Agenda

Click on any talk title in the agenda to view the full abstract and speaker info.

Watch the Webcast Please note agenda is subject to change.

Monday, June 14, 2021
Topic
Full Abstract

Welcome to NANOG 82 - Virtual

Tina Morris: Tina Morris is a Senior Technical Business Developer at Amazon Web Services focused primarily on IPv4 and IPv6 address resource strategy. Prior to this Tina was a Principal Network Engineer at Time Warner Cable/Bright House Networks for 11 years. In addition, Tina is currently serving as Chair of the Advisory Council in her 6th year on the ARIN Advisory Council and participates actively with the Global RIR community.
Cat Gurinsky: Cat Gurinsky is a network engineer at Apple working on global large scale datacenter deployments. In previous network engineering roles at Valparaiso University, Switch & Data, and Equinix she has worked on everything from enterprise and wireless deployments to internet exchanges and data centers. She first started working in network engineering in 2007 and began attending NANOG in 2009. Cat has previously served NANOG as part of the Development Committee from 2011-2012. Cat has a passion for BGP, Python, network tools, automation and anything that can help make life easier in large scale networks.
Speakers
  • Speaker Tina Morris - Amazon Web Services
  • Avi Freedman
  • Cat Gurinsky - Apple Inc.
Full Abstract

The network automation stack at Roblox has grown and evolved over time taking into account several old and new use cases, as well as problems and challenges encountered over time. Quite often, we hear people talking about the amazing work happening in organizations around network automation that aims to solve hard problems and simplify workflows. We don't however, hear much about the problems and challenges that Network Automation teams face with their existing automation stacks on a day to day basis as the network grows and demands increase.
The aim of this presentation is to provide a glimpse into the Network Automation stack at Roblox, starting from day 0 and revisiting some of the challenges and problems with our older automation techniques that led us to evolve the stack and solve the problems in creative ways over time. Along the way, we learnt several things related to building and operating a robust and scalable automation stack, which I will try to to share towards the end.

Mayuresh Gaitonde: I am a Network Engineer turned Network Automation guy / Network Reliability Engineer who loves building micro-service based frameworks for the monitoring, provisioning and deployment of large/web scale network environments. I am a fan of Open Source but less so than building things myself to get the job done :) I prefer coding in Go and Python and recently have developed an active interest in front end development using React-JS. Career wise, I have led web scale network automation efforts at Facebook and Roblox over the last decade. Prior to Network Automation, I was mostly involved with network design and operations for vendors and ISPs. I hold dual active CCIE certifications (# 33010 ).
Speakers
  • Speaker Mayuresh Gaitonde
Full Abstract

Too many engineers still believe that the only significant advantage of IPv6 over IPv4 is that it is larger. While this is technically true, it is not the whole truth. This presentation briefs explores two difficult business problems and their IPv6-centric solutions, clearly outlining the superiority of IPv6 in certain architectures. The presentation ends with a brief discussion on network automation that relates specifically to these IPv6-centric solutions. Attendees are also given access to professional whitepapers detailing each solution as well as the source code for all automation tools discussed.

Nick Russo: Nicholas (Nick) Russo, CCDE #20160041 and CCIE #42518, is an internationally recognized expert in IP/MPLS networking and design. To grow his skillset, Nick has been focused advancing Network DevOps via automation for his clients. Recently, Nick has been sharing his knowledge through online video training and speaking at industry conferences. Nick also holds a Bachelor's of Science in Computer Science from the Rochester Institute of Technology (RIT). Nick lives in Maryland, USA with his wife, Carla, and daughters, Olivia and Josephine.
Speakers
  • Speaker Nick Russo
Full Abstract

Put your NANOG + network engineering knowledge to the test with a round of Kahoot trivia during the last 15 minutes of the break.
Join the Zoom Session as early as 1:30pm EDT.

https://nanog.zoom.us/j/99397289548?pwd=UkdPamx2QkFPeThtSXJTK1RFZi9lZz09
Passcode: 705631

Make sure you open the Kahoot! app or a separate web browser to Kahoot.it to play along!

Sponsors:
Full Abstract

Are you a Newcomer to NANOG? Would you like to network with other Newcomers and NANOG veterans?

Join us for the Zoom Session!
https://nanog.zoom.us/j/97552490062?pwd=UnJqekc3cndXbVJrNG9pUG9zNWR1dz09

See the attached file for talking points to be used in the breakout rooms.

Full Abstract

In this talk, we provide one of the first end-to-end studies of global DDoS traffic. We leverage a unique multi-year collaboration with Nokia CSP customers around the world to trace DDoS traffic from its IPHM hosting and botnet origins through global transit and on to the final consumer and enterprise network intended victims. Our data includes real-time telemetry from several thousand of backbone routers across a geographically and business model diverse set of carriers (i.e global transit, consumer, regional provider, web scale, hosting, etc). In addition, we estimate potential future scale of DDoS attacks using extensive crawling of active IPv4/IPv6 address space to discover potential abuse endpoints as well as packet traces gathered from commercial accounts on the top commercial “booter” services.

Our major findings include:

Peak daily aggregate DDoS traffic rates have more than doubled over the last year. At the end of 2020, we measured average daily 5min peaks at 1.5 Tbps. In March 20201, the average daily peak exceeded 3 Tbps in transit networks

The majority of DDoS (as measured by spoofed pps and number of events) originated in less than fifty IPHM hosting companies and regional carriers. While DDoS traffic reaching victim enterprise / consumer networks peaked at 3 Tbps, we observed spoofed pps origination rates exceeding 50 Mpps and represent a potential 5x or more larger amplified attack potential.

We show observed attack bandwidth at destination victim networks remains a fraction of potential due to errors in selection of amplifiers, non-optimal amplifier payload creation and widespread use of rate limiters on peering connections

Finally, we evaluate the efficacy of different DDoS mitigation strategies, including open source code and BGP FlowSpec as well as the use programmable router filters. We show recent routers OS / hardware offerings from most vendors can block up to 98% of all volumetric DDoS

Speakers
  • Speaker Craig Labovitz
Full Abstract

Distributed denial of service (DDoS) attacks are at the tipping point of becoming everybody's top concern: (1) the peak capacity of DDoS attacks has been growing exponentially for years, (2) this trend is not slowing down, and (3) most attacks are not yet very sophisticated. While current DDoS protection systems have been able to match the peak capacity of attacks, they are brittle in the face of the increasing sophistication of attacks. In this talk, we introduce Gatekeeper, a DDoS protection system that scales to any peak capacity, delivers unparalleled multi-vector protection and mitigates attacks in seconds.

Speakers
  • Speaker Cody Doucette
Recordings
Files
Full Abstract

The DNS is changing. Current efforts to add privacy through channel encryption in the DNS are just part of a larger picture. Authentication of DNS responses through DNSSEC is also part of the picture, as well as transport layer robustness and the concerns over the continued use of UDP as the common substrate. In addition, we are now adding a rich layer of service rendezvous tools to the DNS through the SVCB and HTTPSSVC records. Taken together, these are a lot of changes to a vital component of common Internet infrastructure and it is reasonable to ask how likely these proposed DNS changes are to see deployment and will the DNS be fundamentally changed along the way?

Geoff Huston: Geoff Huston is the Chief Scientist at APNIC, the Regional Internet Registry for the Asia Pacific. Prior to this role he was the Chief Internet Architect at Telstra in Australia. He has served on the Internet Architecture Board and chaired a number of IETF Working Groups. His current research interests include routing, security and the DNS.
Speakers
  • Speaker Geoff Huston - APNIC
Tuesday, June 15, 2021
Topic
Full Abstract

Meeting Agenda, slide deck, and link to webinar available at
https://nanog.org/events/nanog-82-members-meeting/agenda-members-only/
(MUST be a NANOG member and signed in with NANOG credentials to view)

Full Abstract

This presentation describes recent enhancements to PING and TRACEROUTE as per RFC 5837 and RFC 8335.

Ron Bonica: Ron Bonica is a Distinguished Engineer at Juniper Networks, specializing in IPv6 and Segment Routing. He is active in the Internet Engineering Task Force (IETF), having authored or co-authored twenty RFC documents and served three two-year terms as co-director of the IETF Operations and Management Area. Ron currently co-chairs the IETF V6OPS and OPSEC Working Groups. Prior to joining Juniper Networks, Ron was employed by a major Internet Service Provider and operated an Layer 3 Virtual Private Network for U.S. Government customers.
Speakers
  • Speaker Ron Bonica - Juniper Networks
  • Andreas Roeseler
Speakers
  • Speaker Vinton G. Cerf
Full Abstract

Put your NANOG + network engineering knowledge to the test with a round of Kahoot trivia during the last 15 minutes of the break.

Join the Zoom Session as early as 1:30pm EDT.
https://zoom.us/j/92675158262?pwd=MVYvWW02a29uKzd3cVBRaXU4czY2UT09
Passcode
388535

Make sure you open the Kahoot! app or a separate web browser to Kahoot.it to play along!

Sponsors:
Full Abstract

Would you like to participate in the WIT Networking Session at NANOG 82? Join us for the Zoom Session!
https://nanog.zoom.us/j/99426035731?pwd=SEN3NFMvQ1dlU1RnUFFEbG05S3Q2Zz09

See the attached file for talking points to be used in the breakout rooms.

Full Abstract

This presentation discusses applications of Segment Routing Flex-Algo, including (i) path diversity (ii) differential traffic treatment for low-latency vs bulk internet traffic. Also we will show how Flex-Algo is used as a key ingredient in network slicing deployments, and provides a way of coupling telco cloud overlay networks into the desired flavor of colored underlay transport. Finally, we will discuss how colored transport can be extended across multiple ASes using BGP Classful Transport.

Julian Lucek: Julian Lucek is a Distinguished Systems Engineer at Juniper Networks, where he has been working with many operators on the design and evolution of their networks. Before joining Juniper Networks, he worked at BT for several years, at first in the Photonics Research Department and later in the data transport and routing area. During this time he gained a PhD in ultrahigh-speed optical transmission and processing from Cambridge University. He also has a Master's degree in Physics from Cambridge University. He is the holder of several patents in the area of communications technology. He is co-author of the book "MPLS-Enabled Applications: Emerging Developments and New Technologies", by Ina Minei and Julian Lucek.
Speakers
  • Speaker Julian Lucek - Juniper Networks
Full Abstract

In this talk we discuss the security of US "Alerting Authorities" (AA) in the context of web-based communication: we study the domain namespace structure, DNSSEC penetration, and web certificates. We introduce an integrative threat model to better understand whether and how the online presence and services of AAs are harmed.

Although we observe partial heightened security relative to the global Internet trends, yet find cause for concern as about 78% of service providers fail to deploy measures of trustworthy service provision. We discuss the causes for the shortcomings and suggest a number of improvements for web-based communication directed at Alerting Authorities and other critical infrastructure providers.

Speakers
  • Speaker Pouyan Fotouhi Tehrani
Full Abstract

It is very common to make mistake during configuration of BGP, specially while entering ASN for prepend. Just to find out how bad the problem is I looked up the data from MANRS Observatory [source: bgpstream.com] for last 3 years to check any possible hijack event involving ASN from 1 to 10 and any ASN which doesn't look right e.g. AS1111111.

These are mistakes but definitely considered as hijack. In this presentation I will review the data of these year and highlight major incidents. Allegedly, most of these apparent hijacks are caused by Mikrotik boxes running RouterOS, the way they use BGP prepend which causes confusion for network operators.

Aftab Siddiqui: Aftab Siddiqui is the Senior Internet Technology Manager atthe Internet Society and leading the MANRS (Mutually Agreed Norms for Routing Security) initiative. MANRS is a global community driven initiative encouraging network service providers, Internet exchange points, Cloud and CDN operators to implement basic network security measures to secure the global routing system. He is based in Sydney, Australia. Before joining ISOC he was working with a system integrator as its Chief Technologist in Sydney. He has vast experience in the service provider sector, he spent almost a decade at Cybernet (one of the largest ISP in Pakistan) leading the Network Operations and Projects team. He is a regular presenter in various technology events like SANOG, APNIC/APRICOT, MENOG and other national NOGs. Currently, serving as the Chair of Routing Security SIG at APNIC.
Speakers
  • Speaker Aftab Siddiqui - Internet Society
Full Abstract

Join us for a Virtual Social - a chance to socialize via an informal setting.

Join us via a Zoom session!
https://nanog.zoom.us/j/95819175663?pwd=K0dKK0V0aEFwKzRqTFdiMTROdGFxZz09

Wednesday, June 16, 2021
Topic
Full Abstract

Community Meeting topics for NANOG 82 include:
Current and future upgrades to NANOG's Website
Education and Mentorship Committee Progress
Community Forum Update
NANOG 83: Our first Hybrid Meeting

Speakers
  • Speaker Edward McNair - NANOG
  • Elizabeth Culley - Comcast
  • Ognian Mitev
Full Abstract

Since its earliest inception in 1987, The North American Network Operators’ Group (NANOG) has been committed to the ongoing advancement of an open, secure, and robust internet, by providing a platform that inspires, educates, and empowers our community to meet the ever-changing demands of a global network, in service of building the Internet of tomorrow.

NANOG has been a community not only for North America but internationally as well. Given a sense of community, sometimes we need to think locally instead of globally. This talk will address the Why, of starting a local NOG. You'll hear the journey and experiences of CHI-NOG. The benefits of creating a NOG. Ending in a call-to-action, a blueprint of How, to start a NOG.

Speakers
  • Speaker Vincent Celindro - Juniper Networks
  • Tom Kacprzynski - Oracle
Full Abstract

Learn about the most recent hack from Hackathon committee members and participants! They will review the NANOG 82 Hackathon theme, logistics on making a hackathon happen, and what it's like to work on a hack.

Full Abstract

Put your NANOG + network engineering knowledge to the test with a round of Kahoot trivia during the last 15 minutes of the break.

Join the Zoom Session as early as 1:30pm EDT.
https://nanog.zoom.us/j/91228509780?pwd=S0hwdC8wbms0UENTK2t4aThaSkRHQT09
Passcode: 155195

Make sure you open the Kahoot! app or a separate web browser to Kahoot.it to play along!

Sponsors:
Full Abstract

BoF Topics for NANOG 82 are:
Network Management
Automation
BGP Security
Routing
Peering
Newcomers Networking Follow-up
War Stories - The Time I Thought I'd Get Fired
How to Start a NOG
Return to Work/Hybrid Work Implications

Join us via Zoom!
https://nanog.zoom.us/j/92449729663?pwd=VnJZT2xqZzRCRS9ldEZXV242VFhndz09

Full Abstract

Network disaggregation promises great things for carrier networks - more choice, more innovation and lower costs. In this session we hear how Europe’s largest telco has disaggregated its broadband network and turned on IP/MPLS software routing in its IP core.

We will discuss what we are trying to achieve, comparisons with traditional router architectures, hardware choices and trade-offs, auto-discovery of fabrics, anycast routing to the backbone, a cloud-native approach to NOS software, how to architect a highly scalable disaggregated BNG, a new set of operational tools and lessons learned.

Speakers
  • Speaker Carsten Michel - Deutsche Telekom
  • Hannes Gredler - RtBrick, Inc.
Full Abstract

Listening to so-called "thought leaders" one might believe that the move to public infrastructure cloud solves all the problems of this world. All of a sudden, the developers are empowered to deploy any application they wish, the networking and security engineers are obsolete, and everything works like a charm.

There's a bit of a gap between this rosy picture and the reality. Tenant networking in public clouds is different from what we're used to in the IP/Ethernet world, and it can get ridiculously complex once you start adding network services, inter-tenant connectivity, and direct connectivity to on-premises locations. Not only that, many of the concepts you master while working with one of the big public cloud providers does not apply to any other public cloud provider -- they are all unique.

The presentation will focus on three main topics described above:

* How is public cloud networking different (and why)
* What are the major differences between big public cloud providers
* How complex can it get (and how slow it is to provision)

We'll wrap up with a few recommendations one could follow when trying to survive this new onslaught of networking madness.

Ivan Pepelnjak: Ivan Pepelnjak has been designing and implementing large-scale service provider and enterprise networks as well as teaching and writing books about advanced technologies since 1990. He’s author of several Cisco Press books, prolific blogger and writer, occasional consultant, and author of a series of highly successful webinars and online courses. His current focus includes large-scale data centers and cloud deployments, network automation, and software defined networking (SDN) and data centers (SDDC).
Speakers
  • Speaker Ivan Pepelnjak
Speakers
  • Speaker Cat Gurinsky - Apple Inc.

 

Diamond Sponsor:

Image Description

Platinum Sponsor:

Image Description

Gold Sponsor:

Image Description