terremark, Certainty Solutions, Quest Technologies, RCN, UltraNet and Channel(1) Communications.

Google

Full Abstract

Mark Kosters, Chief Technology Officer, will give the latest technical news about ARIN. He will update you on ARIN Online, including an overview of the new programming API's, billing/payment integration and upcoming releases.

Speakers
Mark Kosters, ARIN
Mark Kosters is the CTO of the American Registry for Internet Numbers (ARIN), responsible for all engineering initiatives within the organization, leading both development and operations. Mark has over twenty-three years of experience as an applications developer, networking engineer, technical manager and executive. Over the last eighteen years, he has been a senior engineer at Data Defense Network (DDN) NIC, chief engineer and Principal Investigator under the NSF-sponsored Internet NIC (InterNIC), and Vice President of Research at Verisign. Over his career, Mark has been involved in application design and implementation of core internet client/server tools, router administration, UNIX system administration, database administration, and network security. He has represented both network information centers in various technical forums such as the IETF, RIPE, APNIC, CaribNOG and NANOG.

Full Abstract

World IPv6 Launch - This time it's for real. Major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IPv6 for their products and services by 6 June 2012. Organized by the Internet Society, and building on the successful one-day World IPv6 Day event held on 8 June 2011, World IPv6 Launch represents a major commitment to the global deployment of IPv6. As the successor to the current Internet Protocol, IPv4, IPv6 is critical to the Internet's continued growth as a platform for innovation and economic development. This panel will be a discussion of World IPv6 Launch and will include perspectives from the Internet Society as well as two of the residential access providers who are enabling IPv6 to paricipate in this event.

Speakers
Leslie Daigle, Internet Society
Leslie has been actively involved in shaping the Internet's technical evolution for more than a dozen years. Her role with the Internet Society is to provide strategic leadership on important technical issues as they relate to ISOC's ongoing programs. She has worked with the Internet Engineering Task Force (IETF) since 1995, and was an appointed member of the related Internet Architecture Board (IAB) from March 2000 to March 2008. As the elected Chair of the IAB from 2002 to 2007, Leslie steered the IAB and the related IETF through a period of important industry and institutional change by working with diverse technical groups to align their interests and develop sustainable relationships. Apart from her leadership role with the IAB, Leslie has been a strong promoter of the development of Internet identifiers and directory systems, which allow for the creation of standards-based, interoperable application protocols to support end-users across the Internet in their use of remote resources. She recently published standards for DNS-based application service discovery. Leslie has served as a panelist with the National Science Foundation review committee, evaluating Internet-related research proposals submitted for funding. She holds an M.Sc. in Computing & Information Science from the University of Guelph, and a B.Sc. in Math and Computer Science from McGill University. Leslie was most recently a Consulting Engineer at Cisco Systems. Previously she held the position of Director of Directory Research at VeriSign, and Vice President for Research at industry pioneer Bunyip Information Systems, among others. Leslie is based in Reston, United States

Brooks Fitzsimmons, AT&T
T. Brooks Fitzsimmons, AVP – IPv6 Transition, is responsible for preparing AT&T’s products and infrastructure for IPv4 address exhaustion and IPv6 accessibility. He was appointed to his current position in July 2009. In his role, he is responsible for scoping the projects necessary to transition AT&T’s IP data products and services towards IPv6. He partners closely with colleagues in Product Management, IT, Architecture & Planning, Labs and Network Planning & Engineering to define IPv4 address consumption mitigation approaches and to sequence the work efforts critical to enabling IPv6 across the enterprise, consumer and wireless products & services. Prior to his current role, Brooks served as AVP – Service Delivery for AT&T’s Hosting & Application Services. He led the international team of project managers and engineers who deliver hosting services into AT&T’s global Internet datacenters. During his tenure, he aided in integrating the Interwise and USi teams into AT&T. Before the merger with AT&T, Brooks Fitzsimmons managed the customer care centers in Plano, TX and San Ramon, CA that provisioned and maintained SBC’s Enterprise IP/MPLS products. He also had business and capital management responsibilities for SBC’s Internet Data Centers and E-Services. Brooks specializes in technology risk management, business integration, and operational scaling. Brooks started his career in IT & Information Security Audit and Consulting, obtaining his CISSP in 1999. He also holds an Orange Belt in Six Sigma. Fitzsimmons has a bachelor’s degree in International Politics from Middlebury College and a Certificat d’Etudes Politiques from the Institut d’Etudes Politiques in Paris, France.

John Sweeting, Time Warner Cable
John Sweeting is the Director of Network Engineering at Time Warner Cable, working out of their Herndon, VA office. His team is responsible for engineering of the Time Warner Cable backbone and providing standards, documentation, and guidance for the regional networks. John has over 25 years of experience in engineering networks. Previous to Time Warner Cable he worked for international carriers, MCI, Cable & Wireless and Teleglobe (Tata Communications) building out global IP networks. John is the current Chair of the ARIN Advisory Council and is in his 10th year of service to ARIN.

Full Abstract

NTT America

Full Abstract

Introduce LINX and quick history / summary on the switch vendors historically in the IX marketplace Explain why we needed to upgrade the network and the reasons behind changing vendors Run through of what the migration programme looked like finishing with several war stories about the experience

Speakers
Derek Cobb, The London Internet Exchange (LINX)
Derek Cobb is Chief Technical Officer for the London Internet Exchange (LINX). LINX is a mutually owned by 400 members and provides public and private Internet peering services to organisations from around the world. Derek joined LINX from BT in March 2011 and has overseen the successful migration of LINX's primary peering LAN to a new VPLS architecture, based on Juniper's MX technology. Derek has held a number of senior network posts with Cellnet (now O2), AT&T, ntl/Virgin Media and BT. Prior to joining LINX, Derek was BT's Network Operations Director for the London 2012 Olympics.

Full Abstract

The interim meeting will focus on two recent SIDR topics: replay/freshness protection and route leaks. The venue was chosen because many of the WG comments on both topics have concerned the operational impact. The hope is to get operator input into the discussion of both topics. The details of the meeting can be seen at http://trac.tools.ietf.org/wg/sidr/trac/wiki/InterimMeeting20120209

Full Abstract

Power consumption and efficiency continues to be a major challenge in the networking industry. Current-generation products are increasingly constrained by the availability of power in both the developed and developing markets. While the unit power consumption (i.e. functionality per watt) continues to decrease, the rate of decrease is much lower than the explosion of bandwidth. This presentation discusses a number of topics related to power consumption in high-end routing/switching systems, with the primary goals being: --educate network operators in the “physics” of system power consumption --identify which performance metrics and requirements do and do not drive increased power consumption --identify the mechanical/cooling impacts of system design --discuss system hardware design challenges around power and cooling --discuss the impact/costs of mechanical standards compliance (i.e. NEBS)

Speakers
LJ Wobker, Cisco
LJ Wobker is a member of the ASR 9000 System Architecture team at Cisco. He holds a B.S. in computer science from North Carolina State University in Raleigh, where he also helped operate and redesign the engineering and campus-wide networks in the late 1990’s. A 15-year veteran at Cisco, he started in the Technical Assistance Center taking calls from angry customers, and has since spent time in the ISP support team, the GSR and CRS engineering and TME teams, the advanced services central engineering and design team, and finally in technical marketing for the ASR 9000. His focus is currently on the system infrastructure for the ASR 9000 and future platforms: including silicon roadmaps, power and mechanical requirements, and data plane/forwarding subsystems. He is also a scuba diver, a European history buff, and a US National Champion in formation skydiving.