Full Abstract

Meet and greet the NANOG community and start socializing!

Full Abstract

Verisign

Full Abstract

Speakers
Dave Temkin, NANOG Program Committee Chair.
Betty Burke, NANOG Executive Director.
Guy Tal, Verizon Terremark VP of Interconnection Services, Product Management.

Full Abstract

Commotion (www.commotionwireless.net) is an open-source communication tool that uses mobile phones, computers, and other wireless devices to create decentralized mesh networks. The Open Technology Institute, in collaboration with numerous open source projects from around the globe, is building a new type of tool for democratic organizing: one that uses a distributed mesh infrastructure to provide key enhancements to existing circumvention technologies -- supporting human rights advocates, civil society organizations, and low-cost communications. A distributed infrastructure makes it extremely difficult for a government to completely disrupt communications. In addition, “device-as-infrastructure” networks enhance communications security among their participants by eliminating points for centralized monitoring, enabling direct peer-to-peer communication, and aggregating and securing individual communications streams. Commotion is both an R&D effort -- pioneering numerous innovations in the open source mesh wireless space -- as well as an intervention that supports secure and free communications wherever it's deployed.

Speakers
Sascha Meinrath, Open Technology Institute
Sascha Meinrath is vice president of the New America Foundation and director of the Open Technology Institute. In 2012 he was named one of the top 100 in Newsweek's Digital Power Index and he has been described as a "community Internet pioneer" and an "entrepreneurial visionary." He is a well-known expert on community wireless networks, municipal broadband, and telecommunications policy. In 2009 he was named one of Ars Technica's Tech Policy "People to Watch" and is also the 2009 recipient of the Public Knowledge IP3 Award for excellence in public interest advocacy. Sascha founded the Commotion Wireless Project (a.k.a., the "Internet-in-a-Suitcase") and, along with Vint Cerf, is the co-founder of Measurement Lab (M-Lab), a distributed server platform for researchers around the world to deploy Internet measurement tools, advance network research, and empower the public with useful information about their broadband connections. He coordinates the Open Source Wireless Coalition, a global partnership of wireless integrators, researchers, implementors and companies dedicated to the development of open source, interoperable, low-cost wireless technologies. Sascha has worked with Free Press, the Cooperative Association for Internet Data Analysis (CAIDA), the Acorn Active Media Foundation, the Ethos Group, and the CUWiN Foundation. He blogs regularly at www.saschameinrath.com.

Full Abstract

Speakers
Ron Bonica, None.

Full Abstract

PLXsert (Prolexic Security Engineering and Response Team) is responsible for security research and threat intelligence for Prolexic Technologies. The Distributed Denial of Service outlook definitely took new turn in 2012 and is continuing on that track for 2013. The threat landscape is one that requires two perspectives for a comprehensive view into the tactics of involved malicious actors. On the defensive side of the spectrum, these developments have paved way for creative innovation. Prolexic has been in the unique position to be able to observe this evolutionary process over the years, which has enabled the ability to stay on the forefront of upcoming attack techniques and associated BOTNETs. PLXsert will reveal findings and statistics that can only be collected from that of the defensive side. We will also disclose specific case studies that review some of the highlighted attack campaigns and toolsets behind this ongoing elevated threat within the one hour presentation.

Speakers
David Fernandez, PLXsert
Mr. Fernandez has over a decade of experience in information security. He began his career in the Networking Security Operations and Engineering division for a Microsoft partner, specializing in IP faxing solutions. In 2006, he started working as a Security Engineer for a firm that develops security devices that mitigate against illegal content distribution from P2P networks. In 2008, he joined Prolexic as a Lead Security Operations Engineer, working as part of the operational DDoS mitigation team, and specializing in the identification and mitigation of the largest and most sophisticated DDoS attacks in the world. As one of the founding members, he currently leads the Security Engineering and Response Team (PLXSERT), the team's responsibilities include security research, digital forensics, cyber-threat research and evolving DDoS mitigation techniques.

Terrence Gareau, PLXsert
Terrence “Tuna” Gareau, Principal Security Architect and the founding member of the PLXsert for Prolexic Technologies, began his IT security career more than 10 years ago. His experience encompasses enterprise security in addition to distributed denial of services (DDoS) expertise, and he has mitigated some of the Internet’s largest DDoS attacks for both government agencies and private enterprises. Tuna is a leader for architecture, engineering and research teams, creating solutions to protect client networks, establishing security testing policies, network and digital forensics, and serving as the subject matter expert for multiple private and government organizations. His past experience includes work at the Food and Drug Administration (FDA) and Chickasaw Nations Industries. A recognized expert in DDoS attack mitigation, Tuna has shared his knowledge at Defcon, NoVa Hackers, NIH, FDA, DoD, Interpol and other organizations.

Full Abstract

The pace of optics technology development has been increasing. Some of the advances are similar to past innovation, in particular increases in per lane data rate, for example from 1Gb/s to 10Gb/s to enable increase in link data rate from 1GbE to 10GbE. Other advances are new, for example parallel fiber and wavelength division multiplexing (WDM) that enabled 40GbE and 100GbE. There are future technologies, such as higher order modulation (HOM) which will be combined with the past innovations to lead to future data rate increases to 400GbE and 1.6TbE. Some of these advances are transparent to network operators, like lane rate increase, WDM and HOM. Others like parallel fiber lead to operational changes. The per lane data rate increases will accelerate the shift from copper to fiber because of physics limitations, which will change datacenter cabling. Innovations such as ML (multi-link) pluggable modules, OEs (board mounted optical engines), and new light sources will enable higher density, flatter interconnect, which will require operational changes in breaking out and aggregating individual links. Technology improvements will reduce the energy per bit/sec, however this will not be sufficient to offset the increases in speed and density, and thermal management will become more demanding.

Speakers
Chris Cole, Finisar
Chris Cole is a Director at Finisar Corp., Sunnyvale, Calif. He received a B.S. in Aeronautics and Astronautics, and B.S. and M.S. in Electrical Engineering from the Massachusetts Institute of Technology. At Hughes Aircraft Co. (now Boeing SDC) and then M.I.T. Lincoln Laboratory, Chris contributed to multiple imaging and communication satellite programs such as Milstar. Later, he consulted on telecom ASIC design for Texas Instruments DSP Group and Silicon Systems Inc. (now Maxim.) Chris was one of the architects of the Sequoia coherent imaging ultrasound platform at Acuson Corp. (now Siemens Ultrasound), where he also managed hardware and software development groups. As a principal consultant with the Parallax Group he carried out signal processing analysis and product definition for several imaging and communication systems. At BBN, a Finisar acquisition, Chris developed 10 Gb/s and 40 Gb/s optical transceivers. He is now managing the development of 100 Gb/s and 400 Gb/s optical standards and transceivers. He is a Senior Member of the IEEE.

Full Abstract

ARIN's Public Policy Consultation (PPC) is part of ARIN's recently revised Policy Development Process; it is an open public discussion of number resource policy. Registered NANOG 58 attendees do not need to register to participate in this session. Learn more at https://www.arin.net/ppc_nanog58/. Current policy proposals up for discussion at this consultation are: > Recommended Draft Policy ARIN-2013-1: Section 8.4 Inter-RIR Transfers of ASNs > Draft Policy ARIN-2013-2: 3GPP Network IP Resource Policy > Draft Policy ARIN-2013-4: RIR Principles > Draft Policy ARIN-2013-5: LIR/ISP and End-user Definitions

Full Abstract

In the style of the highly successful Peering BOF, the Datacenter BOF will explore datacenter topics of interest to the NANOG community, with several goals: - Smaller group than the plenary - Maximum audience participation - Strong educational goal - Rotating moderators after establishment Possible sessions inside the BOF: - Debate: e.g. Wholesale datacenter vs retail colocation (possible debaters: David Roach and Chris Sharp) - Session on PUE and other common data center metrics - Datacenter spotlights - 10 minute sessions from providers on new and under construction facilities - Location Panels - group discussions on particular geographies, such as San Jose, Ashburn, Seattle, Boston, etc. - User feedback panels - Inspired by VERY successful GPF session on "what customers want to see in colocation providers" - Session on how to buy using RFPs - Sessions on green data center technologies

Speakers
Moderator - Dan Golding
Daniel Golding has over 15 years of experience in the Internet, datacenter, and critical facilities fields. His experience ranges from financial and organizational to deeply technical. He has held executive positions at RagingWire Data Centers, DH Capital, and Tier 1 Research. In addition, Daniel has significant experience in conference administration and management, including serving as the conference chairman for the Hosting Transformation Summit and the Global Peering Forum, for four years in each case. Daniel has held a wide variety of positions across the Internet infrastructure sector: network engineering and peering; data center operations and engineering; financial and industry analysis; and executive management. Also, uniquely, he possesses strong financial knowledge through work as an investor and banker in the Internet sector. Daniel has also been a sponsor and host of NANOG through previous employers, bringing specific knowledge of these essential community roles to the table.

Moderator - Marty Hannigan
Martin Hannigan is a 26 year veteran of the Internet economy. He's been designing, funding, building and operating networks and data centers for a long time. You can find out more about Martin here http://linkd.in/143vNCt

Full Abstract

Alcatel-Lucent

Full Abstract

Speakers
Dave Meyer, Brocade/Univ. of Oregon
David Meyer is currently CTO and Chief Scientist at Brocade Communications, where he works on future directions for Internet technologies. Prior to joining Brocade, he was a Distinguished Engineer at Cisco Systems, where he also worked as a developer, architect, and visionary on future directions for Internet technologies. He has been a member of the Internet Architecture Board (IAB) of the the IETF (www.ietf.org) and the chair/co-chair of many working groups. He is also active in the operator community, where he has been a long standing member of the NANOG (www.nanog.org) program committee (and program committee chair from 2008-2011). He is also active in other standards organizations such as ETSI, ATIS, ANSI T1X1, the Open Networking Foundation, and the ITU-T. Mr. Meyer is also currently Director of the Advanced Network Technology Center at the University of Oregon. One of his major projects at the University of Oregon is routeviews (see www.routeviews.org). Prior to joining Cisco, he served as Senior Scientist, Chief Technologist and Director of IP Technology Development at Sprint. See http://www.1-4-5.net/~dmm/vita.html for more information.

Full Abstract

The Internet2 Network offers a full range of network services tailored to the unique needs of research and education (R&E). This talk looks at some of the needs of the R&E community and how they have driven platform and service choices. In particular, the role of SDN in overall architecture including Layer2 OpenFlow and Non-OpenFlow services as well as Routed services will be discussed.

Speakers
Edward Balas, Indiana University GlobalNOC
Edward Balas and his team develop systems used by the GlobalNOC and its partners to monitor, measure, document, design, and provision networks. Recent technical efforts have focused on developing OpenFlow applications and deployment of a 100G OpenFlow network in close partnership with Internet2.

Chris Spears, Internet2
Chris Spears is the Network Planning Architect at Internet2, a member-owned advanced technology community founded by the nation's leading higher education institutions in 1996. Chris joined Internet2 in 2010, working on the design and implementation of the first transcontinental coherent 100G DWDM network, and continues to work for the advancement of networking in the R&E community.

Full Abstract

When ESnet received the ANI grant to build a new 100GE network, it already had its fourth-generation network in full production, using multiple 10GE links. ESnet4 was comprised of routers from two vendors, used two IGPs (OSPF for IPv4 and IS-IS for IPv6), and had separate infrastructures for production IP traffic and for research traffic (the latter of which could be reserved using OSCARS--an early form of SDN). The ANI 100GE that was constructed used a third vendor, had only one IGP (IS-IS), and promised to consolidate the OSCARS reservation system, with its sophisticated MPLS backend, into a single very-high-speed network. This talk will cover the lessons learned during the daunting task of consolidating the existing ESnet4 and the new ANI networks into a single production network: ESnet5. This talk discusses some of the main issues with the rollout of the new production 100GE network that ESnet has developed in very close partnership with Internet2, and my part will be to discuss mainly Layer-3 issues: Consolidating routing protocols and routers and creating a cleaner and simpler design, while minimizing downtime during the transition. My hope is that this talk will help to answer questions such as: Why is planning doubly-important in major network migrations? Why was it necessary to turn on *OSPFv3* just to migrate from OSPFv2 and IS-IS to IS-IS only? How did you deal with bottlenecks and routing loops? Why did you use the Brady Bunch as a metaphor given that you never liked that show?

Speakers
Michael Sinatra, ESnet
Michael Sinatra has been involved in network operations for more than a decade. For over eleven years, he worked as one of the two lead network operator/architects for UC Berkeley. There, he implemented anycast DNS, DNSSEC, and spearheaded IPv6 deployment on the campus. In early 2011, he joined the network engineering team of ESnet where he is currently working on deploying one of the first nationwide 100GE networks. Michael has frequently disseminated his experiences deploying new technologies through presentations, talks, and tutorials at NANOG, the Internet2 meetings, and other community events. On rather short notice, Michael recently chaired a round-table and helped develop the program for the 2011 Chinese-American Networking Symposium in Kunming, China. He has attended NANOG on average of once per year since NANOG 27 in 2003. He has served on the program committees of the Internet2 Joint Techs conference and the CENIC regional conference.

Full Abstract

Speakers
John Curran, ARIN
John Curran is the President and CEO of the American Registry for Internet Numbers (ARIN), responsible for leading the organization in its mission of managing the distribution of Internet number resources in its geographic region. He was also a founder of ARIN and served as its Chairman from inception through early 2009. John’s experience in the Internet industry includes serving as CTO and COO for ServerVault, which provides highly secure, fully managed infrastructure solutions for sensitive federal government and commercial applications. Prior to this, he was CTO for XO Communications, and was integral in leading the organization’s technical initiatives, network architecture, and design of leading-edge capabilities built into the company’s nationwide network. Mr. Curran also served as CTO for BBN/GTE Internetworking, where he was responsible for the organization’s strategic technology direction. He led BBN’s technical evolution from one of the earliest Internet Service Providers through its growth and eventual acquisition by GTE. He has also been an active participant in the Internet Engineering Task Force (IETF), having both co-chaired the IETF Operations and Network Management Area and served as a member of the IPng (IPv6) Directorate.

Full Abstract

Terremark

Full Abstract

There are many new pressures and requirements emerging in today’s home networks: The need for separation of visiting guest users from home users, community Wi-Fi services, smart grid, home automation & security, and an ever increasing number and type of IP enabled devices in the subscriber home are all strong motivations for additional routers and multiple LANs in the home. The emergence of heterogeneous link layer technologies, machine to machine communication, IP & multicast video streaming, video content sharing inside the home, telecommuting and corporate IT requirements, and the possibility of home network multi-homing are all also driving additional complexity and new requirements into home networks. This talk will present a four-phase, incremental approach to solving these emerging home networking issues. This incremental approach includes a novel near-term solution to Home IP networking (HIPnet), which applies many of the tools and protocols within the IPv6 framework in new ways in order to enable a completely self-configuring dual-stack (IPv4 & IPv6) multi-router home network capable of supporting the full range of in-home IP services. This near-term approach leverages the existing Neighbor Discovery and DHCPv6 protocols, making it simple and cheap to implement in the near term while also providing a migration path to more complex long-term solutions utilizing routing protocols to increase the efficiency of home networks where needed.

Speakers
Chris Grundemann, CableLabs
Chris Grundemann (JNCIE #449) is the IP Network Architect at CableLabs, where he focuses on technical leadership, innovation, and contributions to standards & specifications within many current networking areas, specifically: Carrier Ethernet, VPNs, MPLS, IPv6, home networking, and SDN. Chris is the author of Day One: Exploring IPv6 and Day One: Advanced IPv6 Configuration, as well as several IETF Internet Drafts and various industry papers. He is the founding Chair of CO ISOC, the Colorado chapter of the Internet Society, a board member of the Rocky Mountain IPv6 Task Force (RMv6TF), an elected member of the ARIN Advisory Council (AC), a member of the NANOG Program Committee (PC), Co-Chair of the UPnP IPv6 Task Force, and a member of the CEA Pv6 Transition Working Group. Chris also maintains a personal weblog aimed primarily towards Internet related posts typically focusing on network operation and design, tech-policy and the future of the Internet at http://chrisgrundemann.com.

Full Abstract

SoftLayer has begun designing a router and server configuration method for our hosting environment which improves IPv4 address conservation. The basic topology of Ethernet to server / dedicated VLAN per customer in a hosting environment includes use of "global gateways" and the shared address pool 100.64.0.0/10

Speakers
Christopher Papandreou, SoftLayer Technologies
Christopher Papandreou is currently a Network Engineer at SoftLayer Technologies, a large-scale IaaS hosting provider. He started his Internet career at NeoSoft (the first Internet provider in Texas) in the late 90's as Technical Support providing support for dialup through T1 connections. He has a background in Network Engineering spanning from customer edge to the backbone including peering, architecture, security, DDoS mitigation, routing policy and creation of operational procedures. He is also the founder of the Jumpsuit Wednesday movement.

Full Abstract

We present our work on the development of a centralized routing control agent for large-scale data-center networks. The objective is to build a system that enables easy and consistent modification of routing behavior in a data-center network via a simple REST-based API. Major applications include, but not limited to, hitless bypass of network facilities (e.g. links or routers) for the purpose of maintenance; per-prefix unequal-cost load-sharing to compensate for asymmetries in network topologies and automated isolation of “gray” network failures. We demonstrate how the use of centralized agent with full network visibility allows for network updates without creating transient micro-loops. The most prominent feature of our approach is the use of BGP as the signaling protocol for controlling and monitoring network routing state. We compare our approach to more “widely known” OpenFlow models and argue that using BGP allows for low-risk deployment of SDN features. The proposed approach allows us to maintain full backward compatibility with existing routing designs and quick failover in case of unexpected behavior.

Speakers
Petr Lapukhov, Microsoft Corp.

Full Abstract

In this talk, we introduce Segment Routing, a simple breakthrough in network engineering technology that may add benefit to IP and MPLS network operations. Segment Routing (SR) works by encoding a path across a network as an ordered list of segments, which may be links, multi-hop tunnels between nodes, and more. SR uses today's dataplane technologies without any modification, supports MPLS, IPv4 and IPv6, and requires only very modest changes to existing routing protocols. SR is also fully documented in IETF drafts with both multi-vendor and multi-operator contribution, thereby increasing the likelihood of interoperable implementations. Segment Routing allows operators to program new service topologies without the traditional concerns around network state explosion. Using SDN procedures, the head end can program a ordered list of segment identifiers (MPLS labels, IPv6 routing headers) that enable explicit source routing. This can allow for service level differentiation, potentially providing new enhanced service offering opportunities for operators. SR can be introduced slowly into a network without any flag day events, thereby minimizing disruption.

Speakers
Clarence Filsfils
Clarence Filsfils is a Distinguished Engineer at Cisco Systems where he holds key roles in Engineering and Marketing. Clarence has played a leadership role in the development of Quality of Service, IP/MPLS Routing Resiliency, Large-Scale Routing and IP/Optical Integrated Control-Plane technology at Cisco Systems. Clarence is a regular speaker at leading industry Conferences and Standards Development Organizations like the IETF. Clarence holds over 100 patents and has published several industry technology papers on Routing and Quality of Service. Clarence is also the author of a recent industry publication: “Service Provider deployments of Quality of Service (QoS). Clarence holds a Masters in Management from Solvay Business School and a Masters of Engineering in Computer Science from the University of Liege.

Full Abstract

PeeringDB is a unique source of user submitted peering information! But is it worthy of the operator's trust that automated tooling requires? Based on novel research performed with various data sources, this quantitative analysis sheds light on how we must view PeeringDB and its role in the peering ecosystem.

Speakers
Job Snijders, Atrato IP Networks
Job Snijders is a Senior Networker at Atrato IP Networks (AS 5580), one of the largest backbones in Europe. Job develops high-end networks and provides advise on everything for which the network is an integral part. Job has regularly taught IPv6 at MENOG workshops in the Middle East. He is actively involved in the the global operator community through the NLNOG RING, the RIPE Program Committee and has helped develop the LISP protocol within the IETF.

Full Abstract

Speakers
Betty Burke, NANOG Executive Director.
Dave Temkin, Chair, NANOG Program Committee.

Full Abstract

Speakers
Moderator - Mehmet Akcin, ICANN
Mehmet Akcin has been working at ICANN since 2006. He's been involved various DNS Projects in the company such as Root DNSSEC Signing , L-Root Management, other critical authoritative DNS related services. Mehmet regularly travels to several network operator meetings and hosts DNS or Peering BoFs. He has found TRNOG, Turkish Network operators group and served as Chairman for one term. He has also served in MENOG Program Committee. Prior to ICANN , Mehmet had been involved with ccTLD .PR and both technical and not technical operations. Mehmet is very involved with sports and enjoys officiating soccer games. Mehmet speaks Turkish , English and Spanish

Full Abstract

Speakers
Moderator - Will Charnock

Full Abstract

Conventional wisdom says network operators must buy IPv4 addresses or deploy CGN as long as content and electronics are IPv4-only. But as long as ISPs buy IPv4 addresses or use CGN, there's little reason for content or electronics to support IPv6. Using game theory, Lee Howard presents a decision tree allowing companies in each segment of the industry to figure out when they need IPv6.

Speakers
Lee Howard, Time Warner Cable
Lee Howard is the Director of Network Technology for Time Warner Cable, where he identifies and develops new network technologies. In that capacity, he is responsible for the company’s IPv6 deployment, and representation at standards bodies including IETF and CableLabs. He has held leadership positions in enterprise information technology, applications hosting, and small and large ISPs, including UUNET from 1997 to 2003. He currently serves as Working Group Chair for the IETF 6renum working group. He served for seven years on the Board of Trustees of ARIN, as Vice Chair, Secretary, and Treasurer. He also spent a year on ICANN’s Address Supporting Organization Address Council. In addition to his formal roles, Mr. Howard has participated in networking venues, including LACNIC, AfriNIC, NANOG, TPRC, NCTA, SCTE, the v6 World Congress, and Internet Society events including ION and INET. He often brings business, political, and engineering perspectives to discussions lacking them. His analysis of IPv4 address markets and carrier-grade NAT are widely cited in discussions of IPv4-IPv6 transition.

Full Abstract

Equinix

Full Abstract

This presentation will present architectural considerations for deploying Carrier Grade NAT into an existing network. Considerations include IPv4 depletion, reduction of impact to existing customers, dealing with the new architectural needs of CGN and IPv6 current/future operation. The talk would be based in principle on information documented in "draft-ietf-opsawg-lsn-deployment" and operational experience using this architecture. The talk will present BGP/MPLS IP VPNs as a solid technological framework which could be used to safely and adequately implement an overlay CGN infrastructure. A comparison would be made to other generic options with advantages and disadvantages noted.

Speakers
Victor Kuarsingh, Rogers Communications
Victor Kuarsingh is the Network Architect for Rogers Communications leading the introduction of new technologies along with steering the wireline, wireless and business networks. In his role, he also contributes to the IETF and Cablelabs helping bring operator focus to those bodies. Some of his most recent accomplishments include the architecture and deployment of DOCSIS 3.0, leading the architecture for Rogers' recent LTE deployment and the IPv6 strategy and deployment.

Full Abstract

The relative value of working from home has been discussed intensely in the media recently. We do a somewhat systematic review of the data, such as it is, to attempt to understand who is working from home, what is going well for them and what is not. Working from home ends up damaging or sidelining careers and salary and harming creativity while boosting productivity and certain kinds of satisfaction. It's a wash.

Speakers
Dr Beth A. Prairie
Dr Beth A. Prairie completed her undergraduate degree in Anthropology at Columbia University, an MD at the University of New Mexico and a Master of Public Health (MPH) at Dartmouth. She trained in Obstetrics and Gynecology and Preventive Medicine at Dartmouth-Hitchcock in Lebanon, NH, and is board certified in both Ob/Gyn and Preventive Medicine. Dr Prairie's research interests include non-hot flash symptoms of the menopausal transition and best-practice implementation of health care in clinical systems. Her research has been published in numerous peer-reviewed journals, presented at national and international meetings, and her work has been funded by the NIH. Dr Prairie recently accepted a position with Highmark/Blue Cross/Blue Shield of Western PA to develop their women's health program after five years as an Assistant Professor of Ob/Gyn at University of Pittsburgh Medical Center. In an unusually sane moment, Dr Prairie chose to take 4 months of leave between jobs, which is why she is in New Orleans. This work is almost completely unrelated to Dr. Prairie's expertise in either gynecology or health quality.

Todd Underwood
Todd Underwood is a Site Reliability Manager at Google, working on the money side of the house (Ads Quality, Payments, Billing, Shopping). He can't help you with the reader shut down. Sorry. Prior to that, he was in charge of operations, security, and peering for Renesys, a provider of Internet Intelligence services. And before that he was CTO of Oso Grande, a small New Mexico ISP. He has a background in systems engineering and networking. Todd has presented work related to Internet routing dynamics and relationships at NANOG, RIPE and various peering forums (Global Peering Forum, LINX, and Switch and Data). Todd received a B.A. in Philosophy from Columbia College, Columbia University, and an M.S. in Computer Science from the University of New Mexico. This work is more or less completely unrelated to his formal training or expertise.

Full Abstract

A technique is presented in which network service definitions such as line services or LAN services are used to create, modify, and delete optical and packet paths dynamically. This coupling of packet and optical paths to Service definition can improve network utilization at both layers and improve the power efficiency of the network overall.

Speakers
Larry Samberg, BTI Systems
With over 35 years in the computer and networking industry, Larry Samberg has been designing Ethernet-based systems since its commercial introduction in the early 80s. In 1987, he co-founded CrossComm, one of the earliest Ethernet Bridge developers. Since then, he has designed packet switches with Ethernet over PDH, SDH, frame relay, ATM, and most recently Ethernet over DWDM with Ciena and then BTI Systems. Larry has been active in the MetroEthernet Forum technical committee since 2004.

Full Abstract

The BGP Flow Specification described in RFC 5575 defines a new BGP Network Layer Reachability Information (NLRI) format that can be used to distribute traffic flow specification rules. The flowspec matching criteria applied to IP traffic include source and destination prefix, IP protocol, source and destination port numbers, TCP flags, and other packet fields. RFC 5575 itself describes an application of flowspec to automate the distribution of traffic filtering rules from a single point of control for the mitigation of DDoS attacks. This flowspec application has been implemented in routers and mitigation appliances, and is a valuable tool used today in the protection of network resources against DDoS attacks. Nevertheless, with the rise of more sophisticated application layer DDoS attacks, a significant portion of DDoS attacks cannot be effectively mitigated only by the application of L3/L4 traffic filtering rules, and require a more sophisticated DPI-capable DDoS mitigation appliance that can detect and filter attacks at the application layer. These application-layer DDoS mitigation appliances capable of performing “surgical mitigations” are usually shared resources that require the diversion of attack traffic to designated locations where this traffic can be scrubbed and reinjected in the network later. This traffic diversion is performed using BGP prefixes (IPv4/IPv6 NLRI), and it usually requires careful planning of the route announcements in the routing domain, followed by a planned reinjection of this traffic back to its intended destination, in order to avoid loops and/or drops of legitimate traffic. This article describes a solution for the “surgical diversion” of traffic to the mitigation appliance using BGP flowspec. Traffic diversion using BGP flowspec intends to provide a traffic redirection solution that is simpler to design, less intrusive to the routing domain, and more granular in its control, ultimately providing a better optimization of the shared mitigation capacity available.

Speakers
Leonardo Serodio, Alcatel-Lucent
Leonardo Serodio is a network security specialist at the IP Consulting Engineering group in Alcatel-Lucent, where he is responsible for designing networking solutions with the Alcatel-Lucent IP portfolio, including the DDoS mitigation appliance embedded into the ALU router product line. Leonardo has extensive experience in the ISP and Telecom industry, having worked for over 15 years with large Carriers in the Americas, Asia and Europe. Prior to joining ALU, Leonardo worked at Arbor Networks where he was responsible for conducting performance, solution and functionality lab research with Arbor’s Peakflow product line.