^ Top

NANOG Meeting Presentation Abstract

Keynote: Complexity and Issues around the DNS Root
Meeting: NANOG60
Date / Time: 2014-02-10 10:15am - 11:30am
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:
Jeff Moss.
Abstract: This talk covers a variety of issues spanning from the every increasing complexity of the Internet and yet the failure to perform even the most basic tasks such as sending a secure email, making a secure phone call, and web browsing, etc. At the heart of the entire eco-system lies the DNS Roots which play an important role in both the good and the bad on the Internet. Botnets, open recursive DNS server, malicious tampering, are all ultimately DNS related in one way or another. The talk discusses the role of various emerging technologies i the context of these concerns.
Files: youtubeKeynote: Complexity and Issues around the DNS Root
Sponsors: None.
Measuring & Mitigating Web Performance Bottlenecks in Broadband Access Networks
Meeting: NANOG60
Date / Time: 2014-02-10 11:30am - 12:00pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Srikanth Sundaresan, Georgia Tech

Srikanth is a final-year PhD student at the College of Computing, Georgia Tech, where he works with Professor Nick Feamster. His research interests include network management, measurements, and routing protocols. Currently his work centers on understanding the characteristics of home and broadband networks, and their effect on application performance. He leads the BISmark project.
Abstract: We measure Web performance bottlenecks in home broadband ac- cess networks and evaluate ways to mitigate these bottlenecks with caching within home networks. We first measure Web performance bottlenecks to nine popular Web sites from more than 5,000 broadband access networks and demonstrate that when the downstream throughput of the access link exceeds about 16 Mbits/s, latency is the main bottleneck for Web page load time. Next, we use a router-based Web measurement tool, Mirage, to deconstruct Web page load time into its constituent components (DNS lookup, TCP connection setup, object download) and show that simple latency optimizations can yield significant improvements in overall page load times. We then present a case for placing a cache in the home net- work and deploy three common optimizations: DNS caching, TCP connection caching, and content caching. We show that caching only DNS and TCP connections yields significant improvements in page load time, even when the user’s browser is already performing similar independent optimizations. Finally, we use traces from real homes to demonstrate how prefetching DNS and TCP connections for popular sites in a home-router cache can achieve faster page load times.
Files: youtubeMeasuring & Mitigating Web Performance
pdfMeasuring & Mitigating Web Performance Bottlenecks(PDF)
Sponsors: None.
Network Automation
Meeting: NANOG60
Date / Time: 2014-02-10 1:00pm - 1:30pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Carl Moberg, Tail-F

Carl Moberg, VP of Technology works closely with strategic customers and partners and serves as the company’s key technology evangelist. Carl has been an integral part of the Tail-f management team since joining in 2006 having a variety of positions including VP Engineering and VP Marketing & Product Management. Carl is also a key contributor to many standards organizations including IETF, ETSI NFV, Cablelabs, ONF and MEF.
Abstract: Network providers are challenged by new requirements for fast and error-free service turn-up. Existing approaches to configuration management such as CLI scripting, device-specific adapters, and entrenched commercial tools are an impediment to meeting these new requirements. Up until recently, there has been no standard way of configuring network devices other then SNMP and SNMP is not optimal for configuration management. The IETF has released NETCONF and YANG which are standards focusing on Configuration management. The presentation will give an overview of current practices for network configuration. It will show how NETCONF and YANG addresses issues around automation and programmability.
Files: pdfNetwork Automation(PDF)
youtubeNetwork Automation
Sponsors: None.
Multi-Stage Clos Architectures
Meeting: NANOG60
Date / Time: 2014-02-10 1:30pm - 2:15pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Doug Hanks, Juniper Networks

Douglas Richard Hanks Jr. is a Sr. Data Center Architect with Juniper Networks and focuses on solution architecture for the data center. He works in the Campus and Data Center Business Unit (CDBU) that’s responsible for the Juniper EX, QFX, and QFabric Series hardware, software, and solutions. Previously he was a Solution Architect in the Routing Business Unit (RBU) with Juniper Networks supporting data center solutions with the Juniper MX platform. Prior to working in the business units, Douglas was a Sr. Sales Engineer for Juniper Networks and supported large enterprise accounts such as Chevron, Hewlett-Packard, and Zynga. Douglas is certified with Juniper Networks as JNCIE-ENT #213 and JNCIE-SP #875. Douglas’ interests are network engineering and architecture for enterprise and service provider technologies. He is the author of the Juniper MX Series published by O’Reilly Media and several Day One books published by Juniper Networks Books. Douglas is also the co-founder of the Bay Area Juniper Users Group (BAJUG). When he isn’t busy with networking, Douglas enjoys computer programming and photography. Douglas can be reached at doug@juniper.net or on Twitter @douglashanksjr
Abstract: As overlay networks in the data center become more common place,
everyone is trying to build the best possible underlay using CLOS
fabrics. A key issue with large 5-stage CLOS fabrics are the
provisioning and management. This presentation proposes a method to
simply the management of a 5-stage CLOS fabric by collapsing three
stages into a logical entity called a vSpine. By creating a
multi-stage CLOS using a vSpine in the middle stage, it effectively
reduces the operational overhead of a five-stage CLOS down to a
three-stage CLOS, but with the benefit of having the scale of a five-
state CLOS.
Files: pdfMulti-Stage Clos Architectures(PDF)
youtubeMulti-Stage Clos Architectures
Sponsors: None.
Route Injections -- What are they good for?
Meeting: NANOG60
Date / Time: 2014-02-10 2:15pm - 2:30pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Leigh Metcalf, CERT

Leigh Metcalf is a Member of the Technical Staff at CERT. She holds a PhD in Theoretical Mathematics from Auburn University and has over 10 years of experience in the Internet industry.
Abstract: Route Injections are a known factor that are considered to be 'bad' by their very nature. I consider a particular subset of route injections that occur during the month of October, 2013 and investigate the malicious activity that can be correlated with them. In doing this, I am associating the species of maliciousness associated with the injections and found particular kinds of malware and other behavior.
Files: pdfRoute Injections -- What are they good for?(PDF)
youtubeRoute Injections -- What are they good for?
Sponsors: None.
RouteViews + BGPmon: Enabling BGP Monitoring and Analysis
Meeting: NANOG60
Date / Time: 2014-02-10 3:00pm - 3:30pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Catherine Olschanowsky, Colorado State University

Dr. Catherine Olschanowsky is a research professor in the Computer Science and Mechanical Engineering Departments at CSU. Her research area includes network monitoring and high performance computing application performance. She is the lead on the BGPmon project. She earned her Ph.D. in Computer Science from the University of California at San Diego in the Performance Modeling and Characterization Laboratory. Dr. Olschanowsky also worked as a research scientist and software engineer at the San Diego Supercomputer Center.
Abstract: The RouteViews and BGPmon infrastructure has undergone expansion and upgrades in the last few years. This talk provides an update on the current deployment, highlights improvements, and demonstrates how our new DIY Perl modules can be used by the operations community to build custom tools. RouteViews plus BGPmon is a community BGP data-collection framework and archive. BGP data is collected through peers located around the world. The current set of peers spans 6 continents each of which feed to one of 17 primary RouteViews collectors. BGPmon cooperates with RouteViews to provide that data in a near real-time XML stream. The RouteViews project was initiated as a grassroots effort within the operations community. The value of the data is widely recognized and the infrastructure has grown into an invaluable community resource. Access to real-time, diverse BGP data is critical to BGP monitoring for security and reliability applications. We believe that with the latest set of updates and tools this data can be used to detect Internet outages as they happen. The latest release of BGPmon includes major changes to the XML schema (XSD). The updated XSD allows for easier parsing as well as additional status messages in order to properly evaluate the reliability of the data. These changes coincide with the development of new Perl modules that read, validate, filter, and parse the messages. Actively performing fairly simple analytics on the BGP stream from RouteViews+XML can provide an early warning system during Internet outages. We will show 2 different views of an Internet outage event to demonstrate the use of the current Perl tools. The first tool is a graphic representation of the burst in BGP traffic at the time of the event and the second is a textual representation that shows which peers and how many prefixes were affected. RouteViews continues to recruit new peers to provide broader and more accurate coverage of BGP events. As the RouteViews+BGPmon infrastructure grows we would like to invite the community to use the DIY Perl modules for custom tool development.
Files: pdfRouteViews + BGPmon: Enabling BGP Monitoring and Analysis(PDF)
youtubeRouteViews + BGPmon: Enabling BGP Monitoring and Analysis
Sponsors: None.
BGP in 2013
Meeting: NANOG60
Date / Time: 2014-02-10 3:30pm - 4:00pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Geoff Huston, APNIC

Geoff Huston is the Chief Scientist at APNIC, the Regional Internet Registry for the Asia Pacific. He has worked on the Internet since the late 1980's and has undertaken many roles in network operations and architecture. Currently he is interested in Inter-Domain Routing, IPv6 and the DNS.
Abstract: This presentation looks at the BGP routing table over 2013, looking at rates of growth in IPv4 and IPv6 in the number of entries in the routing table, and also looking at BGP update rates. From time to time we have heard concerns over the projections of unbounded growth in the size of the routing tables, and unbounded growth in the update rate. This presentation will provide some metrics relating to the actual rates of growth and the projections over the coming years of routing table size and dynamic behaviour of BGP
Files: pdfBGP in 2013(PDF)
youtubeBGP in 2013
Sponsors: None.
SpamTracer: Tracking Fly-By Spammers
Meeting: NANOG60
Date / Time: 2014-02-10 4:00pm - 4:30pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Pierre-Antoine Vervier, Symantec Research Labs

Pierre-Antoine Vervier is a Ph.D. student at Symantec Research Labs under the supervision of Prof. Marc Dacier. He obtained his Master's degree in Computer Science in 2010 from the University of Liège (Belgium, EU). His Ph.D. research work is related to the study and detection of malicious BGP hijack attacks. He has been involved in the European project VIS-SENSE (http://www.vis-sense.eu/).
Abstract: There have been speculations about hijacks carried out by so-called ``fly-by" spammers that temporarily steal prefixes to send spam. In this presentation we report on several hijack cases identified in a period of 7 months where suspicious BGP announcements coincided with spam and web scam traffic from corresponding networks. We further characterise the suspicious hijacks and describe the observed modus operandi of these spammers.
Files: pdfSpamTracer: Tracking Fly-By Spammers(PDF)
youtubeSpamTracer: Tracking Fly-By Spammers
Sponsors: None.
Datacenter Track
Meeting: NANOG60
Date / Time: 2014-02-10 4:45pm - 6:15pm
Room: Plaza Ballroom
Presenters: Moderators:

Martin Hannigan, Akamai Technologies, Inc.

Martin Hannigan is a 26 year veteran of the Internet economy. He's been designing, funding, building and operating networks and data centers for a long time. You can find out more about Martin here http://linkd.in/143vNCt

Daniel Golding, Iron Mountain

Daniel Golding is Vice President of Data Center Operations at Iron Mountain. He has over 20 years of experience in the Internet, datacenter, and critical facilities fields. His experience ranges from financial and organizational to deeply technical. He has held executive positions at RagingWire Data Centers, DH Capital, and Tier 1 Research. In addition, Daniel has significant experience in conference administration and management, including serving as the conference chairman for the Hosting Transformation Summit and the Global Peering Forum, for four years in each case. Daniel has held a wide variety of positions across the Internet infrastructure sector: network engineering and peering; data center operations and engineering; financial and industry analysis; and executive management. Also, uniquely, he possesses strong financial knowledge through work as an investor and banker in the Internet sector. Daniel has also been a sponsor and host of NANOG.
Abstract: Join moderators Dan Golding (Iron Mountain) and Marty Hannigan (Akamai) for another round of the highly popular Data Center Track. New features for NANOG 60 include...
- A presentation on Data Center Cooling Technology
- Continued open discussion on the Open-IX Data Center standard
Files: None.
Sponsors: None.
BCOP - Best Current Operational Practices
Meeting: NANOG60
Date / Time: 2014-02-10 4:45pm - 6:15pm
Room: Peachtree Ballroom
Presenters: Moderators:

Aaron Hughes, 6connect

Aaron brings more than 15 years of experience in the telecommunications industry <BR> <BR> Aaron Hughes is President and CTO at 6connect, Inc specializing in Internet Engineering automation solutions, cooling technologies and distributed managed services with a focus on IPv6. He is also the Chief Network Architect at UnitedLayer bringing more than 15 years of experience in the telecommunications industry and is responsible for network topology planning, design and operations. <BR> <BR> Aaron has also held network and system architecture and Sr. level management roles at Lockheed Martin, Cariden Technologies, Terremark, Certainty Solutions, Quest Technologies, RCN, UltraNet and Channel(1) Communications.

Chris Grundemann, CableLabs

Chris Grundemann (JNCIE #449) is the author of Day One: Exploring IPv6 and Day One: Advanced IPv6 Configuration, as well as several IETF Internet Drafts and various industry papers. He is the founding Chair of CO ISOC, the Colorado chapter of the Internet Society, a member of the Rocky Mountain IPv6 Task Force (RMv6TF) Board, an elected member of the ARIN Advisory Council (AC), Co-Chair of the UPnP IPv6 Task Force, and a member of the CEA Pv6 Transition Working Group. Chris also maintains a personal weblog aimed primarily towards Internet related posts typically focusing on network operation and design, tech-policy and the future of the Internet. Chris is currently engaged with CableLabs as a Network Architect, focusing on technical leadership and innovation within IP Networking and beyond.
Abstract: The Best Current Operational Practice (BCOP) project will collect the best practices known within the operations community and capture those practices in a series of documents. These “living documents” are peer reviewed by technology experts who actually deploy and manage these environments. We believe the best documentation is when it is based on real-world implementations.
This is a community project and is open to all to participate and get involved. We welcome your participation and look forward to working together to build better documentation for the entire community.
Join the conversation -
Subscribe to the BCOP Mail List at http://mailman.nanog.org/mailman/listinfo/bcop
Questions or suggestions about BCOP should be directed to bcop-support@mailman.nanog.org
Files: None.
Sponsors: None.
Research and Education Networking Track
Meeting: NANOG60
Date / Time: 2014-02-10 4:45pm - 6:15pm
Room: Augusta
Presenters: Speakers:

Michael Sinatra, ESnet

Michael Sinatra is a network engineer with the Energy Sciences Network (ESnet) in Berkeley, CA, where he specializes in DNS, DNSSEC, IPv6 adoption, and scientific and high-performance networking. Prior to ESnet, Michael worked for the central networking group at UC Berkeley for over a decade. He has been interested in DNS for a long time and attempts to make coherent contributions to various BIND and DNS mailing lists and forums
Abstract: This is a continuing opportunity for members for the R&E networking (and research) communities to meet and discuss topics of interest to the R&E network operations and research communities at NANOG. Building on the topics of the R&E Track at NANOG 59 in Arizona, we will continue to discuss such topics as (tentatively):
o Very brief intro (Michael Sinatra) - 5 min
o R&E regional network updates (Russ Clark, Jeffry Handal, Larry Blunk)
- 30-40 min
o RPKI updates & Roll-your-own (Sandy Murphy & Michael Sinatra) - 30 min
o "What's wrong with information security in higher ed?" (Michael
Sinatra) - 20 min
Files: None.
Sponsors: None.
Social
Meeting: NANOG60
Date / Time: 2014-02-10 7:00pm - 10:00pm
Room: Fernbank Museum of Natural History
Presenters:
Abstract: Fernbank Museum of Natural History
767 Clifton Rd NE, Atlanta, GA 30307
Join us for Cocktails, Appetizers and explore the museum
Shuttle busses will be running between the Westin and the museum from 6:30pm
Files: None.
Sponsors: NTT America, Telx
Tutorial: BGP 101
Meeting: NANOG60
Date / Time: 2014-02-11 9:30am - 11:00am
Room: Peachtree Ballroom
Presenters: Speakers:

Dawit Birhanu, Cisco Systems

Dawit Birhanu is a Technical Marketing Engineer in Service Provider Networking Group at Cisco Systems, where he has worked for over 12 years on Service Provider products and services in multiple roles such as Deployment Engineer, Network Consulting Engineer, Technical Leader and Technical Marketing Engineer focusing on service provider high-end routing platforms. Additional focus areas include MPLS, BGP, QoS and IOS XR. He is a co-author of the Cisco Press book "Cisco IOS XR Fundamentals".
Abstract: The tutorial is the first of a two part tutorial. It introduces service providers to important BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities.
Files: pdfBGP 101(PDF)
Sponsors: None.
Tutorial: Whiteboarding 101
Meeting: NANOG60
Date / Time: 2014-02-11 9:30am - 11:00am
Room: Plaza Ballroom
Presenters: Speakers:

Matthew F. Ringel, Akamai Technologies

Matt Ringel is an Enterprise Architect at Akamai Technologies, specializing in full-system performance consulting for websites. Matt’s career spans 15 years, having worked as a network engineer at BBN Planet and Tufts University. He has written papers on Network Operations Theory, Coherent Naming Schemes, and How to Fire a System Administrator, and maintains a blog focusing on how technically-minded people communicate and work with each other. He has also unintentionally written a compiler in Perl. He holds a BS in Computer Science from Columbia, and is currently finishing his Masters in Engineering Management from Tufts.
Abstract: The “whiteboard talk” represents one of the key ways that engineers can communicate ideas in a concise and educational way to colleagues. More than a classroom lecture or a slide presentation, a whiteboard talk is a combination of several disciplines including teaching, storytelling, and improvisational acting.
In this interactive tutorial, the attendees will learn (through discussion and breakout sessions) how to organize a whiteboard discussion, how to avoid popular pitfalls, and how to make sure that their audience walks away with the knowledge that the attendee wants them to have. These topics include how to narrow down the scope of a topic (both in terms of the topic itself and the level of abstraction), how to build the knowledge model for the talk, how to define terms for different audiences, and how to handle difficult audience members.
Files: pdfWhiteboarding 101(PDF)
youtubeWhiteboarding 101
Sponsors: None.
Tutorial: IPv6 Security: Oxymoron or Oxycodone?
Meeting: NANOG60
Date / Time: 2014-02-11 11:30am - 1:00pm
Room: Plaza Ballroom
Presenters: Speakers:

Paul Ebersman, Infoblox

Paul Ebersman works in the Infoblox IPv6 Center of Excellence as a technical resource, both internally and to the internet community. He first worked on the internet for the Air Force in 1984. He was employee number 10 at UUNET and helped build AlterNET and the modem network used by MSN, AOL and Earthlink. He has maintained his roots in the internet and the open source community, working for various internet infrastructure companies including ISC and Nominum before coming to Infoblox.
Abstract: There are a lot of myths, misinformation and FUD around IPv6 security. The reality is that there are improvements over IPv4, some problems we still have (just with a different name) and some new problems. Learn which is which and how to tell when someone is just trying to sell you something.
Files: pdfIPv6 Security: Oxymoron or Oxycodone?(PDF)
youtubeIPv6 Security: Oxymoron or Oxycodone?
Sponsors: None.
Tutorial: BGP 102
Meeting: NANOG60
Date / Time: 2014-02-11 11:30am - 1:00pm
Room: Peachtree Ballroom
Presenters: Speakers:

Dawit Birhanu, Cisco Systems

Dawit Birhanu is a Technical Marketing Engineer in Service Provider Networking Group at Cisco Systems, where he has worked for over 12 years on Service Provider products and services in multiple roles such as Deployment Engineer, Network Consulting Engineer, Technical Leader and Technical Marketing Engineer focusing on service provider high-end routing platforms. Additional focus areas include MPLS, BGP, QoS and IOS XR. He is a co-author of the Cisco Press book "Cisco IOS XR Fundamentals".
Abstract: The tutorial is the second part of a two part tutorial. It discusses how apply the different BGP techniques discussed in BGP 101 to deployment scenarios. It looks at deployment techniques including aggregation, announcing prefixes, and pressure points on the routing system.
Files: pdfBGP 102(PDF)
youtubeBGP 102
Sponsors: None.
IPv6 Performance Bonus
Meeting: NANOG60
Date / Time: 2014-02-11 2:30pm - 3:15pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:
Lee Howard.
Abstract: Data from multiple sources suggests that IPv6 offers better performance over IPv4. Presentation includes the data and methodologies, plus test results investigating the reasons for the performance difference.
Files: pdfIPv6 Performance Bonus(PDF)
youtubeIPv6 Performance Bonus
Sponsors: None.
The Importance of In-Flight Encryption
Meeting: NANOG60
Date / Time: 2014-02-11 3:15pm - 4:00pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Jim Theodoras, ADVA Optical Networking

Jim Theodoras is Senior Director of Technical Marketing at ADVA Optical Networking, where he actively promotes the company’s portfolio of Optical+Ethernet transport products and related technologies. He has over 25 years of industry experience in electronics and optics, spanning a wide range of diverse topics. Jim is a past President of the Ethernet Alliance and was optical liaison editor for IEEE Communications Magazine from 2006-2010. He holds 16 patents in the field of telecommunications, and is a frequent contributor to industry publications.
Abstract: The big news in recent NSA revelations is not that the government is listening, but rather how vulnerable networks are to eavesdropping. Prior to the revelations, common theory dictated Service Provider services were secure, and higher layer encryption at end nodes guaranteed secure transmission end-to-end. However, after the revelations has come the realization that higher layer end encryption is not sufficient, as multiple points of vulnerabilities exist along the transport path. Service Provider business models were immediately impacted, as the price premium for VPN services began rapidly eroding. The only way to ensure end-to-end secure communication is in-flight encryption, where the WAN itself contains its own unique encryption and key management system. In this presentation, the network vulnerabilities recently discovered will be detailed. In-flight encryption and how it negates these vulnerabilities will be described. Recent advances in transport encryption, including 100Gbit/s line-rate encryption, will be presented. A companion live-demonstration of 100Gbit/s encryption is planned for Beer ‘N Gear.
Files: pdfThe Importance of In-Flight Encryption(PDF)
youtubeThe Importance of In-Flight Encryption
Sponsors: None.
Building an IPv6 Address Management System
Meeting: NANOG60
Date / Time: 2014-02-11 4:30pm - 5:00pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Athanasios Douitsis, National Technical University of Athens

Born in Athens, 1976, Athanasios Douitsis is a Network Engineer with focus on Network Management Software, IPv6 access services, Monitoring, Measurements and Multicast. He graduated from the Department of Electrical and Computer Engineering of the National Technical University of Athens in 2001 and has been working for the NTUA Network Operations Centre since 2000, involved in the development and administration of the NTUA campus infrastructure, the Greek Research Network (GRNET), the Greek School Network and the Greek Student Network.
Abstract: IP Address Management (IPAM) for access networks has hitherto been an area of relatively little concern for most network operators. Even for large broadband access networks with many thousands of end users, IPAM was seldom a problem, mostly because network administrators could easily choose from a wide variety of time tested methodologies and solutions, ranging from simple approaches such as using local address pools in their broadband routers, to sophisticated software developed either in-house or by external vendors.

However, with the advent of IPv6 in access networks, a new set of problems has arisen regarding IPAM. Most of these problems are related to factors such as the different scale of IPv6 compared to IPv4, the unfamiliarity with the new set of specifications and protocols (e.g. DHCPv6 Prefix Delegation, ULA, etc) that have appeared and, in many cases, the incomplete or buggy feature sets of many networking and software solutions. Because of these factors, methods deemed effective in the IPv4 world cannot be translated and applied verbatim to the IPv6 realm, making the task of address management much more daunting than it was before.

Our team at the National Technical University of Athens NOC has worked extensively in IPv6 access networks deployment in the last 5 years, being responsible for the design, implementation and deployment of IPv6 enabled broadband access in multiple networks. About a year ago, we were able to implement and deploy a homegrown vendor independent IPv6 assignment software solution geared for the particular needs of the Greek Student Network (EDUDSL), a nationwide broadband access network in Greece, providing affordable access to university students. Because of organizational peculiarities with the way it operates, EDUDSL does not possess its own user database. At the same time however, it operates its own LNS equipment and retains the IP address assignment task. To provide its subscribers with stable persistent IPv6 prefixes, a piece of software was created that is able automatically assign IPv6 prefixes on the fly at the time of first login of each user, simultaneously recycling least recently used prefixes from users that have left the service. The software is integrated with the RADIUS server and is designed to service each request in fractions of a second, in order not to delay the rest of the authorization process. These speed requirements, along with the fact that the software operates without prior knowledge of the user base, have dictated several key implementation choices of our system.

The Greek School Network (SCH) is another nationwide broadband access network providing access to units such as schools and relevant administration buildings throughout the country. SCH maintains a directory (LDAP) which, among other purposes, is used by the RADIUS servers to facilitate authentication and authorization of each unit's CPE connecting to an SCH broadband router. Since the SCH has had IPv6 enabled access for more than 10 years, the IPv6 prefixes for each unit had been hitherto assigned by hand, thus the process of maintaining the system required considerable human involvement which is cumbersome and error-prone. For the future needs of SCH, our team is developing a completely automated solution that is able to assign and maintain suitable IPv6 prefixes to all the units in the SCH directory. As units are categorized into organizational categories (e.g. elementary schools, high schools, etc), the software is able to segregate accordingly and handle multiple respective IPv6 prefix pools. Naturally, the software is able to detect and categorize new entries in the directory and assign new prefixes, detect deletion of units and recycle their prefixes on a least recently used basis, keep track of past assignments in an audit log and, most importantly, handle and assign prefixes to multiple CPEs per unit, a complex feature somewhat unique to the SCH, but not unheard of elsewhere.

Undeniably, the individual traits of the two cases that were mentioned affected the choices that were made in a profound way. However, we believe that some characteristic choices hold merit in a more general way. For example, a rather characteristic choice is that our system does never store full IPv6 prefixes for each subscriber or unit in its database, but rather opts to assign a persistent positive integer offset for each one. The real and full IPv6 prefix is calculated from that offset and used according to the needs at hand. This seemingly bizarre solution, permits easier storage, sorting and handling of the offsets in a database and at the same time makes the task of carrying out a renumbering trivial, by simply redefining the IPv6 address pools. Another interesting choice is the automatic recycling of least recently used offsets, a feature that aims towards operation with minimal administrative burden.

In our presentation, we aim to briefly describe the design and implementation of the aforementioned IPv6 Address assignment systems, so the community can benefit from our experience. We likewise hope that our work can stimulate thought and lead to the evolution of ever more better solutions.
Files: pdfBuilding an IPv6 Address Management System(PDF)
youtubeBuilding an IPv6 Address Management System
Sponsors: None.
Exposing the Technical and Commercial Factors Underlying Internet Quality of Experience
Meeting: NANOG60
Date / Time: 2014-02-11 5:00pm - 5:30pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:
Don Bowman, Sandvine.
Abstract: The Internet is, amongst many things, a transport mechanism for an end-to-end ecosystem of content delivery amongst participating players. Competing interests also must co-operate to deliver acceptable quality. At each interchange between players there is a set of selfish interests and actions which may optimize for one player at the expense of another. Balances are still being sought as the Internet evolves, and these are leading to temporary arbitrage opportunities that may sometimes jeopardize the entire chain. Quality is affected by a chain of factors both technical and economic. The location of a quality impairment introduced in the chain is often poorly understood and difficult to measure, and many commonly assume it can only be the access network. Using aggregated data from six North American networks, this presentation examines how trusted benchmarks from Speedtest, Netflix, and YouTube, which seek to ‘normalize’ experience into simple, objective measures, have accuracy and depth challenges, as well as a tendency to focus subjectively on a single point in the network rather than looking more objectively at the entire data path.
Files: youtubeExposing the Technical and Commercial Factors
pdfTechnical and Commercial Factors Underlying Internet Quality (PDF)
Sponsors: None.
Tradeoffs in Network Complexity
Meeting: NANOG60
Date / Time: 2014-02-12 9:30am - 10:00am
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Russ White, Ericsson

Russ White has co-authored 8 technical books (through Pearson), over 30 software patents in the area of network protocols, eleven RFCs, has spoken at network conferences and network operator's groups throughout the world, and is a regular contributor at Packet Pushers. He currently serves on the Routing Area Directorate at the IETF, as a co-chair of the Internet Society's Advisory Council, on the Technical Advisory Council for Capella University, and as a technical advisor for Shepherds Theological Seminary. Russ is a Principal Engineer at Ericsson, working in the space of next generation mobile networks and data centers. He lives in Holly Springs and Oak Island, NC, with his wife and two daughters (who claim they will not be engineers, but only time will tell).
Abstract: While we're not addressing network complexity "head on," we're always skirting around the topic through various other technical proposals, such as software defined networks, mobility, and network function virtualization. This session will present one possible way of looking at network complexity, specifically as a series of tradeoffs or continuums along which network engineers can choose complexity verses solving specific problems, or even one type of complexity verses another type of complexity. This session will not attempt to define complexity, or even to propose ways to measure the concept, but only provide one framework within which to understand complexity vis-a-vis current ideas in new ways to build and manage networks.
Files: pdfTradeoffs in Network Complexity(PDF)
youtubeTradeoffs in Network Complexity
Sponsors: None.
Help! My big expensive router is really expensive!
Meeting: NANOG60
Date / Time: 2014-02-12 10:00am - 11:00am
This item is webcast
Room: Peachtree Ballroom
Presenters: Panelists:
David Temkin, Netflix.
Craig Pierantozzi , Microsoft.

Richard Steenbergen, GTT

Richard Steenbergen currently serves as the Chief Technology Officer of GTT, a global IP/MPLS backbone in over 80 countries. Prior to GTT, Richard was the founder and CTO of nLayer Communications, a Senior Network Engineer for other very large NSPs, and a Senior Software Engineer developing advanced optimized routing technologies. Richard has many years of practical experience operating and managing large networks, and is a frequent contributor in many popular networking community forums. He is also an active developer for several tools and software packages used by the network operator community. Some notable projects include PeeringDB, a portal used by many networks to help coordinate their peering activities, and IRR PowerTools, a software package used by many ISPs to maintain their IRR-based BGP prefix lists.

Mark Berly, Arista Networks

Mark Berly is a senior systems engineer manager for Arista Networks Eastern region, Canada and WW Service Provider. He is one of Arista’s senior design architects and leads Arista’s extensibility and open source initiatives. Prior to joining Arista Mr. Berly spent over a decade at Cisco Systems. During his time at Cisco he led Cisco’s Data Center solutions cloud architecture group, was the senior product line manager for Cisco’s NX-OS and Nexus 7000 product lines, led the business unit world-wide engineering escalation group focused on Catalyst 6500 and helped start the Cisco IOS SafeHarbor testing initiatives. Mr. Berly is a trusted technical advisor for many fortune 500 companies.

Kevin Wollenweber, Cisco High End Routing and Optical Group

Kevin is currently Director of Product Management for the High End Routing and Optical group. He has been involved with Cisco's Service Provider Routing portfolio for over 17 years in various aspects of Engineering, Technical Marketing and Product Management. He currently runs the HERO Group Core Routing portfolio, consisting mainly of the CRS and NCS product families. He is currently focused area is next generation product development.
Abstract: Over the past few years, we've seen the data center switch market explode with commodity chips, open source software, and the concepts of SDN. All we have seen in the routing space has been bigger routers that need more power, cooling, and space on a curve that doesn't match the data center behind it. We seek to explore:

A) Why this is the case
B) What we can do as network designers and operators to maximize the investment in the platforms we have
C) What we can do to ensure we're not investing in a dying platform
D) What alternatives do we have to Big Expensive Routers that are really expensive?
Files: pdfHelp! My big expensive router is really expensive!(PDF)
youtubeHelp! My big expensive router is really expensive!
Sponsors: None.
Understanding IPv6 Internet Background Radiation
Meeting: NANOG60
Date / Time: 2014-02-12 11:30am - 12:00pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:
Manish Karir, Merit Network.
Abstract: We report the results of a study to collect and analyze IPv6 Internet background radiation. This study, the largest of its kind, collects unclaimed traffic on the IPv6 Internet by announcing five large /12 covering prefixes; these cover the majority of allocated IPv6 space on today’s Internet. Our analysis characterizes the nature of this traffic across regions, over time, and by the allocation and routing status of the intended destinations, which we show help to identify the causes of this traffic. We compare results to unclaimed traffic in IPv4, and highlight case studies that explain a large fraction of the data or highlight notable properties. We describe how announced covering prefixes differ from traditional network telescopes, and show how this technique can help both network operators and the research community identify additional potential issues and misconfigurations in this critical Internet transition period.
Files: pdfUnderstanding IPv6 Internet Background Radiation(PDF)
youtubeUnderstanding IPv6 Internet Background Radiation
Sponsors: None.
IPv6 and Path MTU problems in AnyCast networks
Meeting: NANOG60
Date / Time: 2014-02-12 12:00pm - 12:30pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:

Hossein Lotfi, Verizon EdgeCast

Hossein Lotfi runs Performance Engineering team at Verizon EdgeCast. he spends most of his time working on ideas to make the CDN faster. Hossein has more than fourteen years of experience in various systems and network engineering roles and has a full-stack-investigation approach when dealing with complex challenges.
Abstract: The global protocol switch from IPv4 to IPv6 was a momentous occasion, and the culmination of work from around the world to address a rapidly serious problem.
But as many technology professionals quickly found out, IPv6 is still in its nascent stages; engineers are learning on-the-go IPv6 works not quite as optimally as the old system, creating communication breakdowns and affecting performance when it matters most.
In preparations for IPv6 day, EdgeCast identified it’s own IPv6 difficulties while troubleshooting content delivery problems related to one of its largest customers. During initial troubleshooting, engineers were able to narrow the problem down to clients who were accessing the images through IPv6, and relied upon 6rd Rapid Deployment tunnels to provide their access to v6 internet.
Due to the still-dominant usage of IPv4 on the Internet, reaching IPv6 servers often requires encapsulation of IPv6 packets within IPv4, also known as tunneling. As a result, such IPv6 packets can no longer make use of the most common 1500 byte packet sizes, necessitating IPv6 users to pre-negotiate smaller sizes accounting for these tunneling header overheads, or senders of packets which are too large must receive ICMPv6 PMTU indications to dynamically adjust. For CDNs with the complications of load balancing, addressing, and a variety of routing topologies, it may not always be possible for a tunnel broker to send such ICMPv6 packets to the right sender or for the sending server to receive these indications. Subsequently a flow could fail due to timeouts, fruitlessly retransmitting packets that are too large for the tunnel encapsulations.
This presentation covers IPv6 Path MTU problems due to the client connection via tunneling mechanisms, while also exploring how EdgeCast detected those problems by using RIPE Atlas probes, detailed packet flow investigation and how mechanisms were implemented to make sure they no longer cause problems.
This presentation will answer the following questions:
-What tools did we use to monitor our network prior to IPv6 Launch
-How was the original problem detected (Examples of detailed packet flow investigation will be explored)
-What was the role of load balancing and complex routing techniques in causing PMTU problems?
-What are best practices for packet transmission without fragmentation problems?
Files: pdf IPv6 and Path MTU problems in AnyCast networks(PDF)
youtube IPv6 and Path MTU problems in AnyCast networks
Sponsors: None.
dnstap: high speed DNS logging without packet capture
Meeting: NANOG60
Date / Time: 2014-02-12 2:30pm - 3:00pm
This item is webcast
Room: Peachtree Ballroom
Presenters: Speakers:
Robert Edmonds, Farsight Security, Inc..
Abstract: The DNS protocol presents interesting logging challenges. Common approaches to DNS logging include instrumentation internal to the DNS server which generates textual log messages ("query logs"), and external passive observation of DNS network traffic ("packet capture"). This presentation will outline some of the strengths and weaknesses of these two approaches and will showcase a hybrid vendor-neutral logging implementation, "dnstap", that can provide at high speed the high quality data needed for DNS monitoring applications such as passive DNS replication and query logging.
Files: pdfdnstap: high speed DNS logging without packet capture(PDF)
youtubednstap: high speed DNS logging without packet capture
Sponsors: None.
Security Track
Meeting: NANOG60
Date / Time: 2014-02-12 4:30pm - 6:00pm
Room: Peachtree Ballroom
Presenters: Panelists:

Krassimir Tzvetanov, Cisco Systems

Krassimir works for the Advanced Services division within Cisco Systems. He focuses on security posture assessments, DDoS mitigation and threat intelligence.
Abstract: This meeting will focus on reflected amplified DDoS attacks and ways to monitor and mitigate. It will also showcase some of the community projects in the field. It will also look at another threat that is starting to make the news - BGP hijacks. Is that a real threat, or just another rediscovery of an old issue? The folks from BGPMon.net will have some data to share. Also feel free to bring your data and slides but make sure to contact me before the event.
Files: None.
Sponsors: None.

Back to NANOG60 agenda.

NANOG60 Abstracts

  • Datacenter Track
    Moderators:
    Martin Hannigan, Akamai Technologies, Inc.; Daniel Golding, Iron Mountain;
  • Datacenter Track
    Moderators:
    Martin Hannigan, Akamai Technologies, Inc.; Daniel Golding, Iron Mountain;
  • BGP 101
    Speakers:
    Dawit Birhanu, Cisco Systems;
  • BGP 102
    Speakers:
    Dawit Birhanu, Cisco Systems;

 

^ Back to Top