NANOG 88 Agenda

Full Abstract

Wednesday, 07 Jun, 1100 PDT Welcome / Introduction / Infrastructure tutorial / Idea Pitching via Zoom
Saturday, 10 Jun, 1300 PDT Hacking begins virtually - dedicated support/help available until 1600 PDT
Sunday, 11 Jun, 0930 PDT On-site tutorial/demonstration
Sunday, 11 Jun, 1200 - 1640 PDT - dedicated support/help hours
Sunday, 11 Jun, 1630 PDT Team presentations begin
Sunday, 11 Jun, 1700 PDT Hackathon concludes

Theme: Interacting With Sources of Truth v 2.0

The NANOG 88 Hackathon will continue to focus on “Interacting With Sources of Truth”, whether it’s a single database or a collection of correlated data from multiple sources. Examples include IPAM or Configuration Databases, Datacenter Infrastructure Management Databases, Configuration Templates/Models, RPKI Validators, etc. You could develop a feature or fix a bug for an existing open-source solution or roll your own!

During this Hackathon, team leaders will work with teams collaboratively to understand the respective code bases and help troubleshoot issues.

Utilizing collaboration services from Zoom and Slack and lab infrastructure consisting of virtualized devices from several vendors, Hackathon participants can work individually or self-organize into teams to work on software passion projects.

Learn more + register: https://nanog.org/events/nanog-88-hackathon/

Full Abstract

Exploring the Fundamentals of DNS - Can You Dig It? (1-Day Course) - All skill levels are welcome

Exploration of the history of the Domain Number System (DNS), the original design, how it works, and its evolution.

The Domain Name System (DNS) is a distributed database that maps domain names to IP addresses and is a core piece of Internet functionality. This 1-day seminar will kick off our 88th community-wide conference in Seattle, WA.

Learn about the DNS via discussion and real-world, real-time, hands-on investigation. The DNS is a critical part of Internet functionality. It is quite an old protocol, with many, many modifications made over the years. We'll talk about the original designs and current implementations while seeing all this in action using freely available tools, mostly Dig.

Registration is limited to 20 participants.

https://www.nanog.org/events/nanog-88-dns-fundamentals/registration/registrant

Full Abstract

The Members Meeting agenda and link to the webinar details are available for Members only. You MUST be signed in with your NANOG Profile account to view the Members Meeting Agenda page. Please bring (or share via email) any questions you would like to discuss at the meeting.

Full Abstract

There’s a lot of talk about network automation these days. In fact, it’s hard to read a networking blog, listen to a networking podcast, or go to a networking event without hearing something about automation, APIs, or AI. And this makes sense, there is almost always more work to do than any of us can keep up with, and networks seem to be getting more complex every day. But how much network automation is actually deployed, in production, today? I conducted a survey following NANOG 87 to find out — and now I want to share what I found with you!

Full Abstract

In this talk Jeremy will present MLB's approach to network automation and Infrastructure as Code. This system is used to design, deploy, and validate complex multi-vendor networks, in the presence of on-going design changes. The "prime directive" focuses on validating the expected operational state. Jeremy will discuss the architectural elements and the benefits of this methodology. He will also offer a comparative analysis of traditional configuration-management IaC approaches.

Full Abstract

In this presentation Pavel Odintsov will provide detailed overview of traffic telemetry protocols available in modern routing platforms. Pavel will cover well known protocols such as Netflow, IPFIX, sFlow, port mirror and will provide deep dive into modern protocols such us Inline monitoring services and IPFIX 315. Pavel has extensive experience in implementation of all these protocols as part of his work on open source DDoS detection product FastNetMon Community.

Full Abstract

The networking industry has built sophisticated multilayer networks over the decades to deliver IP and optical services. These networks often operate in silos with its own network elements, tooling, operations, lifecycles and organizational structures. There are growing demands to simplify the network to reduce the cost and increase sustainability. Recent advances in coherent optics, routing silicon, and automation software have made convergence of IP and optical layers a reality. Because the adoption journey toward convergence often begins with a set of use cases, this session will dive deep into the convergence through the lens of a practical deployment use case. Specifically the use case will look into a detailed set of steps to achieve IP and optical convergence, such as migration of transponders into digital coherent optics. Attendees will walk away with a good understanding of what IP and optical convergence means and how to begin such a journey through practical considerations such as outlined in this session.

Full Abstract

The tutorial introduces network operators to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The second half of the tutorial looks at deployment techniques, including BGP network design, the announcing and receiving prefixes, aggregation, routing table growth and stability, finishing off with some configuration advice.

Full Abstract

F5 journey deploying a backbone in APAC.
What we failed, what we learned, what we changed during our multi-year journey expanding our network footprint in the Asia Pacific region. We'll speak about the challenges we faced, the mistakes we've made and how we worked around them with various iterations of our deployment.

Full Abstract

Embedded CDNs have been around for several decades. In the beginning there was Akamai and then Google. About a decade ago more showed up. In 2012, we did a panel at NANOG discussing the challenges for the ISPs who chose to embed. ISPs had to adapt to various differences for each of the solutions. The outlook was that an increased number of providers would offer an embedded solution, the variations would grow in complexity and the request or hope was alignment and standardization. So what has happened in the last decade? This talk will focus on the most common embedded solutions and their similarities, differences and evolution over the past decade.

Full Abstract

Are you interested in learning about EVPN-VXLAN technologies for Datacenters and creating a virtual network lab using containerlab? Then join us for this upcoming tutorial where we will guide you through the process.
We will cover everything from installing the necessary requirements for python scripting using libraries like pyGNMI, a powerful tool used for operating and troubleshooting network elements with access via gRPC, and with the help of ChatGPT. We will show how to configure many network elements at once using Go Templates and GNMIc. By the end of the tutorial, you will have tips and tricks to perform various network automation tasks in your network datacenter environment and troubleshoot any issues that arise.
This tutorial is suitable for both experienced network engineers and beginners who want to enhance their knowledge of network design and operation with tools like GNMI, python and ChatGPT. Stay tuned for more details on the date and time of this tutorial, as well as information on how to prepare your laptop in advance to follow along and practice. The Information will be available at https://github.com/cloud-native-everything/pygnmi-srl-nanog88
Don't miss out on this opportunity to improve your network engineering abilities and take your skills to the next level.

Full Abstract

As networks continue to grow in scale, automation has become crucial to optimise network operations. Building a network that supports automated operations requires the right foundational network architectures, signals, actions, and systems. In this presentation we will discuss these foundational elements and explain how they can be leveraged to minimise unintended network packet loss through automated network operations. We deep dive into the importance of precise signals to accurately detect and root cause network issues, which will then guide automation actions. We share our experience of defining a packet loss classification scheme to provide these signals and implementing it across various hardware platforms.

Full Abstract

The transition of network traffic from TCP to QUIC is happening extremely fast with measurements across the world showing QUIC has already reached nearly 50% of total traffic, doubling approximately every 18 months. The new protocol stack, comprising QUIC, encrypted over UDP, HTTP/3, DNS over HTTP (DoH) and eSNI/ECH, all over TLS (Transport Layer Security) 1.3, completely obfuscates the traffic between application nodes and simultaneously drives a phenomenal change in traffic flow behaviour with applications now fully in control of how they get delivered to end-users, disintermediating the network in the process. Large Internet & Cloud players and many emerging application players are rapidly adopting the new protocol stack and traditional TCP/IP derived technologies, combined with L4+ monitoring techniques, are proving largely insufficient in keeping up with this evolution. Application detection and visibility is significantly impaired by this stack and the key technological paradigms on which communications service providers have built their network capabilities are now being challenged and obsoleted by these new protocols. In this session, we will show how the new protocol stack is constructed, how it behaves in terms of both visibility and congestion management, the impact it has on infrastructure elements including the RAN (Radio Access Network) - and not only - and an analysis of how much traffic it occupies today in mobile and fixed networks. In addition, we will discuss the techniques Communication service providers can use to evolve their network architecture and services capabilities to keep pace with this evolving protocol stack, enabling better traffic visibility, Quality of Experience and more efficient use of precious 5G spectrum.

Full Abstract

ISC DHCP is embedded in a lot of networks, buried in the infrastructure nobody wants to touch. It still works, and in a very static network, it should continue to work reliably for a while. At some point, when you have to update the server or the network, you will discover the software is no longer maintained, you won't be able to find packages for your OS, and you will need to migrate to a new DHCP server system.

ISC has just put up a web page at dhcp.isc.org that will enable you to quickly do a trial translation of your dhcpd.conf file to a Kea (JSON) configuration file. This will give you a good feel for how straightforward your migration might be, and what areas may require re-design.

Full Abstract

This presentation will highlight the partnership between NANOG and the Internet Society in delivering education content useful to the NANOG growing community. The Designing and Deploying Computer Networks (DDCN) Course is the first course in this partnership.

The DDCN course, a moderated online course, is for students with a basic understanding of computer hardware and software, and who are already familiar with personal computers. It begins with teaching the fundamentals of networking, Ethernet, as well as Wi-Fi technologies. From the fundamentals, the course moves into the planning, design, and deployment of simple LANs and covers the most common ways to connect a LAN to the Internet (mobile Internet, ADSL, fiber) and how to set up the connections. In addition, the course will present the most common maintenance issues as well as how to solve those issues. The course will have theoretical and practical components.

Full Abstract

In this talk we present the Seattle Community Network (SCN)- a local volunteer-run, educational, non-profit internet service provider focused on building and maintaining community-owned and DIY network infrastructure for digital equity and emergency resilience in the Seattle and Tacoma areas. Our core mission is to provide free internet access in low-resource communities such as tiny home villages and low-income housing complexes, and to demystify network and internet infrastructure for the general public. We currently run a variety of network infrastructure including LTE networks using CBRS spectrum, WiFi networks, and core network routers serving internet access in South Seattle, unincorporated King County, and Tacoma. Many thanks to NANOG Outreach for the opportunity for some of our core volunteers and community board members to attend NANOG 88 and present this talk.
Our website can be found at https://seattlecommunitynetwork.org/, and our Gofundme campaign can be found at https://gofund.me/febd2eb0 .

Full Abstract

Address:
1511 6th Avenue, Seattle

Registration is Required: https://spinsocialinseattle.splashthat.com/

*NANOG Badge required for entry

Full Abstract

Don’t miss our Community Meeting for an opportunity to hear about what is happening with NANOG and the Program Committee.

Full Abstract

Internet Pioneer Scott Bradner has been involved in the design, operation, and use of data networks at Harvard University since the early days of the ARPANET. He is additionally a senior figure in the area of Internet governance.Join us for a open conversation as NANOG producer Elizabeth Drolet talks to Bradner about his own historic evolution with the Internet, what he thinks “the real power of the Internet” is + why he thinks the Internet cannot continue to exist in it’s current state.

View all of our Internet Innovators sessions at https://nanog.org/news-stories/nanog-tv/internet-innovators/

Full Abstract

IP hijacking (or claiming to take ownership of an IP range without authorization) has become a real problem as IP addresses have become more scarce and their price has increased.

This will present a humorous take on one of the world's most prolific IP hijackers, and the resulting legal problems that resulted when they finally took things too far.

Full Abstract

The University of Oregon’s Route Views platform provides detailed public views of Internet routing data since 1997. The presentation will give an overview of Route Views history, architecture, access methods, tools, and practical use cases. This will include examples on how network operators can leverage the Border Gateway Protocol (BGP) data from the Route Views platform to identify and address issues related to routing stability, security and performance for operational networks in the global Internet, how to access the Route Views BGP Monitoring Protocol (BMP) feed, and examples of automating monitoring using the Route Views API.

Full Abstract

One wonders how long it takes for the effect of RPKI changes to appear in the data plane. Does an operator that adds, fixes, or removes a Route Origin Authoriza- tion (ROA) have time to brew coffee or rather enjoy a long meal before the Internet routing infrastructure integrates the new information and the operator can assess the changes and resume work? The chain of ROA publication, from creation at Certification Authorities all the way to the routers and the effect on the data plane involves a large number of players, is not instantaneous, and is often dominated by ad hoc ad- ministrative decisions.

Full Abstract

This presentation provides practical guidance to make your hiring process more inclusive for anyone involved in the hiring process for technical teams. During this talk I will (1) provide a history of technical hiring and why our current norms are ineffective and biased against underrepresented groups (2) review cognitive biases and how they impact decision making (3) recommend some practical best practices for creating more inclusive interviews, and (4) provide examples of how to build a team culture to support more inclusive hiring systems.

Full Abstract

Stand Up for Your Routes using the Resource Public Key Infrastructure (RPKI)

It’s never a good time for your routes to be hijacked. Whether by human error or deliberate action of a bad actor, the mis-configuration of an Internet connected device could result in a disruption of connectivity, even financial loss for your company. Would you like to limit your exposure to hijacks? Find out how easy it is to strengthen your routing security by using the opt-in RPKI services at ARIN.

Full Abstract

The technology industry is facing a number of economic challenges, including rising inflation, supply chain disruptions, and global uncertainties due to a tumultuous stock market. These challenges have led to widespread layoffs across the technology sector, last year alone - an estimated 93,000 jobs were cut from small to large tech companies.

Despite these challenges, it is more important than ever for the tech industry to focus on inclusive hiring. Weathering the storm for many means not only surviving an economic slowdown by trimming costs, increasing efficiency, and growing revenues yet also looking for ways to remain innovative and building a strong competitive position for the future . A diverse and inclusive workforce is therefore essential for innovation, creativity, and customer understanding.

The tech industry is notoriously white and male. In 2021, women made up only 26% of the workforce in the tech industry and while this figure is staggering, time and time again lackluster interviewing and recruiting strategies lead to a less diverse workforce and negative consequences for organizations including:
• A lack of innovation: studies have shown that more diverse teams are more innovative
• A lack of creativity: Diverse steams are more likely to come up with new ideas and business solutions.
• A lack of customer understanding: Diverse teams are better able to understand the needs of a wider range of customers.
• A lack of employee satisfaction: Employees from underrepresented groups are more likely to leave their jobs if they feel like they don’t belong.

This panel will discuss the challenges and opportunities of inclusive hiring in the technology industry. The panelists will share their experiences and insights on how to create more diverse and inclusive workplaces, even in the face of economic challenges.

Full Abstract

With the growing complexity and scale of cyber attacks there is an urgent need for efficient, accurate, and rapid incident response.
We’ll explore the role of automation and orchestration including AI/ML and SOAR based approaches to achieving scalable and efficient incident response. We will outline the challenge, talk about tools, methodologies, and best practices, and emphasize the need for collaboration and open standards.

Full Abstract

Join us for a 15 minute video recap of the hackathon - where the theme was Interacting With Sources of Truth
You'll hear from hackathon coordinators, open source maintainers, and participants.

Full Abstract

Part 2; to the talk I gave at NANOG 76 and is one of the most viewed videos on YouTube.

In this 30-minute session I will be going over the main network engineering areas most frequently quizzed by the tech giants and the proper way to prepare for such interviews.

1- Layer 4 (TCP/UDP): including the tiering details.
2- IGP: ISIS/OSPF: including the tiering details.
3- BGP: including the tiering details.
4- Key sample scenarios
5- Key styles
6- Quick list of soft skill mistakes almost all engineers tend to make

Full Abstract

The legacy-space-rich US Research and Education Community lags in its embrace of creating RPKI-ROAs to improve their routing security. This presentation will share Internet2's experience in assisting with RPKI-ROA adoption. Challenges have included communication and training difficulties, aversion to change, and legal processes for state institutions.

Full Abstract

Computing is woven into the fabric of society and has begun to reshape it in unexpected ways. These changes have increased our reliance on hidden infrastructure powering cloud, telecom, and Internet service providers, making these systems & networks critical societal scale computing infrastructure.

Today, we increasingly trust a small number of infrastructure providers, who operate at nation-scale with an incredible amount of our data and private information. While this ongoing colocation resulted in economies of scale, it opened up tremendous abuse potential. Organizations providing critical services to citizens in a country could (1) maliciously misuse the data collected without consent, (2) be legally compelled to breach user privacy by governments, (3) be attacked by hackers in efforts to breach and sell user data, and (4) mis-configure services or face infrastructure failures which might appear as attacks -- affecting customer trust, cause reputation and economic damages.

While decentralization might be a tempting solution to address these challenges, it is difficult to achieve the scale, performance and ease of access of todays networks. My PhD thesis work focuses on scalable, and practical mechanisms in which users interacting with hidden infrastructure could gain privacy benefits keeping security unaffected through improved transparency, while maintaining comparable performance. In the lightning talk I would like to present the trust settings in today's computing infrastructure and propose secure practical alternatives specifically to enable private, and verifiable communications with critical Internet services such as through Oblivious DNS over HTTPS and improved connection coalescing through HTTP ORIGIN Frames. I would like to request feedback from NANOG attendees for my ongoing research work focused on improving DNS resolver transparency.