Sunday, February 17, 2019
Topic/Presenter
Full Abstract

Taking place in Market Street Foyer from 4:00pm to 6:00pm

Full Abstract

Cisco

Recordings
Full Abstract

Approved Networks

Full Abstract

Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a devastating impact on the targeted networks, thus, companies/governments. Over the years, mitigation techniques, ranging from blackholing to ACL filtering at routers, and on to traffic scrubbing, have been added to our defense toolboxes. Even though these mitigation techniques provide some protection, they either yield severe collateral damage, e.g., dropping legitimate traffic, are cost-intensive, or do not scale well for Tbps level attacks. In this talk we present our Next Generation Blackholing system, developed and deployed at DE-CIX by combining available hardware filters with a novel route server-based signaling mechanism. It builds upon the scalability of blackholing while limiting collateral damage by increasing its granularity. We present the design fundamentals and the building blocks while highlighting implementation challenges and performance evaluation.

Speakers
Christoph Dietzel, DE-CIX / TU Berlin
Since June 2014, Christoph Dietzel has been member of the DE-CIX Research and Development team and is responsible for several research efforts. He is also involved in numerous projects funded by the public sector (EU, German Federal Ministries). Chris is a PhD student in the INET group, advised by Anja Feldmann at Technische Universität Berlin, since the end of 2014. His ongoing research interests focus on Internet measurements and security, routing, and traffic classification. Chris is also highly interested in IXP-related aspects of the Internet ecosystem.

Speakers
  • 3 Christoph Dietzel
Mike Korshunov - TME @ Cisco
Full Abstract

Streaming Telemetry is a shift in paradigm to network monitoring & operations. End users decide to which models to subscribe, the common interface, such as OpenConfig can be used. Data pushed out of the device, increasing resource consumption efficiency. In this talk, we will review the current state, capabilities, toolchain used in the stack, latest developments & innovations such as gNMI and where to go next.

Speakers
Mike Korshunov, TME @ Cisco
Technical marketing engineer in Service Provider BU @ Cisco. Care about networks and software, hackathon enthusiast.

Speakers
  • 3 Mike Korshunov - TME @ Cisco
Full Abstract

Internet eXchange Points (IXPs) are Internet hubs that provide the switching infrastructure to interconnect networks and exchange traffic. While the initial goal of IXPs was to bring together networks residing in the same city or country, and thus keep local traffic local, we observe that this model is gradually shifting. Many networks connect to IXPs without having physical presence at their switch(es). This practice, called Remote Peering, is changing the Internet topology and economy, and has become subject of a contentious debate within the network operators community. However, despite the increasing attention it is drawing, the understanding of the characteristics and impact of remote peering is limited. In this work, we remove the veil between remote peering and IXPs, by introducing and thoroughly validating a methodology for discovering remote peers at IXPs. We (i) infer remote peers globally, with high accuracy (>95%), (ii) study the evolution of remote peering in time, and (iii) evaluate its impact on Internet performance and resilience. We observe that remote peering is a significantly common practice in all the IXPs studied; for the largest IXPs, remote peers account for 40% of their member base. We also show that today IXP growth is mainly driven by remote peering, which contributes two times more than local peering.

Speakers
Christoph Dietzel, DE-CIX / TU Berlin
Since June 2014, Christoph Dietzel has been member of the DE-CIX Research and Development team and is responsible for several research efforts. He is also involved in numerous projects funded by the public sector (EU, German Federal Ministries). Chris is a PhD student in the INET group, advised by Anja Feldmann at Technische Universität Berlin, since the end of 2014. His ongoing research interests focus on Internet measurements and security, routing, and traffic classification. Chris is also highly interested in IXP-related aspects of the Internet ecosystem.

Speakers
  • 3 Christoph Dietzel
Christina Chu - NTT
Full Abstract

Public Speaking Forum provides a positive and supportive environment in a small group for participants to improve self-confidence and skills in public speaking through practice and peer feedback. We will offer fifteen seats in a group with six 4-min speaking slots. Space is limited. Sign up is required. First come first served. If you sign up for a speaking slot, please prepare for a 4 mins speech with a topic of your choice. You can sign up for a speaking slot at https://www.nanog.org/meetings/nanog75/psf

Speakers
Christina Chu, NTT America
Christina serves as the Director of IP Strategic Planning in NTT America, Inc. She has over 20 years of experience in the Internet industry and is passionate in building communities. She has served four years in the NANOG Program Committee. She currently serves the Global Peering Forum board. Having participated in Toastmasters provides her firsthand experience the benefit of constant practice in improving one’s public speaking skills. She would love to help NANOG put together this public speaking program to nurture the community’s interest in presenting on stage.

Speakers
  • 3 Christina Chu - NTT
Full Abstract

A number of DNS software and service providers have announced that we will all cease implementing DNS resolver workarounds to accommodate DNS authoritative systems that don’t follow the EDNS protocol. Each vendor has pledged to roll out this change in some version of their software by the ‘Flag Day.’ Domains served by DNS servers that are not compliant with the standard will not function reliably after February 1, 2019, and may become unavailable. If your company’s DNS zones are served by non-compliant servers, your online presence will slowly degrade or disappear as ISPs and other organizations update their resolvers. When you update your own internal DNS resolvers to versions that don’t implement workarounds, some sites and email servers may become unreachable. This talk will cover the background of the changes, potential affects on Internet users/providers and testing methodologies to ensure minimal impact. *** Please note the following: We in the DNS community thought we had provided plenty of advance notice and forewarning of this flag day. We did not originally intend to give this talk at NANOG 75 as it is post flag day. However, we have received an alarming number of "OMG, will my DNS will stop working?" inquires in the past couple of weeks. It appears auditors have just started running compliance checks. As such, we feel this will now be a timely talk.

Speakers
Eddy Winstead, Internet Systems Consortium
Eddy has over 20 years of DNS, DHCP and sysadmin experience. He was a systems analyst and hostmaster for the North Carolina Research and Education Network (NCREN) for over a decade. At ISC, Eddy has delivered DNS + DNSSEC consulting, configuration audits and technical training.

Speakers
  • 3 Eddy Winstead
Full Abstract

Myriad360

Full Abstract

Bugs in network configuration can lead to security breaches and significant downtime, which in turn leads to monetary losses and damages the organization’s reputation. At the same time, network configuration is hard to get right because of the scale and heterogeneity of modern networks, the low-level nature of vendor configuration languages, and the complexity of intended policies. The emerging field of formal network validation is a direct response to this challenge. Researchers have recently developed a range of techniques to scalably and comprehensively reason about the correctness of the network configuration. I will present a network validation tool, called Batfish (www.batfish.org), along with its new Python client library, which is completely open source and has been used successfully inside many large networks. The talk will cover its software architecture, provide a hands-on view of using it for common validation tasks, and how the technology can be embed into the network’s lifecycle. The talk will include a detailed discussion of many bugs that Batfish has uncovered in real large networks.

Speakers
Daniel Halperin, Intentionet, Inc.
Dan Halperin is the Head of Engineering at Intentionet. From 2015-2017, he was a Senior Software Engineer at Google and from 2012-2015 he served as the Director of Research for Scalable Data Analytics at the University of Washington eScience Institute. He is an experienced networking researcher, holding a Ph.D. in Computer Science and Engineering from the University of Washington with more than 30 published papers. His research has been awarded multiple best paper awards, and he has been awarded the Intel Foundation Ph.D. Fellowship. A veteran of open source, Dan served as co-founder and project committee member for Apache Beam since 2015, and he has contributed 40+ patches to the Linux kernel.

Speakers
  • 3 Daniel Halperin
Full Abstract

LightRiver Technologies

Monday, February 18, 2019
Topic/Presenter
Damien Garros - Network to Code
Full Abstract

Device configuration templates have simplified a lot of things for the network industry but ​many networks are still managing their device properties (aka variables) manually which is very tedious and error prone. This talk will present a new approach to generate and manage network device properties easily using infrastructure as code principles.

Speakers
Damien Garros, Network to Code

Speakers
  • 3 Damien Garros - Network to Code
Full Abstract

The forum provides time for attendees to meet and network with others in the peering community present at NANOG. Peering Representatives, who completed and submitted the form, will have a dedicated table for up to 2 representatives. They will be able to distribute business cards, and provide a white paper or 1 sheet marketing page. Please note, any other type of give-away is not allowed. There will also be a customized, rotating slide deck on display during the forum.Ixia, a Keysight Business

Full Abstract

Digital Realty

L Sean Kennedy
Tina Morris - Amazon Web Services
Edward McNair - NANOG
Michael Devito
Brad Raymo - StackPath
Full Abstract

Speakers
L Sean Kennedy
L Sean Kennedy is an active member of the Internet Engineering community and Chairperson of the NANOG Board of Directors.

Tina Morris, Amazon Web Services
Tina Morris is currently a Technical Developer at Amazon specializing in the strategy and deployment of IPv4 and IPv6 address resources. Prior to this Tina was working as a Network Engineer in the Cable Industry at Time Warner Cable and Bright House Networks for 10+ years and she has been in a role focused on IP strategy since 2009.

Edward McNair, NANOG
Michael Devito, Digital Realty
Brad Raymo, StackPath
I have been in the industry for over 9 years now. I started in the NOC as a level 1 technician and have worked my way up from there. My main focus over the past 5 years has been on interconnection. Prior to joining the Program Committee I served on the Communications Committee where I was responsible for social media outreach. I am excited to see where the industry goes and how I can impact it.

Tina Morris: Tina Morris serves as a member on the NANOG Board of Directors and is a Senior Technical Business Development Manager at Amazon Web Services focused primarily on IPv4 and IPv6 address resource strategy. In addition, Tina is currently serving as Vice-Chair of the ARIN Board of Trustees and participates actively within the Global RIR community.
Edward McNair: Edward McNair is the Executive Director of the North American Network Operators Group (NANOG). He is also the co-founder of Kaskadian, an agency that provides branding, marketing and sales support for startups and new businesses. Prior to Kaskadian, Edward served as Chief Executive Officer for Verilan, an IT company that delivered just-in-time, enterprise-quality networks. Previously, he was Vice President of Internet Marketing for R2C, a leading direct marketing agency, and was Creative Director for the WiMAX Forum, a global Internet and telecom consortium. In the computer industry, Edward has developed corporate training solutions for Nike, Adidas, Columbia Sportswear, Kaiser Permanente, and FEI, among others. In addition, he has delivered professional services to NANOG, the Institute of Electrical and Electronics Engineers (IEEE), the Internet Corporation for Assigned Names and Numbers (ICANN), Facebook, Intel® and Mentor Graphics. Edward also developed the first web design program at the Pacific Northwest College of Art where he taught web and graphic design and interactive media courses for more than a dozen years. In his free time, Edward is involved in community theatre aimed at supporting local charities. His most recent production was playing the lead in the musical "Oklahoma!”
Speakers
  • 3 L Sean Kennedy
  • Tina Morris - Amazon Web Services
  • Edward McNair - NANOG
  • Michael Devito
  • Brad Raymo - StackPath
Full Abstract

Since 2011, the five RIRs have been offering Resource Public Key Infrastructure (RPKI) systems, aimed at making Internet routing more secure and reduce the risk of BGP hijacking. These systems allow members to log into web-based portals to request an RPKI certificate and use it to publish Route Origin Authorization (ROAs). In the hosted setup certificates, and keys, and signed products are all kept and published in the RIR infrastructure. However, four out of five RIRs also allow members to run their own RPKI infrastructure as a so-called Delegated RPKI Certificate Authority. LACNIC as the last RIR not to provide this option yet, is committed to have this functionality available by the end of 2019. While a hosted set-up serves many small ISPs well, there may be good reasons to run your own infrastructure instead. Possible use cases exist for: - Operators who require easier RPKI management that is integrated with their own systems in a more streamlined way - Operators who are security conscious and require that they are the only ones in possession of the private key of a system they use - Operators who want to be operationally independent from the parent RIR, such as National Internet Registries (NIRs) or Enterprises - Operators of global networks may wish to operate a single system, rather than maintain ROAs in up to five web interfaces. However, running your own CA comes at a cost. The talk will discuss these as well as possible mitigation strategies. For instance, providing the necessary availability can be managed by outsourcing publication to a cloud service provider. Finally, the talk will look into existing and upcoming options for deploying a CA. At the end of the talk, interested users will have a better understanding of which choice is best for their organization.

Speakers
Alex Band, NLnet Labs
Martin Hoffmann

Jay Hennigan - Impulse Advanced Communications
Full Abstract

The Oregon Country Fair is a three-day festival in a forested area with very limited cellular coverage. Most of the area has no grid power. Over 900 artisans and 90 food vendors serve upwards of 40,000 visitors during the July event. Providing payment card access to the nearly 1,000 vendors has been an ongoing challenge. The OCF IT crew has leveraged cable system technology to deploy a distributed wi-fi network throughout the fairgrounds. Challenges include powering the radio equipment, good coverage in the foliage, limiting access to necessary services, and environmental issues as the area is a flood zone in winter. Using CMTS and coaxial cable trunk lines was the key. Wireless nodes are powered via the distribution cable. The same network is also used for operational needs, security, etc.

Speakers
Jay Hennigan, Impulse Advanced Communications
Jay Hennigan is the Chief Network Architect for Impulse Advanced Communications, a network service provider based in Santa Barbara, California. Prior to Impulse Jay was one of the founders of WestNet Communications. He is an active volunteer with the Oregon Country Fair and is responsible for the recent deployment of CMTS technology there. Jay is CCIE #7880 and holds an FCC General Radiotelephone license.

Speakers
  • 3 Jay Hennigan - Impulse Advanced Communications
Full Abstract

Amazon Web Services, Microsoft Azure and Google Cloud all significantly invest in their backbone networks and global regional data center presence to support performance requirements. So how do these cloud networks actually behave and perform? This session will discuss the network performance and connectivity architecture findings gained from global measurements of Amazon Web Services, Microsoft Azure and Google Cloud, collected from global vantage points to cloud regions, within cloud backbones(inter-AZ and inter-region) and across clouds (multi-cloud). We’ll also share some interesting anomalies we observed in connectivity and performance stability, particularly in the Asia-Pacific region

Speakers
Archana Kesavan

Speakers
  • 3 Archana Kesavan
  • Archana Ramappa
Mitchell Baker - Mozilla
Full Abstract

Don’t miss this opportunity to hear one of TIME Magazine’s “100 Most Influential People” speak on her professional path and personal experiences as a woman working in tech, followed by a short Q&A.

Speakers
Mitchell Baker, Mozilla
Named one of the “100 Most Influential People” by TIME Magazine, Mozilla co-founder and chairwoman Mitchell Baker is responsible for organizing and motivating a massive, worldwide, collective of employees and volunteers who are building the internet as a global public resource. Deeply engaged in developing product offerings that promote the mission of empowering individuals, Mitchell also guides the overall scope and direction of Mozilla’s mission, and is a strong advocate for the open internet, open source, and the importance of connecting technology to its impact on individuals and society. She has appeared on a number of international news programs, including NBC’s “Meet the Press, “BBC’s “HardTalk,” and NPR’s “Morning Edition,” and has spoken at many high-level events, like Tech for Good, VivaTech, Wired NextFest, and the World Economic Forum.

Speakers
  • 3 Mitchell Baker - Mozilla
Full Abstract

EXFO

Christian Urricariet - Intel
Full Abstract

The data center ecosystem is going through unprecedented growth and innovation as new players, new business models and new technologies converge. One of the drivers is the evolving landscape of fiber optics technologies enabling new architectures and enhanced levels of performance for both cloud service providers and enterprises. Data centers now require Ethernet switches supporting 400 Gb/s data rates with high port count and low power dissipation. The talk covers the latest 400G industry trends in optics for the data center.

Speakers
Christian Urricariet, Finisar
Christian Urricariet is Senior Director of Global Marketing at Finisar. He has spent over 20 years introducing optical interconnect solutions for data centers, enterprises and telecom service providers worldwide. Since joining the company in 1999, he has held a variety of Product Management and Marketing roles encompassing the company’s 400G, 100G, 40G, 10G, 2G and 1G optical product lines. Prior to joining Finisar, he held several telecom product marketing and business development positions at Raychem Corporation. He holds an Electronics Engineering degree from the Buenos Aires Institute of Technology (ITBA).

Speakers
  • 3 Christian Urricariet - Intel
Eve Griliches - Product Marketing, Cisco Systems
Christian Schmutzer
Full Abstract

For many years optical transport networks have been deployed using TDM technologies such as PDH, SONET and OTN providing highly performant and resilient services to voice and data networks. With recent advances in router/switch architectures, embedded control plane protocols and central application software a single MPLS network layer can deliver any service that so far only PDH, SONET or OTN could deliver. During this session we will talk about some common "concerns" such as cost of transmission, latency & jitter, bandwidth guarantees & loss, service assurance & OAM and how they are no longer valid for a "neatly designed" MPLS transport network allowing network operators to remove the complexity of running many parallel networks. Submitted for Christian Schmutzer, Principal Engineer, Optical Systems, Cisco Bio: Christian Schmutzer is a Principal Engineer at Cisco Systems and has been with the company since 1998. Early on Schmutzer worked primarily on the design and deployment of large service provider backbones – with the focus on optical and routing technologies. Schmutzer then drove, as the technical expert, the product development and marketing strategy for the ASR 9000 and Cisco 7600 series router platforms. Since 2013 Schmutzer has been working on Packet/Optical network architectures and product development. He is the Principal Architect for Cisco's Transport Network Modernization Architecture. As a speaker for technical tutorials worldwide, he frequently shares his practical experience. He received his Masters from the Fachhochschule Technikum-Wien, Austria

Speakers
Christian Schmutzer, Cisco Systems
Christian Schmutzer is a Principal Engineer at Cisco Systems and has been with the company since 1998. Early on Schmutzer worked primarily on the design and deployment of large service provider backbones – with the focus on optical and routing technologies. Schmutzer then drove, as the technical expert, the product development and marketing strategy for the ASR 9000 and Cisco 7600 series router platforms. Since 2013 Schmutzer has been working on Packet/Optical network architectures and product development. He is the Principal Architect for Cisco's Transport Network Modernization Architecture. As a speaker for technical tutorials worldwide, he frequently shares his practical experience. He received his Masters from the Fachhochschule Technikum-Wien, Austria

Speakers
  • 3 Eve Griliches - Product Marketing, Cisco Systems
  • Christian Schmutzer
Thomas Bowlby
Rich Compton
Taylor Harris
Pratik Lotia
Full Abstract

DDoS Peering has been talked about a lot in theory but it's high time we started actual implementation. This talk intends to explain the proof of concept, we have developed at Charter Comm. and calls for action from ISPs to participate in this so that we can mitigate DDoS attacks in a more effective way.

Speakers
Thomas Bowlby
Rich Compton, Charter Communications
Taylor Harris
Since 2010 Taylor has worked with security technologies in the cable industry. He began his career with the Brighthouse Networks Business Solutions Services team as an operations engineer supporting enterprise customers with a focus on security and managed services. In 2013 he transitioned to a role in the Brighthouse sustaining engineering group where he would deploy and support the DDoS detection and mitigation infrastructure among many other responsibilities involving support of infrastructure and commercial customers. With the merger of Charter and Time Warner Cable he moved into the Advanced Engineering Security Architecture group where his role has expanded to a much broader landscape of network security while still focusing heavily on DDoS mitigation architectures, network consolidation, and solving new security challenges for very large networks.

Pratik Lotia, Charter Communications
Pratik Lotia works as a Security Engineer in the Advanced Engineering Security Architecture group at Charter Communications where he focuses on Automation, IPS/IDS, Botnets, network consolidation and designing new security solutions for very large networks. He has been working in automation technologies since 2013 while running a startup and is also working on developing various in-house DDoS mitigation tools. He has received recognition for his work from Lockheed Martin, Tata Group and Government of India.

Speakers
  • 3 Thomas Bowlby
  • Rich Compton
  • Taylor Harris
  • Pratik Lotia
Full Abstract

Despite its growing use as a Metro Ethernet protocol, EVPN was originally conceived to enable highly flexible and scalable LANs. In this tutorial RFC7432 co-author, Aldrin Isaac, will cover key building block functions and service models with EVPN and how they might be leveraged to support diverse use cases in LAN fabrics. Focus will be more on the ways to use EVPN and less on the inner workings of the protocol itself. Topics covered: - Building block functions and service types - Special use cases - Service chaining concepts - Overlay replication

Speakers
Aldrin Isaac, Juniper Networks
Aldrin is involved in strategic product development at Juniper. Prior to joining the Juniper team in 2015, Aldrin spent 20 years designing, building and running networks. He was the chief technologist responsible for the design and development of the global IP/MPLS and data center networks of a premier financial news, media and SaaS company, supporting the reach of its business to over 100 countries. During his career as an operator, Aldrin bootstrapped the industry collaboration that led to EVPN (RFC7432), for which is also a coauthor. Aldrin is also a pioneer in fully automated network infrastructure.

Speakers
  • 3 Aldrin Isaac - Juniper Networks
Jared Mauch - Akamai
Full Abstract

RIPE announced a trial service called RIS Live which lets you monitor BGP data in realtime. Monitoring BGP updates in realtime can provide important insights to your network and operations.

Speakers
Jared Mauch, Akamai
Jared Mauch works for NTT Communications Global IP Network in the Network Architecture and Development team. He has been active in network abuse and mitigation and won the J.D. Falk award for his work on the OpenResolverProject and other related works. He continues to work on routing and infrastructure security with an interest in the social and business reasons behind malicious actors.

Speakers
  • 3 Jared Mauch - Akamai
Full Abstract

A summary of AT&T's experience deploying ROV.

Speakers
Nimrod Levy, AT&T

Speakers
  • 3 Nimrod Levy - AT&T
Full Abstract

Monday had a talk on streaming telemetry where OpenConfig models and protocols featured and several of the microphone questions/comments related to a demand for standards definition and adoption. Comcast is actively working towards using OpenConfig to configure and monitor its core network. This lightning talk will be an overview of what we're getting up to, including working with the OpenConfig community and our vendors to maximize coverage for our use cases, and where we're going with these models. If there is interest we may be able to return at NANOG 76 with a full talk on our progress and challenges.

Speakers
Chris Luke, Comcast

Speakers
  • 3 Chris Luke - Comcast
Full Abstract

Charter Communications

Full Abstract

Speakers
LightRiver Technologies

Tuesday, February 19, 2019
Topic/Presenter
Antonin Bas
Carmelo Cascone
Andy Fingerhut - Cisco Systems, Inc.
Stephen Ibanez
Changhoon Kim
Robert Soule
Recordings
Full Abstract

This tutorial includes hands-on exercises; instructions for downloading the software is at https://p4.org/events/2019-02-19-nanog/ Download all software prior to the tutorial. Attendees will learn how to express conventional and novel data-plane applications in the P4 language, and how to compile, execute, and evaluate P4 programs. We will provide a VM image containing all the necessary packages and tools. The P4 specification is publicly available at the P4 website under an Apache license. Key development tools are available as open-source tools (http://github.com/p4lang). P4 (www.p4.org) is a programming language for describing how network packets should be processed on a variety of targets, ranging from general-purpose CPUs to network processors, FPGAs, and custom ASICs. P4 was designed with three goals in mind: (i) protocol independence: devices should not “bake in” specific protocols; (ii) field re-configurability: programmers should be able to modify the behavior of devices after they have been deployed; and (iii) portability: programs should not be tied to specific hardware targets. The P4 community maintains the language specifications, a set of open-source development tools, and sample P4 programs with the goal of making it easy for P4 users to quickly and correctly author new data-plane behaviors. P4 continues to be a transformative technology in networking and an increasingly popular choice for developing data-plane designs. Well-known data-plane features typically realized in a fixed-function logic are now being authored in P4, allowing network owners to understand and even verify their network devices’ behavior in an unambiguous manner. Meanwhile, new ideas are also being prototyped, evaluated, and productized in P4. We believe there are many opportunities for network operators to help evolve the design of the language, discover new implementation techniques, and develop their own custom use cases.

Speakers
Antonin Bas
Andy Fingerhut, Cisco Systems, Inc.

Speakers
  • 3 Antonin Bas
  • Carmelo Cascone
  • Andy Fingerhut - Cisco Systems, Inc.
  • Stephen Ibanez
  • Changhoon Kim
  • Robert Soule
Krassimir Tzvetanov - Purdue University
Full Abstract

Working with LE is something that many providers fear because of the unknown and and potentially some history. However, over the past decade the anti-abuse community has come to appreciate working with LE and there has been a number of really good examples of sucessfull collaboration. Mirai take-down, the Booter services take-down from Dec 2017, etc. The purpose of this track is to bring in some case studies of combined commercial company and LE work to light. * Elliott Peterson: Mirai take-down * Gabriel Andrews: (undisclosed) * Elvis Chan: (undisclosed) * Case 4 (undisclosed) * Panel discussion

Speakers
Krassimir Tzvetanov, Fastly, Inc.
Krassimir Tzvetanov is a security engineer at Fastly, a high performance CDN designed to accelerate content delivery as well as serve as a shield against DDoS attacks. In the past he worked for hardware vendors like Cisco and A10 focusing on threat research, DDoS mitigation features, product security and best security software development practices. Before joining Cisco, Krassimir was Dedicated Paranoid (security) at Yahoo!, Inc. where he focused on designing and securing the edge infrastructure of the production network. Part of his duties included dealing with DDoS and abuse. Before Yahoo! Krassimir worked at Google, Inc. as an SRE for two missing critical systems, the ads database supporting all incoming revenue from ads and the global authentication system which served all of the company applications. Krassimir holds Bachelors in Electrical Engineering (Communications) and Masters in Digital Forensics and Investigations.

Speakers
  • 3 Krassimir Tzvetanov - Purdue University
Full Abstract

Adva Optical Networking

Full Abstract

Seaborn Networks

Full Abstract

White box switches and open networking are no longer only for the hyper scale companies with giant IT organizations. White box in the enterprise is possible, given the right mindset, and a well thought out plan (after much lab testing)... This session discusses the pro's and con's, challenges and pitfalls, and eventual success of white box switch deployments at a medium size enterprise.

Speakers
Matt Turner

Speakers
  • 3 Matt Turner
Full Abstract

During the 2015 BlackHat conference, the authors presented an approach which makes it possible for an arbitrary attacker to use vulnerabilities in the Border Gateway Protocol to obtain fraudulent certificates, recognized by browsers as valid ones, for Web sites an attacker couldn't otherwise control. As a result, the overall security of Internet PKIX, which we all rely on daily while browsing our favorite social networks and banking systems, was shown to be at risk. Plenty of time has passed since August 2015. Researchers were digging into the issue, certificate authorities kept an eye on it, changes to Internet protocols were designed and implemented, and black hats started to exploit the method after all. As it is now almost four years after the discovery of the initial issue, it's a good time to examine the outcome: what has been done, what's yet to be done and how long does it take for the Internet community to amend an Internet protocol even for the greater good.

Speakers
Artyom Gavrichenkov, Qrator Labs CZ
CTO at Qrator Labs, a DDoS mitigation and network monitoring company. Graduated from Moscow State University, faculty of Computational Mathematics and Cybernetics; has been working in the area of IT networking and monitoring for a decade. Has previously been presenting at numerous conferences, including BlackHat USA, RIPE Meeting, APNIC/APRICOT, and ICANN EE DNS Forum.

Speakers
  • 3 Töma Gavrichenkov
Rafal Szarecki - Juniper Networks
Full Abstract

Many large-scale service provider networks use some form of scale-out architecture at peering sites. In such an architecture, each participating Autonomous System (AS) deploys multiple independent Autonomous System Border Routers (ASBRs) for peering, and Equal Cost Multi-Path (ECMP) load balancing is used between them. There are numerous benefits to this architecture, including but not limited to N+1 redundancy and the ability to flexibly increase capacity as needed. A cost of this architecture is an increase in the amount of state in both the control and data planes. This has negative consequences for network convergence time and scale. In this session we describe how to mitigate these negative consequences through configuration of the routing protocols, both BGP and IGP, to utilize what we term the "Abstract Next-Hop" (ANH). Use of ANH allows us to both reduce the number of BGP paths in the control plane and enable rapid path invalidation (hence, network convergence and traffic restoration). We require no new protocol features to achieve these benefits.

Speakers
Rafal Szarecki, Juniper Networks
Rafal Szarecki (JNCIE 136) has 20+ years of experience in networking industry. He has started his career working for ISP in Poland as Network Operation Centre stuff member in 1996. Later in his career he work in Customer Support consultant and then as Network Architect in Ericsson. In 2006 Rafal joined Juniper Networks Professional Services Team and later become Principal Consultant. He has worked on over 50 different projects, with more then 20 Telecoms and ISP including some of global reach such British Telecom, Telefonica, Telenor. He designed and/or helped in deployment in multiple countries in Europe and Middle East. During this time he was also active member of PLNOG. Currently Rafal held position of Solution Architect in Routing Product Team in Juniper Networks in Sunnyvale, CA. In this role, Rafal is supporting the most challenging networks and customers in their architectural evolution and provide feedback to products development to ensure Juniper hardware and software will stand to this challenges.

Speakers
  • 3 Rafal Szarecki - Juniper Networks
Full Abstract

Sponsored by: NANOG, Salesforce, and Iron Mountain Time: 8:00pm - 11:00pm Location: Exploratorium Address: Pier 15 The Embarcadero, San Francisco, CA 94111 Transportation will be provided. **NANOG Badge required for entry**Iron Mountain Data Centers

Andrei Robachevsky - Global Cyber Alliance
Full Abstract

There is nearly universal agreement that the Internet routing system is vulnerable to attack, but thoughts on how to address the problem vary from better technology to peer pressure to business incentives. Routing security requires voluntary actions from every network, but there is little incentive for any individual network to take action. So what do we do? We believe there is enough incentive to implement the minimal, absolutely essential elements of routing security - especially if they are perceived as a common business expectation, a norm. These norms many not necessarily bring tangible benefits to the individual network adhering to them, but they benefit society and the Internet as a whole. Norms can have wide societal support and help expose those who do not adhere to them, allowing for corrective actions. In this talk, we will look at the Internet routing ecosystem and identify three main categories of actors: ISPs, IXPs, and cloud/content providers. We will explore which actions can have the biggest impact on the security of inter-domain routing and look at some of the incidents from 2018 and how they could have been avoided. Finally, we'll present three minimum baselines for the respective categories and discuss how they can become norms. To make the discussion more interactive, it will include real-time polling of the audience.

Speakers
Andrei Robachevsky, Internet Society
Andrei Robachevsky is the Senior Technical Programme Manager at the Interenet Society. His primary area of interest is security and resilience of the Internet infrastructure. This work is based on active engagement with the operator, research and policy communities. Prior to joining ISOC, Andrei was Chief Technical Officer of the RIPE NCC, responsible for the deployment of DNSSEC for the reverse DNS tree and deployment of anycast instances of the K-root DNS server. Andrei brings to the Internet Society more than 20 years experience in the Internet technical community. For more than a decade he is actively following Regional Internet Registry (RIR) and Internet Engineering Task Force (IETF) activities. He was Chair of the Number Resource Organization’s (NRO) Engineering Coordination Group (ECG), which is responsible for various technical inter-RIR activities and projects. In 2010-2012 Andrei was a member of the Internet Architecture Board (IAB).

Speakers
  • 3 Andrei Robachevsky - Global Cyber Alliance
Christopher Yoo - University of Pennsylvania
Full Abstract

2018 saw major growth in adoption of the Resource Public Key Infrastructure (RPKI) framework for routing security, with NANOG 74 marking an inflection point. Over the year, players like Cloudflare and NTT began participating in the framework; the five Regional Internet Registries engaged in efforts to make implementing RPKI easier; programs like the Mutually Agreed Norms for Routing Security promoted RPKI around the world. At NANOG 74 in particular, many talks and myriad hallway discussions pushed the RPKI effort forward. As a result, RPKI use is higher than ever before. In Europe, for example, over 40% of announced IP space is now covered by a Route Origin Authorization—the attestation establishing who is permitted to publish routing announcements for given IP space. Yet, while North American numbers have increased, they remain below 10%. To ensure continued RPKI growth, the NANOG community must pay sustained attention to the adoption effort. In addition to describing industry-wide efforts to develop awareness and better software tools to ease RPKI implementation, this talk will present the recommendations of my team’s report, published in December 2018, concerning the legal structure supporting RPKI’s adoption, which were heavily influenced by discussions at NANOG 74. Those discussions have already resulted in important changes to how RPKI resources are distributed by the American Registry for Internet Numbers (ARIN). ARIN further plans to consider a set of recommendations in the spring of 2019. The talk will outline the reasons behind the recommendations in light of community dialogue after NANOG 74. Further, the talk will raise an important new possibility: Would it be valuable to establish an independent nonprofit organization devoted to publishing the North American RPKI repository? Such an organization would require significant effort to create and operate, but it may be more reliable and resilient when compared with the current structure for RPKI repository distribution.

Speakers
Christopher Yoo, University of Pennsylvania
Christopher is one of the nations leading authorities on law and technology. Recognized as one of the most cited scholars in administrative and regulatory law as well as intellectual property, his major research projects include studying innovative ways to connect more people to the Internet; using technological principles to inform how the law can promote optimal interoperability; protecting privacy and security for autonomous vehicles, medical devices, and the Internets routing architecture; comparing antitrust enforcement practices in China, Europe, and the U.S.; copyright theory; and network neutrality. He is also building innovative integrated interdisciplinary joint degree programs designed to produce a new generation of professionals with advanced training in both law and engineering. The author of more than 100 scholar works, Yoo testifies frequently before Congress, the Federal Communications Commission, the Federal Trade Commission, the U.S. Department of Justice, and foreign governments.

Christopher Yoo: Christopher is one of the nation’s leading authorities on law and technology. Recognized as one of the most cited scholars in administrative and regulatory law as well as intellectual property, he is the coauthor of a major NSF-supported report on legal barriers to RPKI adoption. His other major research interests include studying innovative ways to connect more people to the Internet, assessing the impact of Internet connectivity on individual wellbeing, using technological principles to inform how the law can promote optimal interoperability, and network neutrality. He is also building innovative integrated interdisciplinary joint degree programs designed to produce a new generation of professionals with advanced training in both law and engineering. The author of more than 100 scholarly works, he testifies frequently before Congress, the Federal Communications Commission, the Federal Trade Commission, the U.S. Department of Justice, foreign governments, and international organizations. Before entering the academy, he clerked for the Hon. Anthony M. Kennedy of the Supreme Court of the U.S. and worked under the supervision of now-Chief Justice of the U.S. John G. Roberts, Jr., at Hogan & Hartson (now Hogan Lovells).
Speakers
  • 3 Christopher Yoo - University of Pennsylvania
Full Abstract

In the past, when we designed, built, and operated networks as a collection of devices (routers, switches, and firewalls) we defined our network architecture in terms of physical layers. The three-tiered Core, Aggregation/Distribution, and Access model is familiar to every network engineer. Server virtualization and new application frameworks have forced us to reconsider this model. Instead of a multi-tier hierarchical design, we have found folded-Clos (spine-leaf) networks much more efficient at moving large quantities of packets from anywhere to anywhere. In order to keep up with the speed of virtualized compute and storage, we’ve adopted virtualized networks that run as an overlay (with the physical Clos network becoming an underlay). Visualizing the network in this way gives us a new 2-tier model. Instead of trying to conceptualize the physical network into an outdated hierarchy, we can now look at the entire logical network platform as a two tier system. The (spine-leaf) underlay is the Core layer switch and the overlay is the Access layer router. This is super helpful when we want to decide where network functions should live. The Core is still there to move packets, fast, and the Access is there to handle routing and policy as well as to provide additional features and functions.

Speakers
Chris Grundemann, Myriad360
Chris Grundemann is a passionate, creative technologist and a strong believer in technology's power to aid in the betterment of humankind. In his current role as Director of Strategy at Myriad he expresses that passion by helping clients build bigger, faster, more efficient IT infrastructure that is both more secure and easier to operate and scale. Chris has over a decade of experience as both a network engineer and solution architect designing, building, securing, and operating large IP, Ethernet, and Wireless Ethernet networks. Chris holds 6 patents in network technology and is the author of two books, an IETF RFC, a personal weblog, and various other industry papers and blogs. As a volunteer he is currently serving as President of IX-Denver, Program Committee (PC) member for AfPIF, and Chair of the Open-IX BCOP committee. Chris often speaks at conferences, NOGs, and NOFs the world over. Chris is currently based in Brooklyn, NY and can be reached via Twitter.

Full Abstract

New standards in support of improved data center efficiencies are emerging. In the IEEE 802 Standards Committee, the IEEE 802 "Network Enhancements for the Next Decade" Industry Connections Activity (Nendica), which identifies industry requirements and trends, has published its first report, covering lossless networks for data centers. This report documents trends to reduce and eliminate congestion that leads to packet loss and unacceptable latency in the modern data center. As a result of that study, IEEE 802 has already begun standardization on one solution, based on congestion isolation as an improvement to priority flow control. Nendica continues to seek user partnerships to help steer future standardization in a productive direction. In November 2018, Nendica cooperated with IETF on the 802/IETF Data Center Workshop, identifying many areas of potential cooperation and complementary opportunities. This NANOG presentation reviews some of the technologies described in the IEEE 802 Nendica Report "The Lossless Network for Data Centers." It also proposes opportunities for cooperation with communities such as NANOG with an interest in networks and data centers.

Speakers
Roger Marks, EthAirNet Associates
Roger Marks of EthAirNet Associates is Chair of the IEEE 802 “Network Enhancements for the Next Decade” Industry Connections Activity ("Nendica") within the IEEE 802.1 Working Group. He has served on the Executive Committee of the IEEE 802 LAN/MAN Standards Committee since 1998, currently as Second Vice Chair. He initiated the IEEE 802.16 Working Group and has served as its chair since inception. Marks received his A.B. degree from Princeton University and his Ph.D. from Yale University. He served as a physicist in the U.S. National Institute of Standards and Technology for 17 years. He is currently interested in novel solutions for data center networking.

Speakers
  • 3 Roger Marks - EthAirNet Associates
Full Abstract

Have you ever wished you could tailor IGP computation to fit your own traffic engineering needs? Such as by computing: Paths considering a subset of the routers in your network? – a network plane or slice Paths that minimize cumulative delay to a destination based on measured per-link delay? Paths traversing only encrypted MACsec links? Both for primary and pre-computed backup paths Paths traversing only high speed interfaces All the above use cases are now possible. And furthermore, they are possible at scale and based on the source routing paradigm. Meet SR Flexible Algorithms !!! SR Flexible Algorithms (FA) is the latest standards-based tool in the SR TE toolkit. FA allows operators to tailor IGP SPF computation according to their own needs. An operator can define and assign new SR segments (prefix SIDs) to realize forwarding beyond SPF based on link cost. As a result, FA provides a traffic engineered path from anywhere to anywhere automatically computed by the IGP. This presentation provides a technical overview of this new technology and its benefits for network operators, including: Flexibility –operator defines algo Simplicity –single IGP process, and single loopback with multiple SIDs Scalability –single SID (instead of a label stack) can now be used to enforce traffic on the Flex-algo specific path Rich functionality –optimum sub-50msec TI-LFA backup paths respecting the same optimization objective and constraints as the primary path Automation –FA inherits all the scale and automation benefits powered by intent-based networking with on-demand SR policy instantiation and automated traffic steering More importantly, presentation dwells into key use cases that leverage this solution; including: Multi-plane network designs Intent-based network slicing Low latency routing Secured Intelligent Transport Why is this session relevant to NANOG? FA is a new concept with large set of use cases. Thus, we consider that this topic will be of interest for the NANOG audience.

Speakers
Jose Liste, Cisco Systems
Jose Liste is a Principal Technical Marketing Engineer part of Cisco Systems’ Service Provider Network Group. Over the years, he has worked with operators worldwide designing and implementing Carrier Ethernet services over MPLS networks. He currently focuses on Segment Routing and its applicability to SP and WEB customers. Jose has over twenty years of experience in the telecommunications sector. He received his Master of Science degree in Telecommunications from the University of Colorado at Boulder and a Bachelor’s degree in Electronic Engineering from the Simon Bolivar University in Venezuela

Speakers
  • 3 Jose Liste
Full Abstract

In this talk, Andy Bechtolsheim will share his vision for how the 400G and 800G transitions will manifest first in the DC and short haul interconnect build-outs, and then extend to 100-1000km and beyond, all based on next generation digital coherent optical technology. Advances in DSP and modulation technology make it possible to include 400G, and soon, 800G coherent optical transponders in standard OSPF and QSFP-DD packages that are capable of greater than 1000km transmission over commercially available fiber. This technology makes it possible to build the next phase of intermediate and long haul Internet backbones with low cost, interoperable, generally available optics that leverage the same technology as short reach optics used in datacenters, thus minimizing cost by leveraging economies of scale.

Speakers
Christian Martin, Arista Networks

Speakers
  • 3 Christian Martin - Oracle
Full Abstract

Evocative Data Centers

Recordings
Full Abstract

LightRiver Technologies

Full Abstract

This talk covers the appearance of top ASNs - AS1, AS2 and AS3 in the global routing table. It shows the ASNs which "leaked" the noise as well as basic instructions to the network operators and the IXP admins to prevent those.

Speakers
Anurag Bhatia

Speakers
  • 3 Anurag Bhatia
Full Abstract

I'd like to re-do (with updates) the presentation I did in Vancouver for the security track, except do it in the main session. Basically: 1) howdy! I'm going to start filtering bgp peers 2) why? because .. someone turned into a transit network and now my customers.. wait, I have customers?? 3) how? With software! (and some data and time) 4) I said this in Vancouver, merry xmas! wait, I am late... Happy Spring Cleaning Time? (dates for execution update)

Speakers
Chris Morrow, Google

Speakers
  • 3 Chris Morrow - Google
Wednesday, February 20, 2019
Topic/Presenter
Full Abstract

The Caribbean Network Operators Group (CaribNOG) is a volunteer community dedicated to exchanging technical information and experiences related to the management of communications networks in the Caribbean region. The group routinely deals with the issues of routing, IPv6, cloud computing, Internet exchange points and network security. This talk will introduce attendees to CaribNOG and highlight 2019 activities that would be of interest to the NANOG community.

Speakers
Stephen Lee

Speakers
  • 3 Stephen Lee - ArkiTechs Inc.
Full Abstract

Sponsored by: Serro Time: 5:00pm - 9:00pm Location: SENS Restaurant Address: 4 Embarcadero Center, San Francisco, CA 94111 Walking distance from Hotel. **NANOG Badge required for entry**Radware

Edward McNair - NANOG
Full Abstract

Speakers
Edward McNair, NANOG

Edward McNair: Edward McNair is the Executive Director of the North American Network Operators Group (NANOG). He is also the co-founder of Kaskadian, an agency that provides branding, marketing and sales support for startups and new businesses. Prior to Kaskadian, Edward served as Chief Executive Officer for Verilan, an IT company that delivered just-in-time, enterprise-quality networks. Previously, he was Vice President of Internet Marketing for R2C, a leading direct marketing agency, and was Creative Director for the WiMAX Forum, a global Internet and telecom consortium. In the computer industry, Edward has developed corporate training solutions for Nike, Adidas, Columbia Sportswear, Kaiser Permanente, and FEI, among others. In addition, he has delivered professional services to NANOG, the Institute of Electrical and Electronics Engineers (IEEE), the Internet Corporation for Assigned Names and Numbers (ICANN), Facebook, Intel® and Mentor Graphics. Edward also developed the first web design program at the Pacific Northwest College of Art where he taught web and graphic design and interactive media courses for more than a dozen years. In his free time, Edward is involved in community theatre aimed at supporting local charities. His most recent production was playing the lead in the musical "Oklahoma!”
Speakers
  • 3 Edward McNair - NANOG
Igor Giangrossi - Nokia
Full Abstract

Mobile networks typically go through a transformation every 10 years, with the new generation always bringing additional capacity and enhanced capabilities. This is not different with 5G: it promises blazing speeds, low latency, and better support for deploying applications closer to the subscribers. But operators need to prepare their IP networks before they can deploy any new radio access technology. This session will describe the radio access network evolution from distributed to centralized architectures, the innovations introduced by 5G and how they impact the IP network requirements.

Speakers
Igor Giangrossi, Nokia
Igor Giangrossi is a Principal Consulting Engineer at Nokia covering the IP Transport and Mobile Packet Core portfolio for the North America region. Igor has over 20 years of experience in the Networking industry, particularly within Service Provider networks. Prior to Nokia he held various technical leadership positions working on fixed and wireless infrastructure and managed services creation for selected verticals. Igor holds a bachelor’s degree in electrical engineering from Instituto Maua de Tecnologia and is a Harvard Business School alumnus from the Program for Leadership Development.

Igor Giangrossi: Igor Giangrossi is a Sr. Director in the Consulting Engineering team for IP Routing products at Nokia. With over 25 years of experience in the networking industry, he still remembers dealing with vampires. Igor holds a bachelor’s degree in Electrical Engineering from Instituto Maua de Tecnologia in Brazil and is a Harvard Business School alumnus from the Program for Leadership Development.
Speakers
  • 3 Igor Giangrossi - Nokia
Leif Sawyer - GCI Comunication Corp (AS8047)
Full Abstract

Author name: Leif Sawyer Professional affiliation: ARIN Advisory Council, Vice-Chair Email address: [email protected] Phone Number: 907-351-1535 Abstract: This talk will start by summarizing the current ARIN policies under discussion by the Advisory Council, and how the proposals will impact the operator community. The second half will focus on policies surrounding database cleanup issues with regard to Point-of-Contact cleanup, WHOIS, law-enforcement objectives, abuse monitoring and reporting, and the challenges involved in ensuring accuracy while minimizing the impact on the operators and the maintainers. ARIN-2018-1 Allow Inter-regional ASN Transfers ARIN-2018-2 Clarification to ISP Initial Allocation and Permit Renumbering ARIN-2018-3 Remove Reallocation Requirements for Residential Market Assignments ARIN-2018-4 Clarification on Temporary Sub-Assignments ARIN-2017-12 Require New POC Validation Upon Reassignment ARIN-prop-255 NRPM Cleanup ARIN-prop-256 Modify 8.3 and 8.4 for Clarity ARIN-prop-257 Disallow Third-party Organization Record Creation ARIN-prop-258 Clarify reassignment requirements in 4.2.3.7.1

Speakers
Leif Sawyer, GCI Communication, Corp.

Speakers
  • 3 Leif Sawyer - GCI Comunication Corp (AS8047)