^ Top

NANOG 60 Agenda

All times will be listed in Eastern Time.

**Please Note - Agenda is Subject to Changes as We Get Closer to the Meeting.**

Recordings will NOT be available for Tracks or Peering.

NEW! The NANOG 60 Agenda icalendar feed is now available!
Save the .ics file and import into your calendar, or subscribe to the URL:
http://www.nanog.org/sites/default/files/ical/nanog.ics

 

Floor Plans

Sunday, February 9 2014
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
4:00pm - 6:00pmPeachtree FoyerRegistration
5:30pm - 6:30pmInternational CCocktail Hour with Education Class
Monday, February 10 2014
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:30am - 5:00pmPeachtree FoyerRegistration
8:30am - 11:00amPeachtree FoyerWelcome RefreshmentsSponsors:
10:00am - 10:15am

Peachtree BallroomConference OpeningSpeakers:
  • Greg Dendy, NANOG Program Committee Chair.
  • Betty Burke, NANOG Executive Director.
  • Chris Downie, CEO, Telx.
  • Pete Mastin, VP Business Development IP/CDN, Internap.
pdfConference Opening(PDF)
pdfConference Opening(PDF)
youtubeConference Opening
10:15am - 11:30am

Peachtree Ballroom

Keynote: Complexity and Issues around the DNS Root

This talk covers a variety of issues spanning from the every increasing complexity of the Internet and yet the failure to perform even the most basic tasks such as sending a secure email, making a secure phone call, and web browsing, etc. At the heart of the entire eco-system lies the DNS Roots which play an important role in both the good and the bad on the Internet. Botnets, open recursive DNS server, malicious tampering, are all ultimately DNS related in one way or another. The talk discusses the role of various emerging technologies i the context of these concerns.

View full abstract page.
Speakers:
  • Jeff Moss.
youtubeKeynote: Complexity and Issues around the DNS Root
11:30am - 12:00pm

Peachtree Ballroom

Measuring & Mitigating Web Performance Bottlenecks in Broadband Access Networks

We measure Web performance bottlenecks in home broadband ac- cess networks and evaluate ways to mitigate these bottlenecks with caching within home networks. We first measure Web performance bottlenecks to nine popular Web sites from more than 5,000 broadband access networks and demonstrate that when the downstream throughput of the access link exceeds about 16 Mbits/s, latency is the main bottleneck for Web page load time. Next, we use a router-based Web measurement tool, Mirage, to deconstruct Web page load time into its constituent components (DNS lookup, TCP connection setup, object download) and show that simple latency optimizations can yield significant improvements in overall page load times. We then present a case for placing a cache in the home net- work and deploy three common optimizations: DNS caching, TCP connection caching, and content caching. We show that caching only DNS and TCP connections yields significant improvements in page load time, even when the user’s browser is already performing similar independent optimizations. Finally, we use traces from real homes to demonstrate how prefetching DNS and TCP connections for popular sites in a home-router cache can achieve faster page load times.

View full abstract page.
Speakers:

  • Srikanth Sundaresan, Georgia Tech
  • Srikanth is a final-year PhD student at the College of Computing, Georgia Tech, where he works with Professor Nick Feamster. His research interests include network management, measurements, and routing protocols. Currently his work centers on understanding the characteristics of home and broadband networks, and their effect on application performance. He leads the BISmark project.
youtubeMeasuring & Mitigating Web Performance
pdfMeasuring & Mitigating Web Performance Bottlenecks(PDF)
12:00pm - 1:00pmAtlanta BallroomNewcomers Lunch
12:00pm - 1:00pmPlaza BallroomWelcome LunchSponsors:
1:00pm - 1:30pm

Peachtree Ballroom

Network Automation

Network providers are challenged by new requirements for fast and error-free service turn-up. Existing approaches to configuration management such as CLI scripting, device-specific adapters, and entrenched commercial tools are an impediment to meeting these new requirements. Up until recently, there has been no standard way of configuring network devices other then SNMP and SNMP is not optimal for configuration management. The IETF has released NETCONF and YANG which are standards focusing on Configuration management. The presentation will give an overview of current practices for network configuration. It will show how NETCONF and YANG addresses issues around automation and programmability.

View full abstract page.
Speakers:

  • Carl Moberg, Tail-F
  • Carl Moberg, VP of Technology works closely with strategic customers and partners and serves as the company’s key technology evangelist. Carl has been an integral part of the Tail-f management team since joining in 2006 having a variety of positions including VP Engineering and VP Marketing & Product Management. Carl is also a key contributor to many standards organizations including IETF, ETSI NFV, Cablelabs, ONF and MEF.
pdfNetwork Automation(PDF)
youtubeNetwork Automation
1:30pm - 2:15pm

Peachtree Ballroom

Multi-Stage Clos Architectures

As overlay networks in the data center become more common place, everyone is trying to build the best possible underlay using CLOS fabrics. A key issue with large 5-stage CLOS fabrics are the provisioning and management. This presentation proposes a method to simply the management of a 5-stage CLOS fabric by collapsing three stages into a logical entity called a vSpine. By creating a multi-stage CLOS using a vSpine in the middle stage, it effectively reduces the operational overhead of a five-stage CLOS down to a three-stage CLOS, but with the benefit of having the scale of a five- state CLOS.

View full abstract page.
Speakers:

  • Doug Hanks, Juniper Networks
  • Douglas Richard Hanks Jr. is a Sr. Data Center Architect with Juniper Networks and focuses on solution architecture for the data center. He works in the Campus and Data Center Business Unit (CDBU) that’s responsible for the Juniper EX, QFX, and QFabric Series hardware, software, and solutions. Previously he was a Solution Architect in the Routing Business Unit (RBU) with Juniper Networks supporting data center solutions with the Juniper MX platform. Prior to working in the business units, Douglas was a Sr. Sales Engineer for Juniper Networks and supported large enterprise accounts such as Chevron, Hewlett-Packard, and Zynga. Douglas is certified with Juniper Networks as JNCIE-ENT #213 and JNCIE-SP #875. Douglas’ interests are network engineering and architecture for enterprise and service provider technologies. He is the author of the Juniper MX Series published by O’Reilly Media and several Day One books published by Juniper Networks Books. Douglas is also the co-founder of the Bay Area Juniper Users Group (BAJUG). When he isn’t busy with networking, Douglas enjoys computer programming and photography. Douglas can be reached at doug@juniper.net or on Twitter @douglashanksjr
pdfMulti-Stage Clos Architectures(PDF)
youtubeMulti-Stage Clos Architectures
2:15pm - 2:30pm

Peachtree Ballroom

Route Injections -- What are they good for?

Route Injections are a known factor that are considered to be 'bad' by their very nature. I consider a particular subset of route injections that occur during the month of October, 2013 and investigate the malicious activity that can be correlated with them. In doing this, I am associating the species of maliciousness associated with the injections and found particular kinds of malware and other behavior.

View full abstract page.
Speakers:

  • Leigh Metcalf, CERT
  • Leigh Metcalf is a Member of the Technical Staff at CERT. She holds a PhD in Theoretical Mathematics from Auburn University and has over 10 years of experience in the Internet industry.
pdfRoute Injections -- What are they good for?(PDF)
youtubeRoute Injections -- What are they good for?
2:30pm - 3:00pmPeachtree FoyerBreakSponsors:
3:00pm - 3:30pm

Peachtree Ballroom

RouteViews + BGPmon: Enabling BGP Monitoring and Analysis

The RouteViews and BGPmon infrastructure has undergone expansion and upgrades in the last few years. This talk provides an update on the current deployment, highlights improvements, and demonstrates how our new DIY Perl modules can be used by the operations community to build custom tools. RouteViews plus BGPmon is a community BGP data-collection framework and archive. BGP data is collected through peers located around the world. The current set of peers spans 6 continents each of which feed to one of 17 primary RouteViews collectors. BGPmon cooperates with RouteViews to provide that data in a near real-time XML stream. The RouteViews project was initiated as a grassroots effort within the operations community. The value of the data is widely recognized and the infrastructure has grown into an invaluable community resource. Access to real-time, diverse BGP data is critical to BGP monitoring for security and reliability applications. We believe that with the latest set of updates and tools this data can be used to detect Internet outages as they happen. The latest release of BGPmon includes major changes to the XML schema (XSD). The updated XSD allows for easier parsing as well as additional status messages in order to properly evaluate the reliability of the data. These changes coincide with the development of new Perl modules that read, validate, filter, and parse the messages. Actively performing fairly simple analytics on the BGP stream from RouteViews+XML can provide an early warning system during Internet outages. We will show 2 different views of an Internet outage event to demonstrate the use of the current Perl tools. The first tool is a graphic representation of the burst in BGP traffic at the time of the event and the second is a textual representation that shows which peers and how many prefixes were affected. RouteViews continues to recruit new peers to provide broader and more accurate coverage of BGP events. As the RouteViews+BGPmon infrastructure grows we would like to invite the community to use the DIY Perl modules for custom tool development.

View full abstract page.
Speakers:

  • Catherine Olschanowsky, Colorado State University
  • Dr. Catherine Olschanowsky is a research professor in the Computer Science and Mechanical Engineering Departments at CSU. Her research area includes network monitoring and high performance computing application performance. She is the lead on the BGPmon project. She earned her Ph.D. in Computer Science from the University of California at San Diego in the Performance Modeling and Characterization Laboratory. Dr. Olschanowsky also worked as a research scientist and software engineer at the San Diego Supercomputer Center.
pdfRouteViews + BGPmon: Enabling BGP Monitoring and Analysis(PDF)
youtubeRouteViews + BGPmon: Enabling BGP Monitoring and Analysis
3:30pm - 4:00pm

Peachtree Ballroom

BGP in 2013

This presentation looks at the BGP routing table over 2013, looking at rates of growth in IPv4 and IPv6 in the number of entries in the routing table, and also looking at BGP update rates. From time to time we have heard concerns over the projections of unbounded growth in the size of the routing tables, and unbounded growth in the update rate. This presentation will provide some metrics relating to the actual rates of growth and the projections over the coming years of routing table size and dynamic behaviour of BGP

View full abstract page.
Speakers:

  • Geoff Huston, APNIC
  • Geoff Huston is the Chief Scientist at APNIC, the Regional Internet Registry for the Asia Pacific. He has worked on the Internet since the late 1980's and has undertaken many roles in network operations and architecture. Currently he is interested in Inter-Domain Routing, IPv6 and the DNS.
pdfBGP in 2013(PDF)
youtubeBGP in 2013
4:00pm - 4:30pm

Peachtree Ballroom

SpamTracer: Tracking Fly-By Spammers

There have been speculations about hijacks carried out by so-called ``fly-by" spammers that temporarily steal prefixes to send spam. In this presentation we report on several hijack cases identified in a period of 7 months where suspicious BGP announcements coincided with spam and web scam traffic from corresponding networks. We further characterise the suspicious hijacks and describe the observed modus operandi of these spammers.

View full abstract page.
Speakers:

  • Pierre-Antoine Vervier, Symantec Research Labs
  • Pierre-Antoine Vervier is a Ph.D. student at Symantec Research Labs under the supervision of Prof. Marc Dacier. He obtained his Master's degree in Computer Science in 2010 from the University of Liège (Belgium, EU). His Ph.D. research work is related to the study and detection of malicious BGP hijack attacks. He has been involved in the European project VIS-SENSE (http://www.vis-sense.eu/).
pdfSpamTracer: Tracking Fly-By Spammers(PDF)
youtubeSpamTracer: Tracking Fly-By Spammers
4:45pm - 6:15pmPeachtree Ballroom

BCOP - Best Current Operational Practices

The Best Current Operational Practice (BCOP) project will collect the best practices known within the operations community and capture those practices in a series of documents. These “living documents” are peer reviewed by technology experts who actually deploy and manage these environments. We believe the best documentation is when it is based on real-world implementations. This is a community project and is open to all to participate and get involved. We welcome your participation and look forward to working together to build better documentation for the entire community. Join the conversation - Subscribe to the BCOP Mail List at http://mailman.nanog.org/mailman/listinfo/bcop Questions or suggestions about BCOP should be directed to bcop-support@mailman.nanog.org

View full abstract page.
Moderators:

  • Chris Grundemann, CableLabs
  • Chris Grundemann (JNCIE #449) is the author of Day One: Exploring IPv6 and Day One: Advanced IPv6 Configuration, as well as several IETF Internet Drafts and various industry papers. He is the founding Chair of CO ISOC, the Colorado chapter of the Internet Society, a member of the Rocky Mountain IPv6 Task Force (RMv6TF) Board, an elected member of the ARIN Advisory Council (AC), Co-Chair of the UPnP IPv6 Task Force, and a member of the CEA Pv6 Transition Working Group. Chris also maintains a personal weblog aimed primarily towards Internet related posts typically focusing on network operation and design, tech-policy and the future of the Internet. Chris is currently engaged with CableLabs as a Network Architect, focusing on technical leadership and innovation within IP Networking and beyond.

  • Aaron Hughes, 6connect
  • Aaron brings more than 15 years of experience in the telecommunications industry <BR> <BR> Aaron Hughes is President and CTO at 6connect, Inc specializing in Internet Engineering automation solutions, cooling technologies and distributed managed services with a focus on IPv6. He is also the Chief Network Architect at UnitedLayer bringing more than 15 years of experience in the telecommunications industry and is responsible for network topology planning, design and operations. <BR> <BR> Aaron has also held network and system architecture and Sr. level management roles at Lockheed Martin, Cariden Technologies, Terremark, Certainty Solutions, Quest Technologies, RCN, UltraNet and Channel(1) Communications.
4:45pm - 6:15pmPlaza Ballroom

Datacenter Track

Join moderators Dan Golding (Iron Mountain) and Marty Hannigan (Akamai) for another round of the highly popular Data Center Track. New features for NANOG 60 include... - A presentation on Data Center Cooling Technology - Continued open discussion on the Open-IX Data Center standard

View full abstract page.
Moderators:

  • Martin Hannigan, Akamai Technologies, Inc.
  • Martin Hannigan is a 26 year veteran of the Internet economy. He's been designing, funding, building and operating networks and data centers for a long time. You can find out more about Martin here http://linkd.in/143vNCt

  • Daniel Golding, Iron Mountain
  • Daniel Golding is Vice President of Data Center Operations at Iron Mountain. He has over 20 years of experience in the Internet, datacenter, and critical facilities fields. His experience ranges from financial and organizational to deeply technical. He has held executive positions at RagingWire Data Centers, DH Capital, and Tier 1 Research. In addition, Daniel has significant experience in conference administration and management, including serving as the conference chairman for the Hosting Transformation Summit and the Global Peering Forum, for four years in each case. Daniel has held a wide variety of positions across the Internet infrastructure sector: network engineering and peering; data center operations and engineering; financial and industry analysis; and executive management. Also, uniquely, he possesses strong financial knowledge through work as an investor and banker in the Internet sector. Daniel has also been a sponsor and host of NANOG.
4:45pm - 6:15pmAugusta

Research and Education Networking Track

This is a continuing opportunity for members for the R&E networking (and research) communities to meet and discuss topics of interest to the R&E network operations and research communities at NANOG. Building on the topics of the R&E Track at NANOG 59 in Arizona, we will continue to discuss such topics as (tentatively): o Very brief intro (Michael Sinatra) - 5 min o R&E regional network updates (Russ Clark, Jeffry Handal, Larry Blunk) - 30-40 min o RPKI updates & Roll-your-own (Sandy Murphy & Michael Sinatra) - 30 min o "What's wrong with information security in higher ed?" (Michael Sinatra) - 20 min

View full abstract page.
Speakers:

  • Michael Sinatra, ESnet
  • Michael Sinatra is a network engineer with the Energy Sciences Network (ESnet) in Berkeley, CA, where he specializes in DNS, DNSSEC, IPv6 adoption, and scientific and high-performance networking. Prior to ESnet, Michael worked for the central networking group at UC Berkeley for over a decade. He has been interested in DNS for a long time and attempts to make coherent contributions to various BIND and DNS mailing lists and forums
7:00pm - 10:00pmFernbank Museum of Natural History

Social

Fernbank Museum of Natural History 767 Clifton Rd NE, Atlanta, GA 30307 Join us for Cocktails, Appetizers and explore the museum Shuttle busses will be running between the Westin and the museum from 6:30pm

View full abstract page.
Additional information
Sponsors:
Tuesday, February 11 2014
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:30am - 9:30amAtlanta BallroomMembers Breakfast
8:30am - 9:30amPeachtree FoyerPower BreakfastSponsors:
8:30am - 5:00pmPeachtree FoyerRegistration
9:30am - 11:00am

AugustaARIN Public Policy Consultation Track
Additional information
youtubeARIN Public Policy Consultation Track PART 1
9:30am - 11:00amPeachtree Ballroom

Tutorial: BGP 101

The tutorial is the first of a two part tutorial. It introduces service providers to important BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities.

View full abstract page.
Speakers:

  • Dawit Birhanu, Cisco Systems
  • Dawit Birhanu is a Technical Marketing Engineer in Service Provider Networking Group at Cisco Systems, where he has worked for over 12 years on Service Provider products and services in multiple roles such as Deployment Engineer, Network Consulting Engineer, Technical Leader and Technical Marketing Engineer focusing on service provider high-end routing platforms. Additional focus areas include MPLS, BGP, QoS and IOS XR. He is a co-author of the Cisco Press book "Cisco IOS XR Fundamentals".
pdfBGP 101(PDF)
9:30am - 11:00amPlaza Ballroom

Tutorial: Whiteboarding 101

The “whiteboard talk” represents one of the key ways that engineers can communicate ideas in a concise and educational way to colleagues. More than a classroom lecture or a slide presentation, a whiteboard talk is a combination of several disciplines including teaching, storytelling, and improvisational acting. In this interactive tutorial, the attendees will learn (through discussion and breakout sessions) how to organize a whiteboard discussion, how to avoid popular pitfalls, and how to make sure that their audience walks away with the knowledge that the attendee wants them to have. These topics include how to narrow down the scope of a topic (both in terms of the topic itself and the level of abstraction), how to build the knowledge model for the talk, how to define terms for different audiences, and how to handle difficult audience members.

View full abstract page.
Speakers:

  • Matthew F. Ringel, Akamai Technologies
  • Matt Ringel is an Enterprise Architect at Akamai Technologies, specializing in full-system performance consulting for websites. Matt’s career spans 15 years, having worked as a network engineer at BBN Planet and Tufts University. He has written papers on Network Operations Theory, Coherent Naming Schemes, and How to Fire a System Administrator, and maintains a blog focusing on how technically-minded people communicate and work with each other. He has also unintentionally written a compiler in Perl. He holds a BS in Computer Science from Columbia, and is currently finishing his Masters in Engineering Management from Tufts.
pdfWhiteboarding 101(PDF)
youtubeWhiteboarding 101
11:00am - 11:30amPeachtree FoyerBreakSponsors:
11:30am - 1:00pm

AugustaARIN Public Policy Consultation Track
Additional information
youtubeARIN Public Policy Consultation Track PART 2
11:30am - 1:00pmPeachtree Ballroom

Tutorial: BGP 102

The tutorial is the second part of a two part tutorial. It discusses how apply the different BGP techniques discussed in BGP 101 to deployment scenarios. It looks at deployment techniques including aggregation, announcing prefixes, and pressure points on the routing system.

View full abstract page.
Speakers:

  • Dawit Birhanu, Cisco Systems
  • Dawit Birhanu is a Technical Marketing Engineer in Service Provider Networking Group at Cisco Systems, where he has worked for over 12 years on Service Provider products and services in multiple roles such as Deployment Engineer, Network Consulting Engineer, Technical Leader and Technical Marketing Engineer focusing on service provider high-end routing platforms. Additional focus areas include MPLS, BGP, QoS and IOS XR. He is a co-author of the Cisco Press book "Cisco IOS XR Fundamentals".
pdfBGP 102(PDF)
youtubeBGP 102
11:30am - 1:00pmPlaza Ballroom

Tutorial: IPv6 Security: Oxymoron or Oxycodone?

There are a lot of myths, misinformation and FUD around IPv6 security. The reality is that there are improvements over IPv4, some problems we still have (just with a different name) and some new problems. Learn which is which and how to tell when someone is just trying to sell you something.

View full abstract page.
Speakers:

  • Paul Ebersman, Infoblox
  • Paul Ebersman works in the Infoblox IPv6 Center of Excellence as a technical resource, both internally and to the internet community. He first worked on the internet for the Air Force in 1984. He was employee number 10 at UUNET and helped build AlterNET and the modem network used by MSN, AOL and Earthlink. He has maintained his roots in the internet and the open source community, working for various internet infrastructure companies including ISC and Nominum before coming to Infoblox.
pdfIPv6 Security: Oxymoron or Oxycodone?(PDF)
youtubeIPv6 Security: Oxymoron or Oxycodone?
1:00pm - 2:30pm Lunch - On your Own
2:30pm - 3:15pm

Peachtree Ballroom

IPv6 Performance Bonus

Data from multiple sources suggests that IPv6 offers better performance over IPv4. Presentation includes the data and methodologies, plus test results investigating the reasons for the performance difference.

View full abstract page.
Speakers:
  • Lee Howard.
pdfIPv6 Performance Bonus(PDF)
youtubeIPv6 Performance Bonus
3:15pm - 4:00pm

Peachtree Ballroom

The Importance of In-Flight Encryption

The big news in recent NSA revelations is not that the government is listening, but rather how vulnerable networks are to eavesdropping. Prior to the revelations, common theory dictated Service Provider services were secure, and higher layer encryption at end nodes guaranteed secure transmission end-to-end. However, after the revelations has come the realization that higher layer end encryption is not sufficient, as multiple points of vulnerabilities exist along the transport path. Service Provider business models were immediately impacted, as the price premium for VPN services began rapidly eroding. The only way to ensure end-to-end secure communication is in-flight encryption, where the WAN itself contains its own unique encryption and key management system. In this presentation, the network vulnerabilities recently discovered will be detailed. In-flight encryption and how it negates these vulnerabilities will be described. Recent advances in transport encryption, including 100Gbit/s line-rate encryption, will be presented. A companion live-demonstration of 100Gbit/s encryption is planned for Beer ‘N Gear.

View full abstract page.
Speakers:

  • Jim Theodoras, ADVA Optical Networking
  • Jim Theodoras is Senior Director of Technical Marketing at ADVA Optical Networking, where he actively promotes the company’s portfolio of Optical+Ethernet transport products and related technologies. He has over 25 years of industry experience in electronics and optics, spanning a wide range of diverse topics. Jim is a past President of the Ethernet Alliance and was optical liaison editor for IEEE Communications Magazine from 2006-2010. He holds 16 patents in the field of telecommunications, and is a frequent contributor to industry publications.
pdfThe Importance of In-Flight Encryption(PDF)
youtubeThe Importance of In-Flight Encryption
4:00pm - 4:30pmPeachtree FoyerBreakSponsors:
4:30pm - 5:00pm

Peachtree Ballroom

Building an IPv6 Address Management System

IP Address Management (IPAM) for access networks has hitherto been an area of relatively little concern for most network operators. Even for large broadband access networks with many thousands of end users, IPAM was seldom a problem, mostly because network administrators could easily choose from a wide variety of time tested methodologies and solutions, ranging from simple approaches such as using local address pools in their broadband routers, to sophisticated software developed either in-house or by external vendors. However, with the advent of IPv6 in access networks, a new set of problems has arisen regarding IPAM. Most of these problems are related to factors such as the different scale of IPv6 compared to IPv4, the unfamiliarity with the new set of specifications and protocols (e.g. DHCPv6 Prefix Delegation, ULA, etc) that have appeared and, in many cases, the incomplete or buggy feature sets of many networking and software solutions. Because of these factors, methods deemed effective in the IPv4 world cannot be translated and applied verbatim to the IPv6 realm, making the task of address management much more daunting than it was before. Our team at the National Technical University of Athens NOC has worked extensively in IPv6 access networks deployment in the last 5 years, being responsible for the design, implementation and deployment of IPv6 enabled broadband access in multiple networks. About a year ago, we were able to implement and deploy a homegrown vendor independent IPv6 assignment software solution geared for the particular needs of the Greek Student Network (EDUDSL), a nationwide broadband access network in Greece, providing affordable access to university students. Because of organizational peculiarities with the way it operates, EDUDSL does not possess its own user database. At the same time however, it operates its own LNS equipment and retains the IP address assignment task. To provide its subscribers with stable persistent IPv6 prefixes, a piece of software was created that is able automatically assign IPv6 prefixes on the fly at the time of first login of each user, simultaneously recycling least recently used prefixes from users that have left the service. The software is integrated with the RADIUS server and is designed to service each request in fractions of a second, in order not to delay the rest of the authorization process. These speed requirements, along with the fact that the software operates without prior knowledge of the user base, have dictated several key implementation choices of our system. The Greek School Network (SCH) is another nationwide broadband access network providing access to units such as schools and relevant administration buildings throughout the country. SCH maintains a directory (LDAP) which, among other purposes, is used by the RADIUS servers to facilitate authentication and authorization of each unit's CPE connecting to an SCH broadband router. Since the SCH has had IPv6 enabled access for more than 10 years, the IPv6 prefixes for each unit had been hitherto assigned by hand, thus the process of maintaining the system required considerable human involvement which is cumbersome and error-prone. For the future needs of SCH, our team is developing a completely automated solution that is able to assign and maintain suitable IPv6 prefixes to all the units in the SCH directory. As units are categorized into organizational categories (e.g. elementary schools, high schools, etc), the software is able to segregate accordingly and handle multiple respective IPv6 prefix pools. Naturally, the software is able to detect and categorize new entries in the directory and assign new prefixes, detect deletion of units and recycle their prefixes on a least recently used basis, keep track of past assignments in an audit log and, most importantly, handle and assign prefixes to multiple CPEs per unit, a complex feature somewhat unique to the SCH, but not unheard of elsewhere. Undeniably, the individual traits of the two cases that were mentioned affected the choices that were made in a profound way. However, we believe that some characteristic choices hold merit in a more general way. For example, a rather characteristic choice is that our system does never store full IPv6 prefixes for each subscriber or unit in its database, but rather opts to assign a persistent positive integer offset for each one. The real and full IPv6 prefix is calculated from that offset and used according to the needs at hand. This seemingly bizarre solution, permits easier storage, sorting and handling of the offsets in a database and at the same time makes the task of carrying out a renumbering trivial, by simply redefining the IPv6 address pools. Another interesting choice is the automatic recycling of least recently used offsets, a feature that aims towards operation with minimal administrative burden. In our presentation, we aim to briefly describe the design and implementation of the aforementioned IPv6 Address assignment systems, so the community can benefit from our experience. We likewise hope that our work can stimulate thought and lead to the evolution of ever more better solutions.

View full abstract page.
Speakers:

  • Athanasios Douitsis, National Technical University of Athens
  • Born in Athens, 1976, Athanasios Douitsis is a Network Engineer with focus on Network Management Software, IPv6 access services, Monitoring, Measurements and Multicast. He graduated from the Department of Electrical and Computer Engineering of the National Technical University of Athens in 2001 and has been working for the NTUA Network Operations Centre since 2000, involved in the development and administration of the NTUA campus infrastructure, the Greek Research Network (GRNET), the Greek School Network and the Greek Student Network.
pdfBuilding an IPv6 Address Management System(PDF)
youtubeBuilding an IPv6 Address Management System
5:00pm - 5:30pm

Peachtree Ballroom

Exposing the Technical and Commercial Factors Underlying Internet Quality of Experience

The Internet is, amongst many things, a transport mechanism for an end-to-end ecosystem of content delivery amongst participating players. Competing interests also must co-operate to deliver acceptable quality. At each interchange between players there is a set of selfish interests and actions which may optimize for one player at the expense of another. Balances are still being sought as the Internet evolves, and these are leading to temporary arbitrage opportunities that may sometimes jeopardize the entire chain. Quality is affected by a chain of factors both technical and economic. The location of a quality impairment introduced in the chain is often poorly understood and difficult to measure, and many commonly assume it can only be the access network. Using aggregated data from six North American networks, this presentation examines how trusted benchmarks from Speedtest, Netflix, and YouTube, which seek to ‘normalize’ experience into simple, objective measures, have accuracy and depth challenges, as well as a tendency to focus subjectively on a single point in the network rather than looking more objectively at the entire data path.

View full abstract page.
Speakers:
  • Don Bowman, Sandvine.
youtubeExposing the Technical and Commercial Factors
pdfTechnical and Commercial Factors Underlying Internet Quality (PDF)
5:30pm - 6:00pmPeachtree BallroomLightning TalkspdfLightning Talks(PDF)
pdfLightning Talks(PDF)
pdfLightning Talks(PDF)
youtubeLightning Talks
6:00pm - 8:00pmAtlanta BallroomBeer 'n GearSponsors:
8:15pm - 10:00pmInternational CPacnet Enabled Networking Drinks
Additional information
Sponsors:
Wednesday, February 12 2014
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:30am - 9:30amPeachtree FoyerPower Breakfast
8:30am - 6:00pmPeachtree FoyerRegistration
9:30am - 10:00am

Peachtree Ballroom

Tradeoffs in Network Complexity

While we're not addressing network complexity "head on," we're always skirting around the topic through various other technical proposals, such as software defined networks, mobility, and network function virtualization. This session will present one possible way of looking at network complexity, specifically as a series of tradeoffs or continuums along which network engineers can choose complexity verses solving specific problems, or even one type of complexity verses another type of complexity. This session will not attempt to define complexity, or even to propose ways to measure the concept, but only provide one framework within which to understand complexity vis-a-vis current ideas in new ways to build and manage networks.

View full abstract page.
Speakers:

  • Russ White, Ericsson
  • Russ White has co-authored 8 technical books (through Pearson), over 30 software patents in the area of network protocols, eleven RFCs, has spoken at network conferences and network operator's groups throughout the world, and is a regular contributor at Packet Pushers. He currently serves on the Routing Area Directorate at the IETF, as a co-chair of the Internet Society's Advisory Council, on the Technical Advisory Council for Capella University, and as a technical advisor for Shepherds Theological Seminary. Russ is a Principal Engineer at Ericsson, working in the space of next generation mobile networks and data centers. He lives in Holly Springs and Oak Island, NC, with his wife and two daughters (who claim they will not be engineers, but only time will tell).
pdfTradeoffs in Network Complexity(PDF)
youtubeTradeoffs in Network Complexity
10:00am - 11:00am

Peachtree Ballroom

Help! My big expensive router is really expensive!

Over the past few years, we've seen the data center switch market explode with commodity chips, open source software, and the concepts of SDN. All we have seen in the routing space has been bigger routers that need more power, cooling, and space on a curve that doesn't match the data center behind it. We seek to explore: A) Why this is the case B) What we can do as network designers and operators to maximize the investment in the platforms we have C) What we can do to ensure we're not investing in a dying platform D) What alternatives do we have to Big Expensive Routers that are really expensive?

View full abstract page.
Panelists:

  • Mark Berly, Arista Networks
  • Mark Berly is a senior systems engineer manager for Arista Networks Eastern region, Canada and WW Service Provider. He is one of Arista’s senior design architects and leads Arista’s extensibility and open source initiatives. Prior to joining Arista Mr. Berly spent over a decade at Cisco Systems. During his time at Cisco he led Cisco’s Data Center solutions cloud architecture group, was the senior product line manager for Cisco’s NX-OS and Nexus 7000 product lines, led the business unit world-wide engineering escalation group focused on Catalyst 6500 and helped start the Cisco IOS SafeHarbor testing initiatives. Mr. Berly is a trusted technical advisor for many fortune 500 companies.
  • Craig Pierantozzi , Microsoft.
  • Richard Steenbergen, GTT
  • Richard Steenbergen currently serves as the Chief Technology Officer of GTT, a global IP/MPLS backbone in over 80 countries. Prior to GTT, Richard was the founder and CTO of nLayer Communications, a Senior Network Engineer for other very large NSPs, and a Senior Software Engineer developing advanced optimized routing technologies. Richard has many years of practical experience operating and managing large networks, and is a frequent contributor in many popular networking community forums. He is also an active developer for several tools and software packages used by the network operator community. Some notable projects include PeeringDB, a portal used by many networks to help coordinate their peering activities, and IRR PowerTools, a software package used by many ISPs to maintain their IRR-based BGP prefix lists.
  • David Temkin, Netflix.
  • Kevin Wollenweber, Cisco High End Routing and Optical Group
  • Kevin is currently Director of Product Management for the High End Routing and Optical group. He has been involved with Cisco's Service Provider Routing portfolio for over 17 years in various aspects of Engineering, Technical Marketing and Product Management. He currently runs the HERO Group Core Routing portfolio, consisting mainly of the CRS and NCS product families. He is currently focused area is next generation product development.
pdfHelp! My big expensive router is really expensive!(PDF)
youtubeHelp! My big expensive router is really expensive!
11:00am - 11:30amPeachtree FoyerBreakSponsors:
11:30am - 12:00pm

Peachtree Ballroom

Understanding IPv6 Internet Background Radiation

We report the results of a study to collect and analyze IPv6 Internet background radiation. This study, the largest of its kind, collects unclaimed traffic on the IPv6 Internet by announcing five large /12 covering prefixes; these cover the majority of allocated IPv6 space on today’s Internet. Our analysis characterizes the nature of this traffic across regions, over time, and by the allocation and routing status of the intended destinations, which we show help to identify the causes of this traffic. We compare results to unclaimed traffic in IPv4, and highlight case studies that explain a large fraction of the data or highlight notable properties. We describe how announced covering prefixes differ from traditional network telescopes, and show how this technique can help both network operators and the research community identify additional potential issues and misconfigurations in this critical Internet transition period.

View full abstract page.
Speakers:
  • Manish Karir, Merit Network.
pdfUnderstanding IPv6 Internet Background Radiation(PDF)
youtubeUnderstanding IPv6 Internet Background Radiation
12:00pm - 12:30pm

Peachtree Ballroom

IPv6 and Path MTU problems in AnyCast networks

The global protocol switch from IPv4 to IPv6 was a momentous occasion, and the culmination of work from around the world to address a rapidly serious problem. But as many technology professionals quickly found out, IPv6 is still in its nascent stages; engineers are learning on-the-go IPv6 works not quite as optimally as the old system, creating communication breakdowns and affecting performance when it matters most. In preparations for IPv6 day, EdgeCast identified it’s own IPv6 difficulties while troubleshooting content delivery problems related to one of its largest customers. During initial troubleshooting, engineers were able to narrow the problem down to clients who were accessing the images through IPv6, and relied upon 6rd Rapid Deployment tunnels to provide their access to v6 internet. Due to the still-dominant usage of IPv4 on the Internet, reaching IPv6 servers often requires encapsulation of IPv6 packets within IPv4, also known as tunneling. As a result, such IPv6 packets can no longer make use of the most common 1500 byte packet sizes, necessitating IPv6 users to pre-negotiate smaller sizes accounting for these tunneling header overheads, or senders of packets which are too large must receive ICMPv6 PMTU indications to dynamically adjust. For CDNs with the complications of load balancing, addressing, and a variety of routing topologies, it may not always be possible for a tunnel broker to send such ICMPv6 packets to the right sender or for the sending server to receive these indications. Subsequently a flow could fail due to timeouts, fruitlessly retransmitting packets that are too large for the tunnel encapsulations. This presentation covers IPv6 Path MTU problems due to the client connection via tunneling mechanisms, while also exploring how EdgeCast detected those problems by using RIPE Atlas probes, detailed packet flow investigation and how mechanisms were implemented to make sure they no longer cause problems. This presentation will answer the following questions: -What tools did we use to monitor our network prior to IPv6 Launch -How was the original problem detected (Examples of detailed packet flow investigation will be explored) -What was the role of load balancing and complex routing techniques in causing PMTU problems? -What are best practices for packet transmission without fragmentation problems?

View full abstract page.
Speakers:

  • Hossein Lotfi, Verizon EdgeCast
  • Hossein Lotfi runs Performance Engineering team at Verizon EdgeCast. he spends most of his time working on ideas to make the CDN faster. Hossein has more than fourteen years of experience in various systems and network engineering roles and has a full-stack-investigation approach when dealing with complex challenges.
pdf IPv6 and Path MTU problems in AnyCast networks(PDF)
youtube IPv6 and Path MTU problems in AnyCast networks
12:30pm - 1:00pm

Peachtree BallroomThe Case Against Jumbo FramesSpeakers:

  • Richard Steenbergen, GTT
  • Richard Steenbergen currently serves as the Chief Technology Officer of GTT, a global IP/MPLS backbone in over 80 countries. Prior to GTT, Richard was the founder and CTO of nLayer Communications, a Senior Network Engineer for other very large NSPs, and a Senior Software Engineer developing advanced optimized routing technologies. Richard has many years of practical experience operating and managing large networks, and is a frequent contributor in many popular networking community forums. He is also an active developer for several tools and software packages used by the network operator community. Some notable projects include PeeringDB, a portal used by many networks to help coordinate their peering activities, and IRR PowerTools, a software package used by many ISPs to maintain their IRR-based BGP prefix lists.
pdfThe Case Against Jumbo Frames(PDF)
youtubeThe Case Against Jumbo Frames
1:00pm - 2:30pmPeachtree FoyerLight Lunch
2:30pm - 3:00pm

Peachtree Ballroom

dnstap: high speed DNS logging without packet capture

The DNS protocol presents interesting logging challenges. Common approaches to DNS logging include instrumentation internal to the DNS server which generates textual log messages ("query logs"), and external passive observation of DNS network traffic ("packet capture"). This presentation will outline some of the strengths and weaknesses of these two approaches and will showcase a hybrid vendor-neutral logging implementation, "dnstap", that can provide at high speed the high quality data needed for DNS monitoring applications such as passive DNS replication and query logging.

View full abstract page.
Speakers:
  • Robert Edmonds, Farsight Security, Inc..
pdfdnstap: high speed DNS logging without packet capture(PDF)
youtubednstap: high speed DNS logging without packet capture
3:00pm - 3:50pmPeachtree BallroomLightning TalkspdfLightning Talks(PDF)
pdfLightning Talks(PDF)
pdfLightning Talks(PDF)
pdfLightning Talks(PDF)
pdfLightning Talks(PDF)
youtubeLightning Talks
3:50pm - 4:00pm

Peachtree BallroomPlenary Wrap Up / Call For Proposals for NANOG 61Speakers:
  • Betty Burke, NANOG Executive Director.
  • Greg Dendy, NANOG Program Committee Chair.
pdfPlenary Wrap Up / Call For Proposals for NANOG 61(PDF)
youtubePlenary Wrap Up / Call For Proposals for NANOG 61
4:00pm - 4:30pmPeachtree FoyerBreakSponsors:
4:30pm - 6:00pmPlaza BallroomPeering TrackModerators:
  • Greg Dendy, Equinix.
  • Dave Temkin, Netflix.
4:30pm - 6:00pmPeachtree Ballroom

Security Track

This meeting will focus on reflected amplified DDoS attacks and ways to monitor and mitigate. It will also showcase some of the community projects in the field. It will also look at another threat that is starting to make the news - BGP hijacks. Is that a real threat, or just another rediscovery of an old issue? The folks from BGPMon.net will have some data to share. Also feel free to bring your data and slides but make sure to contact me before the event.

View full abstract page.
Panelists:

  • Krassimir Tzvetanov, Cisco Systems
  • Krassimir works for the Advanced Services division within Cisco Systems. He focuses on security posture assessments, DDoS mitigation and threat intelligence.
6:15pm - 8:15pmAtlanta BallroomNANOG Ice Reception

 

^ Back to Top