^ Top

NANOG Meeting Presentation Abstract

Tutorial: BGP Techniques for Service Providers - Part 1
Meeting: NANOG44
Date / Time: 2008-10-12 2:00pm - 3:30pm
Room: Heinsbergen
Presenters: Speakers:

Philip Smith, Cisco Systems

Philip Smith has been with Cisco Systems since 1998 and is based in Brisbane, Australia. He is a Consulting Engineer, part of the Service Provider Architectures Group in Corporate Development. His role includes working with many ISPs in the Asia Pacific region, specifically in network strategies, technology, design and operations, configuration and scaling. As part of an ISP and Internet education initiative, Philip runs several Routing and Internet Technology Workshops in the Asia Pacific region. He also assists as co-instructor at similar events in many other parts of the world. Philip also is closely involved in regional activities, being chair of the APRICOT Management Committee, chair of APOPS, member of the organising and programme committees for SANOG and PacNOG, as well as chair of APNIC\'s Routing and Internet Exchange Point Special Interest Groups. Prior to joining Cisco, he spent five years at PIPEX (now integrated into MCI\'s global network business), the UK\'s first commercial Internet Service Provider. He was one of the first engineers working in the commercial Internet in the UK, and played a key role in building the modern Internet in Europe.
Abstract: The tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The tutorial then looks at deployment techniques, including aggregation, announcing and receiving prefixes, pressure points on the routing system, and some of the newer features available.
Files: youtubeBGP Techniques for Service Providers - Part 1
pdfSmith BGP Presentation(PDF)
Sponsors: None.
Tutorial: VoIP For Service Providers
Meeting: NANOG44
Date / Time: 2008-10-12 2:00pm - 3:30pm
Room: Regency
Presenters: Speakers:

Andy Davidson, NetSumo Ltd

Andy Davidson is director of technology at the British ISP consultancy NetSumo, serves on the board of the LONAP internet exchange, and also the program committee for the UK Network Operators Forum. He has a special interest in IP interconnection techniques and policy.<BR> <BR> He has had an interest in voip since 2001, and has built and managed several networks for VoIP service providers.
Abstract: This presentation will be useful to network operators and technical decision makers who are embarking upon building segments of their network to superbly run voice products, or want to better support voice customers.



The presentation introduces key VoIP concepts of relevance to operators, and a review of VoIP security techniques.
Files: pdfDavidson Presentation(PDF)
Sponsors: None.
Tutorial: IP Multicast and Multipoint Design for IPTV Services
Meeting: NANOG44
Date / Time: 2008-10-12 4:00pm - 5:30pm
Room: Emerald
Presenters: Speakers:

Mike McBride, Cisco Systems

Mike is a SW Engineer in the Multicast Development group at Cisco Systems. His focus is the deployment of Multicast in the Service Provider space.
Abstract: Provides a thorough understanding of the end-to-end protocol, mechanics and service elements of IP multicast technologies used in IPTV networks. Transit transport design options will be presented. Source and network resiliency will be discussed along with path selection, admission control and channel changing
Files: youtubeIP Multicast and Multipoint Design for IPTV Services
pdfMcBride Presentation(PDF)
Sponsors: None.
Tutorial: BGP Techniques for Service Providers – Part 2
Meeting: NANOG44
Date / Time: 2008-10-12 4:00pm - 5:30pm
Room: Heinsbergen
Presenters: Speakers:

Philip Smith, Cisco Systems

Philip Smith has been with Cisco Systems since 1998 and is based in Brisbane, Australia. He is a Consulting Engineer, part of the Service Provider Architectures Group in Corporate Development. His role includes working with many ISPs in the Asia Pacific region, specifically in network strategies, technology, design and operations, configuration and scaling. As part of an ISP and Internet education initiative, Philip runs several Routing and Internet Technology Workshops in the Asia Pacific region. He also assists as co-instructor at similar events in many other parts of the world. Philip also is closely involved in regional activities, being chair of the APRICOT Management Committee, chair of APOPS, member of the organising and programme committees for SANOG and PacNOG, as well as chair of APNIC\'s Routing and Internet Exchange Point Special Interest Groups. Prior to joining Cisco, he spent five years at PIPEX (now integrated into MCI\'s global network business), the UK\'s first commercial Internet Service Provider. He was one of the first engineers working in the commercial Internet in the UK, and played a key role in building the modern Internet in Europe.
Abstract: The tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The tutorial then looks at deployment techniques, including aggregation, announcing and receiving prefixes, pressure points on the routing system, and some of the newer features available.
Files: youtubeBGP Techniques for Service Providers – Part 2
pdfSmith BGP Presentation(PDF)
Sponsors: None.
DNSSEC
Meeting: NANOG44
Date / Time: 2008-10-12 4:00pm - 5:30pm
Room: Regency
Presenters: Speakers:

Richard Lamb, IANA/ICANN

Rick started performing “IANA functions” in 2007 after escaping from Washington DC where he was Director Global IT Policy at the US Department of State. While there he spent much of his time working to ensure policymakers and other stakeholders understood the technology and philosophy behind the Internet and other information technologies (e.g., VoIP, WiFi, WiMax, open source software, IPv6, Internet censorship) writing position papers and leading the occasional delegation. In return he was indoctrinated into the process of policymaking and international negotiation, learning more than he wanted to know about various acronymatic processes, issues, agencies and organizations (including Internet Governance, Internet censorship, ITU, IETF, WSIS, NGN, APEC, OECD, IMO, IMSO, ITSO, .iq, CFIUS, OFAC, ITAR/DTRA, cable landing licenses, ICANN, NSTAC, DTI, USCG, NTIA, FCC, OSTP, DHS, NIST, USTR, OSD, VOA). <BR> <BR> For the other 20+ years in the networking business Rick created and was CEO at a number of small startups including one acquired by Microsoft for its NAT/firewall technology. The rest of the time he spent on developing protocols and products behind other acronyms such as UUCP, MEP2, MHS, X.25, Bisync, TCP/IP, DECNET, IPX, ISDN, H.323, and yes, DNS. This overlapped with many years of digital and probabilistic signal processing work resulting in a EE PhD from MIT. Before all that, RF hardware design. Currently, as DNSSEC program manager, Rick has helped architect and engineer IANA’s DNSSEC signing system; and develop and coordinate ICANN’s position on DNSSEC for the domain names it is responsible for and for signing the root. He is also responsible for other nascent Internet security infrastructure efforts such as RPKI.
Abstract: Recent Events, DNSSEC Tools, Analysis
Files: pdfHardacker Presentation(PDF)
pdfLamb BOF Presentation(PDF)
pdfOsterweil Presentation(PDF)
Sponsors: None.
Practice and Experience: Deploying LISP Protocol
Meeting: NANOG44
Date / Time: 2008-10-13 12:30pm - 1:00pm
Room: Biltmore Bowl
Presenters: Speakers:

David Meyer, Cisco/University of Oregon

David Meyer is currently a Director in the Advanced Research and Technologies Group at Cisco Systems, where he works on future directions for Internet technologies. He has been a member of the Internet Architecture Board (IAB) of the IETF (www.ietf.org), and is currently co-chair of the SPEERMINT working group. Until recently, he was chair of the MBONED, MSDP, and DNSOP working groups. He is a member of several IETF directorates and IRTF research groups. He is active in the operator community, and was a long standing member of the NANOG (www.nanog.org) program committee. He is also active in other standards organizations such as ANSI T1X1. See http://www.1-4-5.net/~dmm/vita.html for more information.
Abstract: The Locator/ID Separation Protocol (LISP) is designed to ease the route scaling problem for both IPv4 and IPv6. This talk describes early practice and experiences deploying LISP on the operational Internet, and describes three independent implementations. It also describes practice and experience with the interworking techniques described in draft-lewis-lisp-interworking-00.txt. The base LISP spec can be found in draft-farinacci-lisp-07.txt, and the LISP control plane spec can be found in draft-fuller-lisp-alt-02.txt.
Files: pdfMeyer Presentation(PDF)
youtubePractice and Experience: Deploying LISP Protocol
Sponsors: None.
IEEE P802.3ba 40 GbE and 100 GbE Standards Update
Meeting: NANOG44
Date / Time: 2008-10-13 2:30pm - 2:45pm
Room: Biltmore Bowl
Presenters: Speakers:

Greg Hankins, Force10 Networks

Greg Hankins is Director, Technical Marketing for Force10 Networks. He is responsible for working with ISPs and IXs around the world as a consulting engineer and product evangelist.
Abstract: An update on recent developments in the IEEE P802.3ba Task Force that is developing the 40 GbE and 100 GbE standards
Files: pdfHankins Presentation(PDF)
youtubeIEEE P802.3ba 40 GbE and 100 GbE Standards Update
Sponsors: None.
Request to Submit a Survey
Meeting: NANOG44
Date / Time: 2008-10-13 2:45pm - 3:00pm
Room: Biltmore Bowl
Presenters: Speakers:

Tom Scholl, AT&T Labs

Tom Scholl is a Lead New Technology Product Development Engineer at AT&T Labs. In the Global IP/MPLS backbone design & development team, he works on the design of routing architectures for the core network. Additional tasks include network integration of the legacy SBC Internet Services network to the AT&T common backbone. Tom has spent his last several years at SBC and Ameritech working in network engineering roles.
Abstract: The point of this survey is to gather useful data to help discover trends or common issues that we can all spend our time focusing on.
Files: youtubeRequest to Submit a Survey
pdfScholl Presentation(PDF)
Sponsors: None.
Changing the IP Fairness Rule with Flow Management
Meeting: NANOG44
Date / Time: 2008-10-13 3:00pm - 3:30pm
Room: Biltmore Bowl
Presenters: Speakers:

Lawrence Roberts, Anagran

Dr. Roberts is currently Founder, Chairman and Chief Architect of Anagran Inc. Anagran is currently manufacturing flow rate management network equipment, the first major improvement in packet network technology in the 40 years since Dr. Roberts designed and managed the first packet network, the ARPANET (now the Internet). At that time, in 1967, Dr. Roberts became the Chief Scientist of ARPA taking on the task of designing, funding, and managing a radically new communications network concept (packet switching) to interconnect computers worldwide. The first for nodes of the ARPANET were installed in 1969 and by 1973 when Dr. Roberts left ARPA to become CEO of Telenet (now part of Sprint), the concept of packet switching had been well proven to the world and the ARPANET had grown to 52 computers including a packet radio subnet and a satellite extension to Europe. Dr. Roberts has BS, MS, and Ph.D. Degrees from MIT and has received numerous awards for his work, including the Secretary of Defense Meritorious Service Medal, the L.M. Ericsson prize for research in data communications, in 1992 the W. Wallace McDowell Award, in 1998 the ACM SIGCOMM Award, in 2000 the IEEE Internet Award, in 2001 the National Academy of Engineering Draper Award, in 2002 the Principe de Asturias Award, and in 2005 the NEC Computer and Communication Award.
Abstract: The Internet was designed in the era when data calls were terminal to computer with one flow each way per person, and a long history of voice calls with one flow per person. Thus it should be no surprise that TCP and the Internet equipment were designed such that when congestion occurred, the result was “equal capacity per flow”. This results from large flows losing more packets than small flows when a queue overflows, which tends to equalize the rates. It was satisfying because this made users equal.



However, today computers generate the flows and they are not restricted to one flow, they can generate thousands of flows if that would improve a data transfer. Unfortunately, it will greatly improve the capacity they can achieve, more or less linearly with the number of flows. P2P discovered this in 1999 and since then it has been able to consume the majority of the pooled capacity made available for large groups of people, both in ISP’s and at Universities. Most P2P users don’t even understand that they are using the capacity paid for or intended for many other users. But the problem is not just P2P. Now that one application has used multi-flows to gain capacity; other applications like FTP are likely to do the same, if just to gain parity. Then HTTP will send each image as multi-flow and the race is on. This will quickly destroy NAT and the problems will multiply.



However, a simple alternative exists, and that is to change the equality rule to the concept of “equal capacity for equal payment”. In many cases this will be equal capacity per user, as was intended originally. This does not differentiate based on application or the data source. It is in fact much less expensive to implement than DPI looking for P2P varieties. It only requires measuring the usage of each user and equalizing their capacity. Once implemented at the network edge, it forever fixes the fairness problem and applications can then concentrate on saving money, not maximizing capacity at the expense of others.
Files: youtubeChanging the IP Fairness Rule with Flow Management
pdfRoberts Presentation(PDF)
Sponsors: None.
Automatic Configuration Generation and Auditing of Network
Meeting: NANOG44
Date / Time: 2008-10-13 3:30pm - 4:00pm
Room: Biltmore Bowl
Presenters: Speakers:
Michael Shields, Google.
Abstract: Using structured metadata, we discuss automatic configuration generation, problems encountered, and auditing of a somewhat large global network
Files: youtubeAutomatic Configuration Generation and Auditing of Network
pdfShields Presentation(PDF)
Sponsors: None.
Tutorial: IPv6 Routing Introduction
Meeting: NANOG44
Date / Time: 2008-10-13 4:30pm - 6:00pm
Room: Biltmore Bowl
Presenters: Speakers:

Philip Smith, Cisco Systems

Philip Smith has been with Cisco Systems since 1998 and is based in Brisbane, Australia. He is a Consulting Engineer, part of the Service Provider Architectures Group in Corporate Development. His role includes working with many ISPs in the Asia Pacific region, specifically in network strategies, technology, design and operations, configuration and scaling. As part of an ISP and Internet education initiative, Philip runs several Routing and Internet Technology Workshops in the Asia Pacific region. He also assists as co-instructor at similar events in many other parts of the world. Philip also is closely involved in regional activities, being chair of the APRICOT Management Committee, chair of APOPS, member of the organising and programme committees for SANOG and PacNOG, as well as chair of APNIC\'s Routing and Internet Exchange Point Special Interest Groups. Prior to joining Cisco, he spent five years at PIPEX (now integrated into MCI\'s global network business), the UK\'s first commercial Internet Service Provider. He was one of the first engineers working in the commercial Internet in the UK, and played a key role in building the modern Internet in Europe.

Ron Bonica, Juniper Networks

Ron Bonica is a member of Juniper Networks\' routing protocol software development team. He also contributes to the Internet Engineering Task Force (IETF), currently serving as co-director of the Operations and Management (O&M) Area, as well as co-chair of the Layer 3 Virtual Private Network Working Group. Ron also has authored several standard documents.Prior to joining Juniper Networks, Ron served as senior manager of engineering for MCI\'s vBNS+ network. The vBNS+ network offered L3VPN services to United States government customers.
Abstract: This tutorial will provide an overview of IPv6 routing concepts and provide examples of IPv6 configurations for routers using Cisco and Juniper CLI. There will be a question and answer period at the end of the tutorial for specific technical questions related to deploying IPv6 on existing networks.
Files: youtubeIPv6 Routing Introduction
pdfSmith IPv6 Presentation(PDF)
Sponsors: None.
ISP Security
Meeting: NANOG44
Date / Time: 2008-10-13 4:30pm - 6:00pm
Room: Emerald
Presenters: Speakers:

Danny McPherson, Arbor Networks

Danny McPherson is Chief Research Officer at Arbor Networks. He has over 14 years in the Internet network operations, security and telecommunications industry. Prior to joining Arbor, Danny was Director of Emerging Technology at Amber Networks. He has served as network architect for global Internet Service Providers such as Qwest, MCI and Genuity. Danny currently chairs the IETF PWE3 Working Group and is a member of several IETF Area directorates and Internet research groups.
Warren Kumari, Google.
Abstract: 16:30 - 17:00: An interim solution to the threat of DNS cache poisoning while waiting for DNSSEC. -- Rodney Joffe



17:00 - 17:30: Next steps in IRR/X509 --Barry Raveendran Greene, Jason Schiller



17:30 – 18:00: Early Survey Results and Some Attack Statistics -- Danny McPherson.
Files: None.
Sponsors: None.
Tools
Meeting: NANOG44
Date / Time: 2008-10-13 4:30pm - 6:00pm
Room: Heinsbergen
Presenters: Speakers:

Joel Jaeggli, Nokia

Joel Jaeggli works in the Security and Mobile connectivity group within Nokia. His time is divided between the operation of the nokia.net (AS 14277) research network and supporting the strategic planning needed of Nokia\'s security business.<BR> <BR> Projects with former employer the University of Oregon included the Network Startup Resource Center, Oregon Routeviews project (still an active participant), the Beyond BGP Project, and the Oregon Videolab.<BR> <BR> He an active participant in several industry-related groups Including the IETF and NANOG. Joel frequently participates as an instructor or presenter and at regional and international network meetings, on services and security related topics.
Abstract: Wes Hardaker-Lead Developer DNSSEC-Tools package

Demonstration of the tools they have available to help teach people how to sign their zones (among many other things).



Eric Osterweil-UCLA

A DNSSEC monitoring project called SecSpider and how to use it. http://secspider.cs.ucla.edu/



Virendra Rode-moderator outages.org

Topics of interest: Service provider(s) participation in outages notification?

What monitoring tools do you use to monitor your environment? How do they work for your environment? Does it scale for your environment?

What would you like to see out of such a tool (open-source or commercial).
Files: None.
Sponsors: None.
Experiences of Delivering IPTV to Student Accommodation in the UK
Meeting: NANOG44
Date / Time: 2008-10-14 10:00am - 10:30am
Room: Biltmore Bowl
Presenters: Speakers:

Simon Lockhart, Bogons, Inuk Networks

Simon Lockhart is Technical Director at Inuk Networks, where he is responsible<BR> for technical architecture and infrastructure, as well as R&D. Prior to Inuk<BR> Networks he worked for over 10 years at the BBC developing and building its<BR> Web and Streaming infrastructure. He is currently a Non-Executive Director<BR> of the London Internet Exchange (LINX).
Abstract: This presentation will include:

* description of the features of the service, and the technologies involved.

* the multicast landscape in the UK

* JANET, the UK\'s academic network

* getting it working (or, rather, \"it just worked...\")

* inter-as multicast

* QoS (or, what\'s really needed to make IPTV work)

* problems we\'ve hit, and how we overcame them (or ignored them...)

* VoD and network scaling issues

* Where next? (International plans, etc)
Files: youtubeExperiences of Delivering IPTV to Student Accommodation in the UK
pdfLockhart Presentation(PDF)
Sponsors: None.
DNSSEC @ IANA
Meeting: NANOG44
Date / Time: 2008-10-14 10:30am - 11:00am
Room: Biltmore Bowl
Presenters: Speakers:

Richard Lamb, IANA/ICANN

Rick started performing “IANA functions” in 2007 after escaping from Washington DC where he was Director Global IT Policy at the US Department of State. While there he spent much of his time working to ensure policymakers and other stakeholders understood the technology and philosophy behind the Internet and other information technologies (e.g., VoIP, WiFi, WiMax, open source software, IPv6, Internet censorship) writing position papers and leading the occasional delegation. In return he was indoctrinated into the process of policymaking and international negotiation, learning more than he wanted to know about various acronymatic processes, issues, agencies and organizations (including Internet Governance, Internet censorship, ITU, IETF, WSIS, NGN, APEC, OECD, IMO, IMSO, ITSO, .iq, CFIUS, OFAC, ITAR/DTRA, cable landing licenses, ICANN, NSTAC, DTI, USCG, NTIA, FCC, OSTP, DHS, NIST, USTR, OSD, VOA). <BR> <BR> For the other 20+ years in the networking business Rick created and was CEO at a number of small startups including one acquired by Microsoft for its NAT/firewall technology. The rest of the time he spent on developing protocols and products behind other acronyms such as UUCP, MEP2, MHS, X.25, Bisync, TCP/IP, DECNET, IPX, ISDN, H.323, and yes, DNS. This overlapped with many years of digital and probabilistic signal processing work resulting in a EE PhD from MIT. Before all that, RF hardware design. Currently, as DNSSEC program manager, Rick has helped architect and engineer IANA’s DNSSEC signing system; and develop and coordinate ICANN’s position on DNSSEC for the domain names it is responsible for and for signing the root. He is also responsible for other nascent Internet security infrastructure efforts such as RPKI.
Abstract: In order to provide a technology demonstration, IANA has prepared a secure, trustable, and accountable DNSSEC signing infrastructure to sign the zones for which IANA is responsible. This presentation will provide an overview of the design goals, discuss the architecture and implementation, and discuss the next steps needed to be undertaken to facilitate greater DNSSEC deployment.
Files: youtubeDNSSEC @ IANA
pdfLamb Presentation 2(PDF)
Sponsors: None.
RFC 5211 - One Possible Timeline to IPv6
Meeting: NANOG44
Date / Time: 2008-10-14 11:30am - 11:45am
Room: Biltmore Bowl
Presenters: Speakers:

John Curran, ServerVault Corp/ARIN

John Curran is the Chairman of Board of ARIN, the American Registry for Internet Numbers. John helped found ARIN five years ago and has served as Chair since its inception. ARIN has over 1800 members and is the Regional Internet Registry managing IP address resources for the North America, South America and the Caribbean region. When not managing ARIN, John is the Chief Technology Officer and Vice President of Engineering at XO Communications, a facilities-based communications provider in Reston, Virginia.
Abstract: While it\'s understood that each network will make its own decisions in deploying IPv6, there hasn\'t been much dialog on the overall coordination of expectations between networks that is necessary to maintain \"one connected Internet\" during this transition. In this talk, John will cover one possible timeline and set of expectations which could be used to coordinate overall transition to IPv6.
Files: pdfCurran Presentation(PDF)
youtubeRFC 5211 - One Possible Timeline to IPv6
Sponsors: None.
Stealing the Internet
Meeting: NANOG44
Date / Time: 2008-10-14 11:45am - 12:15pm
Room: Biltmore Bowl
Presenters: Speakers:
Alex Pilosov, Pilsoft.

Anton Kapela, 5Nines Data

Anton Kapela is a co-owner and partner at 5Nines Data, a Datacenter and IT solutions company in Madison, Wisconsin, where he is responsible for the architecture and implementation of network services and datacenter facilities. Prior to 5Nines Anton actively consulted with several network, wireless, and communications industry companies. His most memorable clients have been Redline Communications, Motorola\'s Canopy Wireless division, and a subsidiary of Research In Motion known as \'Slipstream.\' More recently he consulted on Internap Networks\' acquisition and integration of VitalStream - a Content Delivery Network.<BR> <BR> Anton is actively involved in the Internet operations and research community and has been a frequent presenter at numerous Operators Group meetings on a variety of topics.
Abstract: In \"Stealing the Internet\" Kapela and Pilosov will describe a method where an attacker exploits the BGP routing system to facilitate transparent interception of IP packets. The method will be shown to function at a scale previously thought by many as unachievable. The talk highlights a new twist in sub-prefix hijacking that we demonstrated at Defcon 16: using intrinsic BGP logic to both \"attract\" network traffic and simultaneously create a \'feasible path\' towards the target network. This method will be shown to preserve end-to-end reachability while creating a virtual \'wire tap\' at the attackers network.
Files: pdfKapela Presentation(PDF)
youtubeStealing the Internet
Sponsors: None.
A One Year Measurement Study of IPv6 Inter-Domain Traffic in the Internet
Meeting: NANOG44
Date / Time: 2008-10-14 12:15pm - 1:00pm
Room: Biltmore Bowl
Presenters: Speakers:

Haakon Ringberg, Princeton University

Haakon is a Ph.D. student at Princeton University in the department of Computer Science. He is co-advised by Kai Li and Jennifer Rexford. He is interested in many areas of computer science, but his graduate work has been on network measurement and network anomaly detection.

Danny McPherson, Arbor Networks

Danny McPherson is Chief Research Officer at Arbor Networks. He has over 14 years in the Internet network operations, security and telecommunications industry. Prior to joining Arbor, Danny was Director of Emerging Technology at Amber Networks. He has served as network architect for global Internet Service Providers such as Qwest, MCI and Genuity. Danny currently chairs the IETF PWE3 Working Group and is a member of several IETF Area directorates and Internet research groups.

Craig Labovitz, Arbor Networks

Craig Labovitz is Chief Architect of Arbor Networks' service provider security and backbone engineering solutions. Before joining Arbor, Craig served as a research scientist at Microsoft Research and Merit Network, Inc. His research interests include the security and fault-tolerance of large-scale distributed systems. He is well-known for several important early papers on Internet routing dynamics and reliability. Craig received his PhD. and MSE from the University of Michigan.
Scott Iekel-Johnson, Arbor Networks.
Abstract: Recent concern over the impending exhaustion IPv4 allocations has re-energized interest in the status of IPv6 deployment in the Internet. While previous studies have explored rates of IPv6 registry allocations or BGP statistics, little data exists on the overall level of IPv6 traffic.

In this talk, we present the results of a one year study on IPv6 traffic in the Internet from July 2007 to July 2008. In cooperation with the University of Michigan and over 90 Internet providers, we leveraged commercial traffic probes to measure inter-domain IPv6 traffic (both native and tunneled) in the Internet.

Our dataset covered 91 ISPs including one quarter of the tier1 ISPs and a sizable percentage of the regional / PTT providers in North America and EMA. In all, we monitored 2,389 peering and backbone routers, 278,268 customer and peering interfaces and some 5 terabits per second of average daily Internet inter-domain traffic. We report on both the overall level of IPv6 traffic as well as regional differences and one years trends in IPv6 traffic growth.
Files: youtubeA One Year Measurement Study of IPv6 Inter-Domain Traffic in the Internet
pdfRingberg Presentation(PDF)
Sponsors: None.
Ensuring Service Quality & Security in Converged Networks Through Proactive Monitoring
Meeting: NANOG44
Date / Time: 2008-10-14 2:30pm - 4:00pm
Room: Biltmore Bowl
Presenters: Speakers:

Rahul Vir, Foundry Networks

Rahul Vir is a product line manager at Foundry Networks responsible for defining high end product strategy, evangelizing new technologies, and providing solutions for next generation service provider infrastructures. Prior to joining Foundry he has held various leadership positions in product management and engineering at Riverstone Networks, Hammerhead Systems and Cabletron Systems. In his career of more than 10 years he has been involved in defining multiple platforms and has worked with service providers in designing next-generation IP/MPLS, Ethernet, wireless backhaul and triple- play networks. He has received an MS in Computer Science from Ohio State University and an MBA from University of California at Berkeley.
Abstract: Many Service Providers are migrating to a converged infrastructure capable of offering multiple services including Residential Triple Play and Business VPN Applications. While this reduces infrastructure costs, ensuring service quality and security becomes more complex. Proactive network monitoring using standards based protocols can be used to study traffic patterns, identify top talkers, monitor service quality, and detect anomalies in such networks. The presentation provides solutions for monitoring residential services like video, voice and HSIA, and business services like Layer 2/Layer 3 VPNS.
Files: youtubeEnsuring Service Quality & Security
pdfVir Presentation(PDF)
Sponsors: None.
Perspectives: Improving SSH-style Host Authentication with Network Probing
Meeting: NANOG44
Date / Time: 2008-10-14 4:30pm - 5:00pm
Room: Biltmore Bowl
Presenters: Speakers:

Dan Wendlandt, Carnegie Mellon

Dan recently finished his third year s a PhD student at Carnegie Mellon University. He is generally interested in networks and security, particularly as they relate to economics. Sor far, he has mainly worked on routing security, host authentication, and DDoS. He is currently on a leave of absence working at Nicira Networks in Palo Alto, C A
David Anderson, Carnegie Mellon.
Adrian Perrig, Carnegie Mellon.
Abstract: Widespread use of \"Trust-on-first-use\" (tofu) host authentication, most commonly associated with protocols like SSH and SSL with self-signed certificates, demonstrates significant demand for a host authentication mechanism that is low-cost and easy to deploy. While tofu applications are a clear improvement compared to completely insecure protocols, they can leave users vulnerable to even simple network attacks. Our system, Perspectives, thwarts such attacks using a network overlay that observes a server’s public key via multiple network vantage points (detecting localized attacks) and keeps a record of the server’s key over time (recognizing short-lived attacks). Clients that receive an unauthenticated key can contact this overlay and check the key against these records, detecting many common attacks. The Perspectives design explores a promising part of the host authentication design space: tofu applications gain significant attack robustness while retaining the basic ease-of-use that makes \"Trust-on-first-use\" so popular. We present a full network overlay and client design, analyze the security provided by the system, and describe our experience building and deploying a publicly available implementation.
Files: youtubePerspectives: Improving SSH-style Host Authentication with Network Probing
pdfWendlandt Presentation(PDF)
Sponsors: None.
Unconstrained Profiling of Internet Endpoints via Information on the Web
Meeting: NANOG44
Date / Time: 2008-10-14 5:00pm - 5:30pm
Room: Biltmore Bowl
Presenters: Speakers:
Antonio Nucci, Narus.

Supranamaya Ranjan, Narus

Dr. Supranamaya Ranjan is a Senior Member of Technical Staff in the Office of CTO at Narus, Inc. He obtained his PhD in Electrical Engineering in 2005 from Rice University. His interests are in designing solutions for detecting and preventing all things malicious in the Internet including Worms, Distributed Denial-of-Service attacks (DDoS), Botnets and Prefix Hijacking attacks.
Aleksandar Kuzmanovic, Northwestern University.

Ionut Trestian, Northwestern University

Ionut Trestian is a 2nd year PhD graduate student at Northwestern University, Evanston. He is advised by Prof. Aleksandar Kuzmanovic. His interests are broadly in the areas of network measurement, network security and social networks.
Abstract: In this paper, we introduce a novel approach for profiling and classifying endpoints, i.e., IP addresses. We implement and deploy a Google-based profiling tool, which accurately characterizes endpoint behavior by collecting and strategically combining information freely available on the web. Our \'unconstrained endpoint profiling\' approach shows remarkable advances in the following scenarios: (i) Even when no packet traces are available, it can accurately predict application and protocol usage trends at arbitrary networks; (ii) When network traces are available, it dramatically outperforms state-of-the-art classification tools; (iii) When sampled flow-level traces are available, it retains high classification capabilities when other schemes literally fall apart. Using this approach, we perform unconstrained endpoint profiling at a global scale: for clients in four different world regions (Asia, South and North America and Europe). We provide the first-of-its kind endpoint analysis which reveals fascinating similarities and differences among these regions.
Files: pdfRanjan Presentation(PDF)
youtubeUnconstrained Profiling of Internet Endpoints via Information on the Web
Sponsors: None.
Moderated Panel: What Would Jon have Done About the Addressing Challenges Currently Facing Us?
Meeting: NANOG44
Date / Time: 2008-10-15 9:00am - 10:30am
Room: Biltmore Bowl&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
Presenters: Moderators:

Bob Hinden, Nokia

Bob Hinden is a Nokia Fellow and works for Nokia in Mountain View, California, USA. Nokia Fellow is the highest level of recognition given by Nokia for outstanding research and development. He was previously Head of Standards at Nokia Enterprise Solutions, Chief Internet Technologist at Nokia Networks, and Chief Technical Officer (CTO) at the Nokia IP Routing Group.<BR> <BR> Bob Hinden was one of the early employees (i.e., employee number 4) of Ipsilon Networks, Inc. Ipsilon was acquired by Nokia on December 31, 1997. He was previously employed at Sun Microsystems where he was responsible for the Internet Engineering group that implements internet protocols for Sun\'s operating systems. Prior to this he worked at Bolt, Beranek, and Newman, Inc. on a variety of internetwork related projects including the first operational internet router and one of the first TCP/IP implementations.<BR> <BR> Bob Hinden was co-recipient of the 2008 IEEE Internet Award for pioneering work in the development of the first Internet routers.<BR> <BR> Bob Hinden has been active in the IETF since 1985 and is is the author of thirty-six RFCs. He was recently appointed to a position on the IETF Administrative Oversight Committee (IAOC) and co-chairs the 6man working group. Prior to this he served on the Internet Architecture Board (IAB), was Area Director for Routing in the Internet Engineering Steering group from 1987 to 1994, and chaired the IPv6, Virtual Router Redundancy Protocol, Simple Internet Protocol Plus,the IP over ATM, and the Open Routing working groups. He is also a member of the RFC Editorial Board.<BR> <BR> Bob Hinden holds an B.S.E.E., and a M.S. in Computer Science from Union College, Schenectady, New York.
Panelists:
Bob Braden, ISI.

Danny Cohen, Sun

Danny led many projects that pioneered the use of packet networks for realtime applications (like flight simulation, voice, video, and teleconferencing) He participated in the InterNet Working Group that among other things defined IP and many 3-letter acronyms such as TCP.<BR> He opposed the fix length addressing of IPv4. His failure then to convince the INWG to adopt a variable length addressing is blamed for the need to have IPv6.

Van Jacobson, PARC

Van Jacobson did some networking stuff a long time ago. These days he spends most of his time chauffeuring a grumpy teenager & a loud seven year old. Occasionally he gives talks for people who are too busy doing real work to talk about it.
Paul Mockapetris, Nominum.

Lixia Zhang, UCLA

Lixia Zhang is a Professor in the UCLA Computer Science Department. She received her Ph.D. degree from MIT in 1989. Lixia was a research staff member at Xerox PARC from 1989 to 1995, when she joined UCLA. Her recent research projects have focused on fault tolerance in large-scale systems and network routing protocols.
Abstract: Internet pioneers Van Jacobson, Lixia Zhang, Danny Cohen, Bob Braden, and Paul Mockapetris will share their recollections of the \"behind the scenes\" discussions that went on in the \"early\" days, some 15 or 20 years ago, and you may be surprised at how they mirror the very same threads currently being seen on message lists in our community.



These key players were in the original discussions about addressing, and even then struggled with the looming challenge of address exhaustion. You won’t want to miss this chance to examine the current addressing crisis through the lens of experience.
Files: pdfBraden Presentation(PDF)
pdfDanny Cohen Presentation(PDF)
pdfJacobson Presentation(PDF)
pdfJoffe Presentation(PDF)
pdfMockapetris Presentation(PDF)
youtubeModerated Panel: What Would Jon have Done About the Addressing Challenges Currently Facing Us?
pdfZhang Presentation(PDF)
Sponsors: None.

Back to NANOG44 agenda.

NANOG44 Abstracts

  • DNSSEC
    Speakers:
    Richard Lamb, IANA/ICANN;
  • ISP Security
    Speakers:
    Danny McPherson, Arbor Networks; Warren KumariGoogle; .
  • ISP Security
    Speakers:
    Danny McPherson, Arbor Networks; Warren KumariGoogle; .
  • Tools
    Speakers:
    Joel Jaeggli, Nokia;

 

^ Back to Top