^ Top

NANOG Meeting Presentation Abstract

Tutorial: Managing IP Networks with Free Software
Meeting: NANOG26
Date / Time: 2002-10-27 1:30pm - 3:00pm
Room: Composers Hall
Presenters: Speakers:

Joe Abley, Internet Software Consortium

Joe Abley works for the Internet Software Consortium, a not-for-profit company based in Redwood City, CA, which produces free reference implementations of core internet protocols. Before working at the ISC Joe performed a variety of operational and design roles at ISPs and telephone companies in the US and New Zealand.
Stephen Stuart, Internet Software Consortium.
Abstract: Many of the largest IP network operators in the Internet rely on free software to keep their packets moving, and to allow their staff to sleep occasionally. The choice of free software over commercial alternatives is often a pragmatic one; the wide variety of policies, procedures, platforms and services in different networks require a degree of flexibility in deployment and integration that is often not available with off-the-shelf software.

The flexibility of free software in solving complex tasks can also present complexity to the operator; the part of the solution that is usually not free is the architectural design into which free software components are inserted.

This tutorial will discuss a number of opportunities for automating routine netops housework using free software, loosely assembled under the theme of gathering state from the network and visualising it in useful ways. Applications which will be discussed in some detail include:

  • Configuration change measurement: storing the configuration history of your network in a useful way;

  • Automatic network configuration audits: self-consistency checks wired to loud alarm bells;

  • Automatic generation of DNS records for router interfaces, in the interests of traceroute beautification;

  • Automatic generation of graphical maps to help operators visualise live topologies as their networks evolve;

  • Gathering data from BGP peers to help in choosing \"maximum-prefix\" session limits.

The tutorial will not provide instruction on particular programming languages or packages, but will rather illustrate how individual software components can be treated as black boxes, glued together under a Grand Scheme to make operators\' lives easier. All software described in this tutorial will be freely downloadable.
Files: pdfStephen Stuart Presentation(PDF)
Sponsors: None.
Tutorial: BGP Troubleshooting Techniques
Meeting: NANOG26
Date / Time: 2002-10-27 1:30pm - 3:00pm
Room: Wilder
Presenters: Speakers:

Philip Smith, Cisco Systems

Philip Smith has been with Cisco Systems for four years. He is part of the Internet Architectures Group, which is led by the CTO for Consulting Engineering. His role includes working with many ISPs in the Asia Pacific region, specifically in network design, configuration, and scaling, as well as providing training through an extensive ISP Workshop program. Prior to joining Cisco, Philip spent five years in several key network engineering and operations roles at PIPEX (now part of UUNET\'s global ISP business), the UK\'s first commercial Internet Service Provider. He was one of the first engineers working in the commercial Internet in the UK, and played a key role in building the modern Internet in Europe.
Abstract: This tutorial looks at common problems ISPs face when deploying BGP within their network. We describe problems with peer establishment, missing routes, inconsistent route selection, and convergence issues. We also discuss real-world examples of typical errors made when deploying BGP, both as iBGP and eBGP, in service provider networks.
Files: pdfPhilip Smith Presentation(PDF)
Sponsors: None.
Tutorial: ISP Security - Real World Techniques II
Meeting: NANOG26
Date / Time: 2002-10-27 3:30pm - 5:00pm
Room: Composers Hall
Presenters: Speakers:
Barry Raveendran Greene, Cisco Systems.
Kevin Houle, CERT.
Abstract: The Internet is a battleground, with ISP\'s and their customers right in the middle of the line of fire. What ISPs need to protect themselves are tools and techniques that work in the front lines, i.e., tools that fight DoS attacks and provide something other than a busy signal on the customer service line.

Building on the NANOG 23 security tutorial, we will focus on the ISP-customer edge--the risk, vulnerabilities, and mitigation techniques. Most techniques have been validated and proven operationally deployable.
Files: youtubeISP Security - Real World Techniques II
pdfISP Security Presentation(PDF)
Sponsors: None.
Tutorial: IPv6 Basics
Meeting: NANOG26
Date / Time: 2002-10-27 7:30pm - 9:00pm
Room: Composers Hall
Presenters: Speakers:

Tony Hain, Cisco Systems

Tony Hain is currently a Technical Leader with Cisco Systems, focusing on IPv6. In addition to providing guidance to the various internal product teams, he is also co-chair of the IETF working group on the IPv6 transition (ngtrans). His 13 years of IETF participation include a term on the Internet Architecture Board from 1997 - 2001. Prior to joining Cisco in 2001, Tony spent five years at Microsoft, where his roles included Program Manager for IPv6 and Network Analyst for the CIO\'s office. Prior to Microsoft, he was the Associate Network Manager for the Department of Energy\'s Internet effort, ESnet.
Abstract: This session will lay the foundation for IPv6 by quickly reviewing the protocol\'s background, highlighting the technology differences from IPv4, and discussing v6\'s enhanced capabilities. It will also address some inaccurate perceptions and speculation about IPv6. Finally, the session will introduce the transition technologies that will be discussed in part 2 of this series, \"IPv6 Deployment Concepts,\" which will be offered at NANOG 27.
Files: youtubeIPv6 Basics
pdfTony Hain Presentation(PDF)
pptTony Hain Presentation(PPT)
Sponsors: None.
How to Own the Internet in Your Spare Time
Meeting: NANOG26
Date / Time: 2002-10-28 10:30am - 11:15am
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:
Stuart Staniford, Silicon Defense.
Vern Paxson, ICSI/ICIR.
Nicholas Weaver, UC Berkeley.
Abstract: The ability of attackers to rapidly gain control of vast numbers of Internet hosts poses an immense risk to the overall security of the Internet. Once subverted, these hosts can not only be used to launch massive denial of service floods, but also to steal or corrupt great quantities of sensitive information, and to confuse or disrupt use of the network in more subtle ways. We present an analysis of the magnitude of the threat.
Files: youtubeHow to Own the Internet in Your Spare Time
Sponsors: None.
Route Flap Damping: Harmful?
Meeting: NANOG26
Date / Time: 2002-10-28 1:30pm - 2:00pm
Room: Hellman/Williams/O\'Neill
Presenters: Moderators:
Randy Bush, IIJ.
Tim Griffin, AT&T Research.
Zhuoqing Morley Mao, UC Berkeley.
Abstract: We describe our findings, which show that route flap damping could suppress relatively stable routes, through both simulations and controlled experiments using BGP Beacons. A BGP Beacon is an unused prefix whose originating announcement and withdrawal occur at well-defined times. We describe interesting analysis results of public routing data from sites such as the RIPE-NCC and Route Views using two beacons that have been lit up in the last few months. Finally, we propose changes to route flap damping that would achieve a good balance of routing stability and fast convergence times.
Files: pdfRoute Flap Damping(PDF)
youtubeRoute Flap Damping: Harmful?
Sponsors: None.
Carrier Class Availability for IP Networks
Meeting: NANOG26
Date / Time: 2002-10-28 2:00pm - 2:30am
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Sanjay Kalra, Juniper

Sanjay Kalra is responsible for jigh availability and security at Juniper. Prior to Juniper he was a product manager at Cisco, managing QoS in IOS. Sanjay holds a Master\'s degree in Computer Networking from USC and an MBA in Finance from Santa Clara University.
Abstract: This presentation discusses elements of high-availability networking. Following an introduction to the elements of availability and availability definitions, the discussion moves to theoretical availability calculation and availability measurement for various network design choices. We look at the various ways service providers measure availability of their existing networks. We also explore the difficulty faced in quantifying software dependability.
Files: youtubeCarrier Class Availability for IP Networks
pptSanjay Kalra Presentation(PPT)
Sponsors: None.
Traffic Characteristics and Network Planning
Meeting: NANOG26
Date / Time: 2002-10-28 2:30pm - 2:50pm
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Thomas Telkamp, Global Crossing

Thomas Telkamp is Director of Network Architecture at Global Crossing, responsible for the planning and architecture of Global Crossing\'s MPLS backbone, Internet services, and VPNs. Before joining Global Crossing in January 1999, he was at AT&T-Unisource Communications Services (now Infonet Europe) and SURFnet. He has also worked as a consultant for several companies, including DANTE and Wunderman Cato Johnson.
Abstract: Overprovisioning is a very common approach to providing quality of service in IP backbone networks. By ensuring the presence of enough capacity in the network so that demands are met, even at peak times and under failure conditions, significant queue buildup can be prevented. This assures that the three key IP QoS requirements, low delay, low jitter and low packet loss, are satisfactorily met.

In today\'s economic climate efficiency has become a key aspect of building networks, and operators are looking for the minimum amount of overprovisioning to meet QoS requirements. Rules of thumb, such as a maximum link load of 50%, might not be an acceptable approach any more.

In this presentation, we analyze some backbone traffic traces at different timescales. We show that aggregated traffic is well behaved, and present a methodology and simple empirical rule for capacity allocation on backbone links.
Files: pdfThomas Telkamp Traffic Presentation(PDF)
youtubeTraffic Characteristics and Network Planning
Sponsors: None.
Fast Reroute - A High Availability Addition to MPLS
Meeting: NANOG26
Date / Time: 2002-10-28 2:50pm - 3:20pm
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Shankar Rao, Qwest

Shankar Rao is Manager of the Network Architecture and Technology Management group at Qwest, responsible for design and technology deployments that support Qwest\'s IP network infrastructure, including new data services and products. Prior to joining Qwest in 1998, Shankar served in an operational capacity at Sprint for three years.
Sohel Ahmed, Qwest.
Richard Southern, Juniper.
Abstract: Fast ReRoute (FRR) presents network operators with an alternative for achieving sub-second recovery from link and node failures in the network.

In this presentation, we will briefly cover the different high-availability (HA) mechanisms available today (including FRR), present the different approaches that vendors are pursuing to implement this technology, and discuss Qwest\'s motivation behind deploying FRR and some of the lessons learned. In conclusion, we make recommendations to other operators who might be considering the deployment of FRR in their networks.
Files: youtubeFast Reroute - A High Availability Addition to MPLS
pdfShankar Rao Presentation(PDF)
Sponsors: None.
Panel: Services, Complexity, and the Internet: What Direction?
Meeting: NANOG26
Date / Time: 2002-10-28 3:35pm - 5:00pm
Room: Hellman/Williams/O\'Neill
Presenters: Moderators:

Dave Meyer, Sprint and the University of Oregon

David Meyer is currently Chief Technologist and Senior Scientist at Sprint. He is also Director of the Advanced Network Technology Center at the University of Oregon. Prior to working at Sprint, he worked at Cisco, where he was involved in software development, working both on multicast and BGP. He is active in the IETF, where he chairs the MBONED and MSDP (Multicast Source Discovery Protocol) working groups. He is also active in ANSI T1X1, among other industry organizations.

Randy Bush, IIJ

Randy Bush works as Principal Scientist at Internet Initiative Japan. Previously he spent a bit over a year at AT&T doing research and working on network architecture. He got some operational experience from being on the founding team at Verio, a backbone provider, from which he graduated as VP of Networking after five years. Before that, he was the principal engineer of RAINet, an ISP in Oregon and Washington, which was Verio\'s first acquisition. <BR><BR> Randy is co-chair of IETF WG on the DNS, and is currently a member of the IESG, serving as co-chair of the IETF Operations and Management Area, mainly covering the operations area. <BR><BR> As PI for the Network Startup Resource Center, an NSF-supported pro bono effort, he has been involved for some years with the deployment and integration of appropriate networking technology in the developing world. <BR><BR> For references cited in Dave Meyer\'s talk, see: <BR><BR> <A HREF=\"http://www.maoz.com/~dmm/complexity_and_the_internet/\" TARGET=\"_BLANK\">http://www.maoz.com/~dmm/complexity_and_the_internet/</A> <BR><BR> For Dave Meyer\'s slides, please see: <BR><BR> <A HREF=\"http://www.maoz.com/~dmm/NANOG26/complexity_panel/\" TARGET=\"_BLANK\">http://www.maoz.com/~dmm/NANOG26/complexity_panel/</A>
Vijay Gill, AOL Time Warner.

Lixia Zhang, UCLA

Lixia Zhang is a Professor in the UCLA Computer Science Department. She received her Ph.D. degree from MIT in 1989. Lixia was a research staff member at Xerox PARC from 1989 to 1995, when she joined UCLA. Her recent research projects have focused on fault tolerance in large-scale systems and network routing protocols.
Dave Ward, Cisco Systems.

Thomas Telkamp, Global Crossing

Thomas Telkamp is Director of Network Architecture at Global Crossing, responsible for the planning and architecture of Global Crossing\'s MPLS backbone, Internet services, and VPNs. Before joining Global Crossing in January 1999, he was at AT&T-Unisource Communications Services (now Infonet Europe) and SURFnet. He has also worked as a consultant for several companies, including DANTE and Wunderman Cato Johnson.
Abstract: Increasing demands and new service requirements have led to increasing complexity in Internet backbones. This panel will explore emerging concerns about complexity and its effects in production backbones. Topics include the complexity tradeoffs inherent in various backbone engineering and operations activities, such as:

  • Traffic engineering techniques

  • VPN technologies

  • QoS/CoS provisioning

  • High availability (HA)

  • Layering philosophies

  • Layered control planes

  • IP multicast

Files: pdfDave Ward Presentation(PDF)
youtubePanel: Services, Complexity, and the Internet: What Direction?
pdfRandy Bush Presentation(PDF)
pdfThomas Telkamp Complex Presentation(PDF)
Sponsors: None.
Toolmaker BOF
Meeting: NANOG26
Date / Time: 2002-10-28 7:30pm - 9:00pm
Room: Wilder
Presenters: Moderators:
Stephen Stuart, ISC.
Abstract: The software engineering process lends itself well to large, well-managed, multi-disciplinary teams producing well-defined products in response to detailed requirements analysis. As much fun as that sounds, sometimes what you really need is a short and simple answer to a short and simple question, preferably now.

The business of daily operations at almost every service provider depends on the existence of a herd of small, single-use scripts designed to emulate in a few seconds work that a human operator might take a couple of hours to do. The focus of these tools is usefulness in the hands of a network operator over engineering purity or elegance in design.

Questions that are readily answered by the judicious application of a small pile of scripts include:

  • What BGP sessions have gone down in the last hour?

  • What routers rebooted in the last five minutes?

  • What filters are defined, but not used?

  • What filters are used, but not defined?

  • What interfaces have been admin shutdown for over a month?

  • Who just tripped their maximum-prefix limits?

This BOF is a place for toolmakers to meet other toolmakers, and to exchange ideas, code, and horror stories.
Files: None.
Sponsors: None.
ISP Security BOF III
Meeting: NANOG26
Date / Time: 2002-10-28 9:00pm - 10:30pm
Room: Composers Hall
Presenters: Moderators:
Barry Raveendran Greene, Cisco Systems.

Merike Kaeo, merike.com

Merike Kaeo has been in the networking industry for over 14 years. She is a member of the IEEE and is currently the co-chair of the IETF IPPM (IP Performance Metrics) working group. Merike worked at the National Institutes of Health in Bethesda, MD from 1988 to 1993, designing and implementing the original FDDI backbone for the NIH campus using Cisco routers. From 1993 to 2000, Merike was employed by Cisco, where she initially worked primarily on technical issues relating to router performance, network routing protocols, network design, and network security. She was a lead member of Cisco\'s security initiative and has been a panel member in security-related issues at Interop and The Internet Security Conference (TISC). Merike is currently an independent consultant in the areas of network security, optical networks, high-speed routing and QoS-related performance measurements. Merike authored \'Designing Network Security\' in May 1999. She received her BSEE degree from Rutgers University in 1987 and completed her MSEE degree from George Washington University in May 1998.
Abstract: Security incidents are a daily event for Internet Service Providers. Attacks on an ISP\'s customers, attacks from an ISP\'s customer, and attacks on the ISP\'s infrastructure are now one of many \"security\" NOC tickets through out the day. This increase in the volume and intensity of attacks has forced ISP\'s to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation.

The spirit of inter-ISP cooperation exists in the ISP Security ranks, but the problem is that ISP Security Teams from one ISP cannot find their colleagues amongst their peers.

This ISP Security BOF models itself on the NANOG Peering BOFs, focusing on building the human Internet of ISP Security Engineers. We solicit ISP Security/NOC Teams (before the meeting), asking them to characterize their security tools and policies in general ways (\"always help customers under attack\" or \"will trace the attack to the source\" or \"will work with law enforcement\" or \"black hole violators\" or \"implement common tools\" etc.).

From the answers, we will select a set of ISP Security Engineers to present a 5-to-10-minute description of their network, security tools, policies, how they would like to interact with other ISP Security Teams, and the identification/mitigation problems ISPs have had with existing technology/techniques. This presentation puts a face with the e-mail address at the ISP\'s Security/NOC Team.

At the end of the BOF, representatives will have time to speak with ISP Security Engineers at ISPs with which they seek to deepen their interaction and cooperation. The expectation is that these interactions will lead to an effective, Internet-wide security incidence response --- plugging the attacks at their source and perhaps apprehending the perpetrators (using law enforcement to put a dent in the problem).
Files: None.
Sponsors: None.
IPv6 Impressions: ARIN Update and Routing Table Overview
Meeting: NANOG26
Date / Time: 2002-10-29 9:00am - 9:45am
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Cathy Wittbrodt, Packet Design

Cathy Wittbrodt is a member of the technical staff of Packet Design. Before joining Packet Design she was with [email protected], where she was responsible for network routing and IP addressing. Cathy is a member of the ARIN advisory council as well as the Address Supporting Organization (ASO) address council. She has been active in the Internet for 12 years. She began at Merit Network, Inc. where she worked on the NSFNET Backbone. Also while at Merit Cathy built CICNet, a network that connected the Big 10 universities. Following Merit, Cathy designed and implemented OSI/CLNP for the Energy Sciences Network. Although OSI/CLNP was never widely deployed, the experience has given greater insight into addressing and scaling issues. Cathy also spent three years in the engineering group of the Bay Area Regional Research Network, BARRNet, which was bought by BBN Planet. Cathy is on the Board of Directors of Panzer Motorcycle Works, USA, Inc. She has a B.S. in mathematics from Northern Arizona University.
Abstract: Gert Doering\'s v6 routing table presentation
Files: youtubeIPv6 Impressions: ARIN Update and Routing Table Overview
Sponsors: None.
Panel: Trends in Measurement and Monitoring of Internet Backbones
Meeting: NANOG26
Date / Time: 2002-10-29 10:40am - 12:00pm
Room: Hellman/Williams/O\'Neill
Presenters: Moderators:

David Meyer, Sprint/University of Oregon

David Meyer is currently Chief Technologist and Senior Scientist at Sprint. He is also Director of the Advanced Network Technology Center at the University of Oregon. Prior to working at Sprint, he worked at Cisco, where he was involved in software development, working both on multicast and BGP. He is active in the IETF, where he chairs the MBONED and MSDP (Multicast Source Discovery Protocol) working groups. He is also active in ANSI T1X1, among other industry organizations.

Chris Martin, Verizon

Christian Martin is Sr. Consulting Member of Technical Staff and Principal Network Architect at Verizon Internet Services, where he has worked for the past 5 years. Among his responsibilities is the overall design and technical implementation strategy of Verizon\'s IP network, where measurement is of critical concern. His interests are in network analysis and operations research on Internet networks, network modeling and simulation, and interdomain traffic analysis.

Christophe Diot, Sprintlabs

Christophe Diot received a Ph.D. degree in Computer Science from INP Grenoble in 1991. From 1993 to 1998, he was a research scientist at INRIA Sophia Antipolis, working on new Internet architectures and protocols. Diot moved to Sprint Advanced Technology Laboratory in October 1998 to lead the IP research group. His current interest is in the passive monitoring of the Sprint IP backbone in order to study IP traffic characteristics and to design new analytical models and traffic engineering solutions for pure packet networks. Diot is a member of IEEE and ACM, and serves as an editor for ACM/IEEE Transactions on Networking.

Jennifer Rexford, AT&T Research

Jennifer Rexford is a member of the IP Network Management and Performance department at AT&T Labs-Research in Florham Park, New Jersey. Her work focuses on routing protocols and traffic measurement, with a goal of developing new methods and tools for operating large IP networks. Jennifer received her BSE degree in electrical engineering from Princeton University in 1991, and her MSE and PhD degrees in Computer Science and Electrical Engineering from the University of Michigan in 1993 and 1996, respectively. She is a member of the editorial board of <I>IEEE/ACM Transactions on Networking</I> and is coauthor of the book <I>Web Protocols and Practice: HTTP/1.1, Networking Protocols, Caching, and Traffic Measurement</I> (Addison-Wesley, 2001) with Balachander Krishnamurthy
Mujahid Khan, Sprint.

Tony Tauber, Genuity

For the past eight years, Tony Tauber has worked at BBN, NEARnet, GTE Internetworking, and Genuity, in many roles from Operations to Engineering. Currently he is employed as a Network Architect at Genuity focusing on, among other things, OSS issues (including measurement support in network devices.) Additionally, Tony serves as co-chair of the IETF RPSec (Routing Protocol Security Requirements) Working Group. The product of a liberal arts eduction, he holds a Bachelor\'s degree in Religion and is sharpening his mystical powers to balance Technological capabilities, Engineering designs, Operational concerns and Business imperatives, all while getting the kids to school on time.
Abstract: Backbone operators are facing new requirements for backbone data collection and analysis. New services such as VPN and CoS-based services, as well as various security concerns, all contribute to new demands on monitoring, measurement, and analysis infrastructures. Combined with the desire for increasingly fine-grained analyses of both Operational Expenditures (OPEX) and Capital Expenditures (CAPEX), these new services have served to put a new importance and urgency on an operator\'s ability to measure and monitor network traffic.

This panel will explore the operational uses of measurement and monitoring in production Internet backbones. Questions include \"what kind of data is required (and how might we collect and analyze it) in order to facilitate various functions?\" such as:

  • Traffic engineering

  • Performance and SLA verification

  • DOS detection and mitigation

  • Forecasting and capacity planning

In addition, the panel will consider:

  • Sampling vs. accounting: requirements and methods

  • Convergence: IGP and EGP routing analysis

  • Operators\' wish list: What is missing from routers?

  • Overview of standards activities: Packet Sampling (psamp)

  • Working Group update

Files: pdfChris Martin Presentation(PDF)
pdfChristophe Diot Presentation(PDF)
pdfJennifer Rexford Presentation(PDF)
youtubePanel: Trends in Measurement and Monitoring of Internet Backbones
pdfTony Tauber Presentation(PDF)
Sponsors: None.
New Services From the RIPE NCC
Meeting: NANOG26
Date / Time: 2002-10-29 1:30pm - 1:50pm
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Henk Uijterwaal, RIPE-NCC

Henk Uijterwaal is the manager of the New Projects Group at the RIPE-NCC. Since joining the RIPE-NCC in 1997, he has divided his time between the Test Traffic Measurements, the Routing Information Service (described above) and the DISI project on DNSSEC deployment.
Abstract: During the last five years, the RIPE NCC has been working on two new services for the entire ISP community: TTM or Test Traffic Measurements, and the RIS or Routing Information Service. These projects were presented at the Winter 2000 NANOG meeting, but a large number of new features have been added during the last three years.

Test Traffic Measurements

The TTM now consists of a network of +/- 70 machines measuring delay and loss between sites all over the world. Since 1999, two new measurements have been added:

  • IP delay variations, a.k.a. jitter

  • Bandwidth measurements, providing an estimate of the total available bandwidth between sites as well as the unused bandwidth.

We also present the new CDMA-based version of the measurement device. CDMA is a 3rd generation mobile telephony standard that, as a side effect, produces a timing signal. This timing signal can be used to measure the performance of both IPv4 and IPv6 networks down to the 10-microsecond level, anywhere when one can use a mobile phone, without the need for an expensive and hard-to-install GPS system.

Routing Information Service

The RIS is now collecting BGP information from nine sites world-wide, with collectors in North America, Europe and Asia. Some 200 ISP\'s are participating by providing a BGP feed. New applications of the data since the project was presented at the winter 2000 NANOG include:

  • Daily lists of hot-spots with the most active prefixes

  • Analysis of flaps in the routing table.

  • Detection of AS\'s and prefixes announced by ISP\'s but not properly registered in the whois database and/or not assigned to them.

  • Multi-homing effects.

The talk gives a short overview of the various services and how they can be used in daily ISP operations, using the shutdown of a major European backbone provider that recently went bankrupt as an example.
Files: pptHenk Uijterwaal Presentation(PPT)
youtubeNew Services From the RIPE NCC
Sponsors: None.
Toward Lowering the Load on DNS Root Nameservers
Meeting: NANOG26
Date / Time: 2002-10-29 1:50pm - 2:35pm
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Duane Wessels, The Measurement Factory/CAIDA

Duane Wessels discovered Unix and the Internet as an undergraduate student studying physics at Washington State University. After playing System Administrator for a few years, he moved to Boulder, Colorado to attend graduate school. In late 1994, he joined the Harvest project, where he worked on searching, indexing and caching. From 1996 until 2000, he was co-principle investigator of the NLANR Information Resource Caching project (IRCache). During this time he and others developed and supported the Squid caching proxy. He has written a book, titled Web Caching, published by O\'Reilly and Associates. Currently, he is co-owner and president of The Measurement Factory, Inc., a company that specializes in evaluating the performance and compliance of HTTP-aware devices.
Abstract: CAIDA is continuing efforts to analyze DNS root server performance. We are characterizing DNS clients that send large numbers of queries to root servers. Analysis of trace data from the two F root servers shows a number of interesting things. Most of the high-rate queries exhibit the strange behavior of only using 25% of the query ID range. A number of sources also transmit each query two or three times. We also notice hourly spikes in the number of clients contacting the root servers. The talk will include results of analyses of which applications/configurations are broken, and how to fix or upgrade them.
Files: pdfDuane Wessels Presentation(PDF)
youtubeToward Lowering the Load on DNS Root Nameservers
Sponsors: None.
Observation and Analysis of BGP Behavior Under Stress
Meeting: NANOG26
Date / Time: 2002-10-29 2:35pm - 3:05pm
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:
Lan Wang, UCLA.
Dan Pei, UCLA.
Lixia Zhang, UCLA.
Xiaoliang Zhao, USC/ISI.
Daniel Massey, USC/ISI.
Allison Mankin, USC/ISI.
Randy Bush, IIJ.
Felix Wu, UC Davis.
Abstract: Despite BGP\'s critical importance as the de-facto Internet inter-domain routing protocol, there is little understanding of how BGP actually performs under stressful conditions when dependable routing is most needed. In this paper, we examine BGP\'s behavior during one stressful period, the Code Red/Nimda attack on September 18, 2001.

The attack was correlated with a 30-fold increase in BGP update messages at a monitoring point that peers with a number of Internet service providers. Our examination of BGP\'s behavior during the event concludes that BGP exhibited no significant abnormality, and that over 40% of the observed updates can be attributed to the monitoring artifact in current BGP measurement settings.

Our analysis, however, does reveal several weak points in both the protocol and its implementation, such as BGP\'s sensitivity to transport session reliability, its inability to avoid the global propagation of small local changes, and certain implementation features whose otherwise benign effects are only amplified under stressful conditions. We also identify areas for improvement in the current network measurement and monitoring effort.
Files: pdfLan Wang Presentation(PDF)
youtubeObservation and Analysis of BGP Behavior Under Stress
Sponsors: None.
Panel: Persistent Route Oscillation - Issues and Solutions
Meeting: NANOG26
Date / Time: 2002-10-29 3:30pm - 4:30pm
Room: Hellman/Williams/O\'Neill
Presenters: Moderators:

Sue Hares, NextHop

As founder and CTO of NextHop Technologies, Sue Hares leads the company\'s technology qualification, development, and strategic planning functions. Prior to launching NextHop, Sue spent 13 years at Merit Network, Inc., where she most recently directed the Merit GateD Consortium. She was also a senior engineer at both Allen-Bradley Corp. and ADP Inc. An active participant in the design, specification and implementation of routing protocols, Sue co-chairs the IETF Inter-domain Routing working group, which is standardizing BGP. She is also a member of the NANOG program committee. Sue holds a B.S. in Computer Engineering from the University of Michigan.

Enke Che, Redback

Enke Chen is currently a principal engineer and technical leader in IP routing software development at Redback Networks. Previously he was a senior software engineer working on BGP at Cisco. He also worked on the design and engineering of the Internet MCI backbone network at MCI, and the NSFNET backbone at Merit. Enke Chen holds a Ph.D. in Electrical Engineering: Systems from the University of Michigan, Ann Arbor.
John Scudder, Cisco Systems.
Abstract: BGP Route Oscillation Reduction and Deployment Considerations, by Enke Chen

In this presentation we analyze several cases of BGP persistent route oscillation, and identify the unnecessary route withdraw as the primary contributor to these cases. We present a revised approach of advertising the best external route that can be used to reduce route oscillation. Finally, we present recommendations on route oscillation detection and outline deployment considerations that would help reduce/avoid persistent route oscillations using route reflection or confederation.
Files: pdfEnke Chen Presentation(PDF)
pdfJohn Scudder Presentation(PDF)
youtubePanel: Persistent Route Oscillation - Issues and Solutions
pdfSue Hares Presentation(PDF)
Sponsors: None.
Scriptroute: A Public Internet Measurement Facility
Meeting: NANOG26
Date / Time: 2002-10-29 4:30pm - 4:50pm
Room: Hellman/Williams/O\'Neill
Presenters: Speakers:

Neil Spring, Department of CSE, University of Washing

Neil Spring is a graduate student at the University of Washington, focusing on techniques for measuring network link and path properties. The latest project for Neil and his colleagues is Rocketfuel, an ISP toplogy mapping engine.
David Wetherall, Department of CSE, University of Washington.
Tom Anderson, Department of CSE, University of Washington.
Abstract: We present Scriptroute, a new system that allows network operators and researchers to make measurements from remote vantage points.

Existing systems such as NIMI, the National Internet Measurement Infrastructure, provide much of the needed functionality, but not all. NIMI provides the advantages of dedicated hardware that can be used for a wide range of network measurements. In return, users must possess credentials, which creates a barrier that limits access to a small community of users trusted by the administrator. Thus these systems do not help unaffiliated users like a network operator trying to debug poor network performance.

The popularity of Web-accessible traceroute servers offers a different solution. Several hundred public traceroute servers are available, constituting the largest de facto Internet measurement facility. These servers are typically used to debug two-way connectivity problems, providing indirect benefit to the traceroute server host. They are also easy to secure, because they provide only limited functionality and local administrators retain control to deny access to abusive users. As a result, many network operators now contribute traceroute servers.

However, traceroute servers provide limited functionality -- only a hop-by-hop TTL test -- and have significant drawbacks when used as a measurement system. They are difficult to coordinate, as they were not designed with programmed access in mind. More importantly, there are many non-intrusive performance tests that are not supported by traceroute servers, such as available bandwidth, capacity, and congestion. In short, it is clear that a much richer diagnostic and measurement capability would be possible with a general-purpose tool.

Our goal is to combine the best of both worlds: the flexibility to run a wide variety of different measurement tools with the general availability of traceroute servers. We begin with the safety properties of traceroute servers: we design the system to prevent misuse, even at the cost of disallowing some kinds of useful measurements. We call our system Scriptroute. We use scripting for flexibility, both to make it easy to implement measurement tools and to coordinate measurements across multiple servers. For security, we use sandboxing and local control over resources to protect the measurement host, and rate-limiting and filters that block known attacks to prevent misuse of the network. Further, because network measurements often send probe traffic to random Internet hosts and administrators sometimes mistake measurement traffic for an attack, we provide a mechanism for sites to block unwanted measurement traffic.

We have implemented the Scriptroute design and deployed it on servers across 33 PlanetLab sites. The Scriptroute code is available and can be used for local measurement script development or for participation in the global system. We have used the system to measure routing trees around the destination. Early experience suggests that our system will be flexible enough to implement a variety of new measurement tools despite its security restrictions, that access to many remote vantage points makes the system valuable, and that scripting is an apt choice for expressing and combining measurement tasks.

For more information, see:

Files: pdfNeil Spring Presentation(PDF)
youtubeScriptroute: A Public Internet Measurement Facility
Sponsors: None.

Back to NANOG26 agenda.

NANOG26 Abstracts


^ Back to Top