^ Top

NANOG 29 Agenda

All times are in Central Daylight Time

Real Video icon Click the Real Video icon to watch a presentation below. Download Real Player. 

Presentation File Key:

Windows Media video, requires Windows Media Player to view. 

Real Video, requires Real Player to view. 

PDF Document, requires Adobe Acrobat Reader to view/print.


Sunday, October 19 2003
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
1:30pm - 3:00pmSalon F/G

Tutorial: Implementing a Secure Network Infrastructure

This tutorial provides detailed technical information about security technologies that should be considered when securing any networking infrastructure. Technologies to be covered include S/Key, 802.1x, RADIUS, TACACS+, SSH, SSL, L2TP, and IPsec. We will show specific architectures and configuration examples to effectively secure network infrastructures comprising routers, switches, and firewalls. Configuration examples will be vendor-independent and will include much of the most widely deployed equipment. The three 90-minute sessions will cover: <UL> <LI> Security technology details</LI> <LI> Secure infrastructure architectures</LI> <LI> Sample configuration scenarios. </LI> </UL>

View full abstract page.

  • Merike Kaeo, None
  • Merike Kaeo is currently a consultant, focusing primarily on security-related products and network design solutions. She has been in the networking industry for more than 15 years, starting out at the National Institutes of Health in Bethesda, MD, from 1988 to 1993, designing and implementing the original FDDI backbone for the NIH campus using Cisco routers. From 1993 to 2000, Merike was employed by Cisco Systems, Inc., where she worked primarily on technical issues relating to router performance, network routing protocols, network design, and network security. She was a lead member of Cisco\'s security initiative, has acted as a technical advisor for security startup companies, and has been an instructor and speaker at a variety of security-related conferences. Merike is the author of Designing Network Security, published in May 1999 by Cisco Press, with a 2nd edition due out in October 2003.
youtubeImplementing a Secure Network Infrastructure PART 1
youtubeImplementing a Secure Network Infrastructure PART 2
youtubeImplementing a Secure Network Infrastructure PART 3
pdfMerike Kaeo Presentation(PDF)
1:30pm - 3:00pmDenver

Tutorial: Troubleshooting BGP

This tutorial covers common problems ISPs have when deploying BGP within their networks. We look at issues with peer establishment, missing routes, inconsistent route selection, and convergence issues. We also examine real-world examples of common errors that are made when deploying BGP, both as iBGP and eBGP, in service provider networks.

View full abstract page.

  • Philip Smith, Cisco Systems
  • Philip Smith joined Cisco Systems in January 1998. He is a member of the Service Provider Architectures Group of Consulting Engineering, within Corporate Development. His role includes working with many ISPs in the Asia-Pacific region and the rest of the world, specifically in network strategies, design, technology, and operations, as well as helping with network configuration and scaling. Other areas of interest also include Internet routing, Internet protocols, IPv6, and encouraging the growth of the Internet around the world. Prior to joining Cisco, he spent 5 years at PIPEX (now part of UUNET\'s global ISP business), the UK\'s first commercial Internet Service Provider. He was one of the first engineers working in the UK Internet, and played a fundamental role in building the modern Internet in the UK and Europe. Philip is co-author of Cisco ISP Essentials, ISBN 1-58705-041-2, published by Cisco Press. He holds a Doctor of Philosophy and has a First Class Honours Degree in Physics. He lives in Brisbane, Australia.
pdfPhilip Smith Presentation(PDF)
youtubeTroubleshooting BGP
3:00pm - 3:30pm Break
3:30pm - 5:00pmDenver

Tutorial: Deploying IP Anycast

IP Anycast is an older technology that has seen a bit of a resurgence in recent months, perhaps encouraged by its use in providing several of the root servers. In designating certain unicast addresses as \'anycast,\' operators configure these addresses on multiple machines, and configure routes to each host. When traffic is directed to an anycast address, routers select one path from potentially several valid paths to forward traffic (thus, no change from traditional unicast forwarding). One server receives each packet and responds to the requester. In configuring multiple hosts to respond to the same address, stateless protocols such as DNS can be easily scaled. Servers can be located in closer proximity to clients, providing faster responses to queries. In the event of a single host failure, routes can quickly be withdrawn and servers in other locations handle the request traffic, all without any changes to client configurations. Recursive DNS clients built into many of today\'s operating systems deal rather poorly with a failure of their primary recursive server. Of eight operating systems evaluated in a recent survey, seven kept no history of failed servers, trying each DNS query against the first server and waiting for a response before moving to secondary servers. Using anycast, service is maintained even in the face of a single or multiple host failure. This substantially reduces resolution delays due to server failure. DNS will serve as an example of successful anycast use, but the strategies described are also applicable to other stateless protocols.

View full abstract page.

  • Kevin Miller, Carnegie Mellon UniversityKevin Miller i
  • Kevin Miller is a Network Systems Developer at Carnegie Mellon University, where he is responsible for development and maintenance of campus network services. He holds a Bachelor of Science in Computer Science degree from Carnegie Mellon.
pdfKevin Miller Presentation(PDF)
3:30pm - 5:00pmSalon F/GTutorial: Implementing a Secure Network Infrastructure (Part II)Speakers:
  • Merike Kaeo, Merike, Inc..
5:00pm - 7:30pm Dinner
7:30pm - 9:00pmSalon F/GTutorial: Implementing a Secure Network Infrastructure (Part III)Speakers:
  • Merike Kaeo, Merike, Inc..
7:30pm - 9:00pmDenver

Tutorial: MPLS Applications Overview

This tutorial provides an overview of some of the applications enabled by MPLS. The session is a high-level, vendor-independent tutorial targeted at network engineers and service providers who are not familiar with MPLS applications. It is a follow-up to Salt Lake City\'s Introduction to MPLS tutorial, which discussed basic MPLS building blocks and signaling protocols. Our goal is to provide the audience a high-level view of the applications where MPLS is used. Topics covered will include: traffic engineering, protection and restoration, MPLS VPNs, and pseudo-wires.

View full abstract page.
  • Ina Minei, Juniper.
pdfIna Minei Presentation(PDF)
youtubeMPLS Applications Overview
Monday, October 20 2003
Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
8:00am - 9:00am5th floor foyerContinental Breakfast
9:00am - 9:15amSalons A-EWelcome, IntroductionsSpeakers:

  • Susan Harris, Merit Network
  • Susan Harris coordinated NANOG meetings and was Senior Science Writer at Merit Network at the University of Michigan. She has been working in IT for 20 years, mostly in telecommunications and network engineering. Before discovering computers she spent her time reading Babylonian contracts and earning a Ph.D. in ancient Near Eastern History at the University of Michigan.
  • Jordan Lowe, Server Central.
  • Ray Plzak, ARIN
  • Ray Plzak is currently the President and CEO of ARIN. Prior to assuming his current position, Ray, as an Assistant Vice President with SAIC, managed the DoD NIC under a contract with the Defense Information Systems Agency. He is a co-chair of the IETF DNS Operation Working Group and co-author/contributor of several IETF technical papers pertaining to the operation of the Internet. Ray is also a member of the ISOC Advisory Committee and ICANN\'s Root Server System Advisory and DNS Security Advisory Committees.
pdfJordan Lowe Presentation(PDF)
pdfSusan's intro presentation(PDF)
youtubeWelcome, Introductions
9:15am - 9:45amSalons A-E

VeriSign\'s Wildcard Record: Effects and Responses

This discussion highlights VeriSign\'s September 15 addition of a wildcard A record to the .com and .net zones, the user-visible (network- and sysadmin-visible) effects, and some of the responses, particularly the change ISC\'s BIND patches made possible within the DNS.

View full abstract page.
  • Mark Kosters, VeriSign.
  • Matt Larson, VeriSign.
  • Suzanne Woolf, ISC.
pdfMark & Matt's Presentation(PDF)
pdfSuzanne Woolf Presentation(PDF)
youtubeVeriSign's Wildcard Record: Effects and Responses
9:45am - 10:30amSalons A-E

Update on Anomalous DNS Behavior

Abuse of the DNS at the root-server level is well documented by studies of packet traces taken from root servers. For example: <A HREF=\"http://www.caida.org/outreach/presentations/nanog0202/\">http://www.caida.org/outreach/presentations/nanog0202/</A> <A HREF=\"http://www.caida.org/outreach/presentations/2002/nanog0210/\">http://www.caida.org/outreach/presentations/2002/nanog0210/</A> We expect that similar abuse exists for top-level domain servers as well. However, in many cases the causes of such abuses are unknown. Studying packet traces from root servers presents only a part of the picture. We use simulations based on DNS software implementations (BIND8, BIND9, windows*, djpdns) to enhance our understanding of the client-side of DNS transactions. Our lab setup models the typical DNS architecture with root, TLD, SLD, and caching nameservers. We replay a large trace file with different caching software and different network environments. The results advance our understanding of nameserver selection algorithms and the level of DNS traffic injected into the Internet for a given client-side workload.

View full abstract page.

  • Duane Wessels, Measurement Factory/CAIDA
  • Duane Wessels discovered Unix and the Internet as an undergraduate studying physics at Washington State University. After playing System Administrator for a few years, he moved to Boulder, Colorado, to attend graduate school. In late 1994, he joined the Harvest project, where he worked on searching, indexing and caching. From 1996 until 2000, he was co-principle investigator of the NLANR Information Resource Caching project (IRCache). During this time he and others developed and supported the Squid caching proxy. His second book, titled <I>Squid: The Definitive Guide</I>, is soon to be published by O\'Reilly and Associates. Currently, he is co-owner and president of The Measurement Factory, Inc., a company that specializes in evaluating the performance and compliance of HTTP-aware devices.
pdfDuane Wessels Presentation(PDF)
youtubeUpdate on Anomalous DNS Behavior
10:30am - 11:00am Break
11:00am - 11:45amSalons A-E

Panel: Watching Your Router Configurations and Detecting Those Exciting Little Changes

Network catastrophes are as easy as paste-o\'s. Recovery should be as well, and is, if operators have adequate network documentation and monitoring. Whether it be hardware cooked to a golden brown, undesired or malicious configuration help, naughty s/w upgrades, or automation gone biblical, a hardware and software configuration repository and audit trail are essential to timely recovery. We will present tools that make this, plus more, possible.

View full abstract page.

  • Randy Bush, IIJ
  • Randy Bush works as Principal Scientist at Internet Initiative Japan. Previously he spent a bit over a year at AT&T doing research and working on network architecture. He got some operational experience from being on the founding team at Verio, a backbone provider, from which he graduated as VP of Networking after five years. Before that, he was the principal engineer of RAINet, an ISP in Oregon and Washington, which was Verio\'s first acquisition. Randy is currently a member of the IESG, serving as co-chair of the IETF Operations and Management Area, mainly covering the operations area. As PI for the Network Startup Resource Center, an NSF-supported pro bono effort, he has been involved for some years with the deployment and integration of appropriate networking technology in the developing world.
  • John Heasley, Verio.
  • Henry Kilmer, Terrapin Communications
  • You can view Henry Kilmer\'s slides at: <A HREF=\"http://www.shrubbery.net/rancid/NANOG29/\">http://www.shrubbery.net/rancid/NANOG29/</A>
  • Danny McPherson, Arbor Networks.
pdfDanny McPherson Panel Presentation(PDF)
youtubePanel: Watching Your Router Configurations and Detecting Those Exciting Little Changes
11:45am - 12:00pmSalons A-E

Building a Web of Trust

Despite the wide availability of both free and commercial software which allows data to be signed and encrypted using PGP, a convincing web of trust in the larger community of network operators has yet to form: it is frequently possible to find PGP keys for random people that you need to communicate with, but it is still unusual to find a key with a signature trail that allows it to be used with any real confidence. This brief presentation describes how a web of trust between network operators can be useful, and outlines the mechanics of key signing both at the Monday night key signing party, and also in corridors around the meeting using the \"I sign keys\" indicator on attendee badges.

View full abstract page.

  • Joe Abley, ISC
  • Joe Abley works for Internet Software Consortium, a not-for-profit company based in California that produces free reference implementations of Internet standard protocols.
youtubeBuilding a Web of Trust
pdfJoe Abley Presentation(PDF)
12:00pm - 1:30pm Lunch
1:30pm - 2:00pmSalons A-EThe Relationship Between Network Security and SpamSpeakers:

  • Ron da Silva, AOL Time Warner
  • Ron da Silva is the Principal Architect for Network Operations at America Online. He has extensive experience running large IP networks and has had the unique experience of building an international backbone from concept, which since evolved to be a full-scale, tier-one ISP (AS1668). Ron is active in various industry organizations and serves on the Technical Advisory Council for ARIN.

  • Carl Hutzler, AOL Time Warner
  • Carl Hutzler is the Director of Anti-Spam Operations at AOL. He joined America Online as a Project Manager in 1997, and led the re-architecture of the AOL mailbox system. In 2001, Carl took on the additional responsibility of Anti-Spam Operations. His team has implemented technologies that are now responsible for blocking over 80% of the spam that is attempted to AOL customers. Carl also leads the AOL Postmaster team. Prior to joining AOL Technologies, Carl was a network design engineer with Booz, Allen & Hamilton, Inc.
pdfCarl Hutzler Presentation(PDF)
youtubeThe Relationship Between Network Security and Spam
2:00pm - 3:00pmSalons A-E

Panel: Simple Router Security, What Every ISP Router Engineer Should Know and Practice

<STRONG>Who Really Owns Your Routers?</STRONG>, by Rob Thomas The underground continues to abuse and trade compromised routers for a variety of reasons. In this presentation, the history of the ubiquitous compromise of routers will be detailed, along with the present-day picture of how routers are compromised, traded, and abused. The motivations behind this activity will be presented, thus giving the listener a frame of reference for this and many hacking activities. <STRONG>Router Security - Approaches and Techniques You Can Use Today</STRONG>, by Neal Ziring Today\'s routers have substantial features for protecting themselves and the networks they support. This talk will present a simple conceptual framework for router security, and describe several important security techniques and technologies you can use right now. The talk will be non-vendor-specific. <STRONG>Knobs, Levers, Dials and Switches: Now and Then</STRONG>, by George Jones Have you ever encountered a device that had well-known default passwords, did not do any logging, was open for use as a smurf amplifier, and had 25 open ports out of the box, including an HTTP management interface using in-the-clear password authentication ? Then this talk is for you. We will present a very brief overview of a list of generic features that are needed to be able to deploy a device securely as part of an operational network. It is drawn from the IETF draft draft-jones-opsec-01.txt, \"Operational Security Requirements for IP Network Infrastructure.\" Areas covered will include Device Management, In-Band Management and OOB Management, User Interface, IP Stack, Rate Limiting, Basic Filtering Capabilities, Packet Filtering Criteria, Packet Filtering Counters, Event Logging, AAA, and Layer 2 issues. The \"Now\" portion covers \"Best Current Practices.\" The \"Then\" portion covers security features that are not current, but should be. Come prepared to share your own wish lists and war stories.

View full abstract page.

  • Randy Bush, Randy Bush
  • Randy Bush works as Principal Scientist at Internet Initiative Japan. Previously he spent a bit over a year at AT&T doing research and working on network architecture. He got some operational experience from being on the founding team at Verio, a backbone provider, from which he graduated as VP of Networking after five years. Before that, he was the principal engineer of RAINet, an ISP in Oregon and Washington, which was Verio\'s first acquisition. Randy is currently a member of the IESG, serving as co-chair of the IETF Operations and Management Area, mainly covering the operations area. As PI for the Network Startup Resource Center, an NSF-supported pro bono effort, he has been involved for some years with the deployment and integration of appropriate networking technology in the developing world.

  • George Jones, MITRE
  • George Jones is a Lead Information Systems Engineer for the MITRE corporation. Previous positions included work as a senior network security engineer for UUNET, where he was responsible for securing datacenter and routing infrastructure; Bank One, where he was a member of the Information Security team and helped establish the internal CERT TEAM; and Compuserve Network Services, where he was a network security engineer. George is the author of the Router Audit Tool (RAT) and Benchmark for Cisco IOS, a free tool and configuration guide published by the Center for Internet Security. He holds a B.S. in Computer and Information Science from The Ohio State University. George is currently editing an IETF draft, draft-jones-opsec-01.txt, on operational security requirements for IP network infrastructure devices.

  • Rob Thomas, Cisco/Team Cymru
  • Rob Thomas is a researcher at Cisco Systems, as well as the lead researcher for Team Cymru. Rob studies a wide variety of network security issues, including malware analysis, DDoS, and trends. Rob is a Liaison Member of FIRST and an ISC Fellow. Prior to working for Cisco Rob worked as a network architect, an engineer, and is a recovering UNIX kernel developer.

  • Neal Ziring, NSA
  • Neal Ziring is a Defense Intelligence Senior Level computer scientist with the NSA. He joined NSA in 1989, and has spent his time there mostly in security evaluations. Since 1996, he has worked in network and protocol security, and is editor of NSA\'s Router Security Configuration Guide. Prior to joining NSA, Neal worked on software tools at AT&T Bell Labs. He has an MS in Computer Science and a BS in Electrical Engineering, both from Washington University in St. Louis.
pdfGeorge Jones Presentation(PDF)
pdfNeal Ziring Presentation(PDF)
youtubeSimple Router Security, What Every ISP Router Engineer
3:00pm - 3:30pmSalons A-E

AOL Backbone OSPF-ISIS Migration

This talk describes the AOL backbone network conversion from a multi-area OSPF IGP to IS-IS. Topics covered include reasoning for the migration, implementation, verification, and deployment of IS-IS in a live network with no visible impact to the service.

View full abstract page.
  • Vijay Gill, AOL Time Warner.
  • Jon Mitchell, AOL Time Warner.
youtubeAOL Backbone OSPF-ISIS Migration
pdfVijay Gill Presentation(PDF)
3:30pm - 4:00pm Break
4:00pm - 4:45pmSalons A-E

Research Forum: Passive Internet Health Monitoring With BGP

BGP enables interdomain routing, but it can also serve as an indicator of Internet health. Just as blood pressure and pulse rate are indicators of biological distress, metrics derived from BGP observation can be used as Internet \"vital signs.\" Since BGP traffic is erratic and prone to localized bursts of activity, BGP from multiple sources (geographically and topologically dispersed) is required to make intelligent inferences. We have developed metrics for measuring routing stability, flapping, reachability, and backbone churn. The global instability index (GII), for instance, is a single indicator fused from multiple sources that strongly indicates global Internet distress while damping localized instability. We will present measurements made during the Slammer worm and during the instability in the wake of the July 2003 IOS patch frenzy.

View full abstract page.

  • Dennis McGrath, Dartmouth
  • Dennis McGrath is a senior research engineer at the Institute for Security Technology Studies (ISTS) and the Thayer School of Engineering at Dartmouth College. His research interests include interdomain routing measurement, Internet health data correlation, and real-time simulation of cyber attacks. He earned his B.S. and M.A. degrees from Rutgers University.
pdfDennis McGrath Presentation(PDF)
youtubeResearch Forum: Passive Internet Health Monitoring With BGP
4:45pm - 5:00pmSalons A-E

The Blaster Worm: The View From 10,000 Feet

A globally unused /8 network was monitored using a packet capture and analysis system to measure the introduction and spread of the Blaster worm. This worm was able to quickly affect over 250,000 systems in the one week period following its August 11, 2003, introduction onto the Internet. Our data shows the breadth of the affected systems as well as the rate of the worm\'s spread. Overall, the global Internet community was able to respond and contain the worm\'s spread. Despite this reaction, several thousand Blaster hosts remain on the Internet.

View full abstract page.

  • Jose Nazario, Arbor Networks
  • Jose Nazario earned a Ph.D. in Biochemistry from Case Western Reserve University in 2002, where he also applied these analysis techniques to the spread of Internet worms. Nazario is a security analyst and software engineer for Arbor Networks in Ann Arbor, MI. He has recently finished a book on worm history, detection techniques, and defense measures to be released in late 2003 through Artech House publishing.
pdfJose Nazario Presentation(PDF)
youtubeThe Blaster Worm: The View From 10,000 Feet
5:00pm - 7:00pmSalon I, 7th FloorBeer n Gear
  • Sponsors Alcatel; Adlex; Arbor Networks; Cisco Systems; Juniper Networks; Packet Design; PAIX; Procket Networks; Redback Networks; Riverhead Networks.
  • Sponsors
  • 7:30pm - 9:00pmSalon F

    ISP Security and NSP-SEC BOF IV

    Security incidents are a daily event for Internet Service Providers. Attacks on an ISP\'s customers, attacks from an ISP\'s customer, worms, BOTNETs, and attacks on the ISP\'s infrastructure are now one of many \"security\" NOC tickets through out the day. This increase in the volume and intensity of attacks has forced ISP\'s to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation. Hence, these ISP Security BOFs are also used as a face-to-face sync up meeting for the NSP-SEC forum (see <A HREF=\"https://puck.nether.net/mailman/listinfo/nsp-security\" TARGET=\"_BLANK\">https://puck.nether.net/mailman/listinfo/nsp-security</A>). <BR><BR> The general theme for this BOF is the \"Worms of August.\" We will select a set of ISP Security Engineers to present a 5-to-10-minute description of their networks, anti-worm security tools, policies, how they mitigated the worms, and what they are doing to prepare for the next worm.

    View full abstract page.
    • Barry Raveendran Greene, Cisco Systems.
    • Merike Kaeo, None.
    pdfBarry Raveendran Greene Presentation(PDF)
    pdfSean's Presentation(PDF)
    pdfTeam Cymru's Presentation(PDF)
    9:00pm - 9:30pmSalon FPGP Key Signing PartySpeakers:
    • Joe Abley, ISC.
    Tuesday, October 21 2003
    Time/Webcast:Room:Topic/Abstract:Presenter/Sponsor:Presentation Files:
    8:00am - 9:00am5th floor foyerContinental Breakfast
    9:00am - 9:30amSalons A-E

    Fast IP Convergence

    This presentation reviews protocol and implementation optimizations, as well as design and deployment guidelines, which should be considered for sub-second ISIS convergence in an ISP backbone. We will share the details of our test methodology and results.

    View full abstract page.
    • Clarence Filsfils, Cisco Systems.
    pdfClarence Filsfils Presentatiojn(PDF)
    youtubeFast IP Convergence
    9:30am - 10:00amSalons A-E

    A Systematic Approach to BGP Configuration Checking

    Several recent studies have indicated that human configuration error is a leading cause of network downtime. Network operators need better verification techniques to ensure that routers are configured correctly. Distributed dependencies in wide-area routing cause small configuration mistakes or oversights to spur complex errors, which sometimes have devastating effects on global connectivity. These errors are often difficult to debug because they are sometimes only exposed by a specific message arrival pattern or failure scenario. <BR><BR> The state-of-the art for router configuration checking typically consists of logging changes to the configuration and rolling back to a previous version in the event that a problem should arise. This approach is inadequate because (1) it assumes that the previous configuration was correct in the first place and (2) it relies on the coincidence of configuration change and the appearance of an anomaly, rather than a systematic cause-and-effect analysis. In an effort to develop more systematic techniques for validating BGP configuration, we propose a systematic approach to configuration checking that is based on verifying conformance to the following set of high-level properties: <UL> <LI> Validity: Are bogus paths being advertised? <BR><BR></LI> <LI> Visibility: Is BGP advertising every path that it should be? <BR><BR></LI> <LI> Safety: Will BGP converge to a unique, stable answer? <BR><BR></LI> <LI> Determinism: Do the best routes that BGP selects depend on the order in which routing messages arrive? <BR><BR></LI> <LI> Information-flow control: Is BGP leaking \"private\" information to other ASes? <BR><BR></LI> </UL> For each property, we determine the aspects of configuration that affect these high-level properties, and define rules that can be checked against router configuration using static analysis techniques. <BR><BR> We present a tool that network operators can use to test BGP configuration for some common, elusive, and catastrophic errors. The tool checks configuration on an AS-wide level against a set of rules. These rules statically analyze the router configuration files and verify that specific constraints are satisfied. While the rules that the tool tests are by no means exhaustive, we have designed our tool in a way that allows for easy extensibility. We hope that the NANOG community will apply the tool to their own configuration files and suggest new rules and features that should be incorporated. <BR><BR> While static analysis can catch many configuration errors, simulation and emulation are typically necessary to determine the precise scenarios that could expose runtime errors. Based on these observations, we propose the design of a BGP verification tool that uses a combination of static and dynamic analysis, present examples where it could be applied in practice, and describe future research challenges.

    View full abstract page.
    • Hari Balakrishnan, MIT.
    • Nick Feamster, MIT
    • Nick Feamster is a graduate student in the Networks and Mobile Systems group at the MIT\'s Computer Science and Artificial Intelligence Laboratory (formerly LCS) under the supervision of Professor Hari Balakrishnan. He is interested in wide-area networking, network measurement, and security. His current research focuses on verification techniques for BGP and interdomain traffic engineering. He is an NSF Graduate Research Fellow and the recipient of the Best Student Paper awards at the USENIX Security Symposium in 2001 and 2002. Nick received his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively.
    youtubeA Systematic Approach to BGP Configuration Checking
    pdfNick Feamster Presentation(PDF)
    10:00am - 10:30amSalons A-E

    BGP: Good MEDs Gone Bad!

    This presentation provides an overview of the BGP MED attribute: <UL> <LI> What are MEDs?</LI> <LI> Potatoes (cold, hot, mashed)</LI> <LI> Deriving MED values</LI> <LI> Why MEDs break with aggregation</LI> <LI> MEDs from different ASes <UL> <LI> Different policies</LI> <LI> Different IGPs</LI> <LI> Implementation caveats <UL> <LI> No MED v. MED 0</LI> <LI> MEDs with confeds</LI> <LI> To advertise or not to advertise (BGP spec adv. rules) </LI></UL> </LI></UL> </LI> <LI> MEDs and persistent route oscillation (RFC 3345)</LI> <LI> The effect of MEDs on BGP updates <UL> <LI> IGP link flap = MED churn, domino effect</LI> </UL> </LI> <LI> Effects of attributes on BGP update packing and convergence </LI> </UL>

    View full abstract page.
    • Danny McPherson, Arbor Networks.
    youtubeBGP: Good MEDs Gone Bad!
    pdfDanny McPherson Presentation(PDF)
    10:30am - 11:00am Break
    11:00am - 11:30amSalons A-E

    GBIC Interface Standards Support in the Telecommunications Industry

    There has been quite a disturbing development in the telecommunications industry during the past few months. More and more vendors seem to be abandoning the use of standard gigabit interface converters (GBICs). The GBIC interface standards were developed to allow mass production, greater quality control, and lower cost interfaces for a wide range of multi-vendor telecommunications equipment. The success of the existing GBIC deployment indicates this has worked very well to date. Basically, all of the mainstream network equipment vendors don\'t even make their own GBICs. They simply re-market a standard GBIC produced by one of the handful of GBIC manufacturers. Mixing and matching of these standardized GBICs between multi-vendor equipment is prevalent in the industry today. However, the new smaller form factor SFP GBICs have introduced a new \"Vendor ID\" field on the EPROM. Some mainstream equipment vendors are now starting to use this field to ensure that only the GBICs they re-sell are used in their network equipment. If another GBIC is used, the GBIC port will be disabled even though the GBIC you insert is identical (from the same OEM and production run) as the GBIC that is being re-marketed by the equipment vendor. This has potentially huge cost and support issues for our industry. This is especially true if equipment vendors decide not to grandfather the unrestricted use of the older existing GBICs -- which at least one vendor is planning. This talk presents a brief history and summarizes the current state of GBICs, and the GBIC standard, in the industry.

    View full abstract page.

    • Dave Wodelet, Shaw Communications
    • Dave Wodelet is the Chief Network Architect for Shaw Communications. He is responsible for IP backbone architecture and deployment throughout Canada, the United States and Europe.
    pdfDave Wodelet Presentation(PDF)
    youtubeGBIC Interface Standards Support in the Telecommunications Industry
    11:30am - 11:40amSalons A-E

    Route Views Update

    For presentation slides, see: <BR><BR> <A HREF=\"http://www.routeviews.org/talks/NANOG29/\">http://www.routeviews.org/talks/NANOG29/</A>

    View full abstract page.
    • John Heasley, None.
    youtubeRoute Views Update
    12:00pm - 1:30pm Lunch
    1:30pm - 2:00pmSalons A-E

    Overview of the Global IPv6 Routing Table

    This talk describes the dimensions of the global IPv6 routing table.

    View full abstract page.
    • Gert Doering, SpaceNet AG, Munich, author.
    • Cathy Wittbrodt, presenter
    • Cathy Wittbrodt is currently on the ARIN Advisory Council and acts as a consultant. She was previously at Packet Design, where she was responsible for operational aspects of Internet scaling projects. During her four years at @Home Network she was responsible for routing and IP addressing. Cathy began her career at Merit, where she worked on the NSFNET Backbone. Also while at Merit she built CICNet, a network that connected the Big 10 Universities. Following Merit, Cathy designed and implemented OSI/CLNP support for the Energy Sciences Network. Although OSI/CLNP was never widely deployed, the experience has given greater insight into addressing and scaling issues. Cathy also spent three years in the engineering group of the Bay Area Regional Research Network, BARRNet.
    pdfGert Doering Presentation(PDF)
    youtubeOverview of the Global IPv6 Routing Table
    2:00pm - 2:30pmSalons A-EIt\'s a SurpriseSpeakers:
    • Steve Bellovin, AT&T Research.
    • Bill Fenner, AT&T Research.
    • Russ Housley, Vigil Security.
    • Jose Nazario, Arbor Networks.
    • Rob Thomas, Cisco/Team Cymru.
    pdfBill Fenner Presentation(PDF)
    youtubeIt's a Surprise
    2:30pm - 2:00pmSalons A-E

    Scaling Network Management Tools

    UNINETT, a distributed academic research network in Norway, has created its own set of network management tools. We are focusing on automated statistics-gathering and presentation for proactive problem solution and customer information. <BR><BR> Our tools\' most unique features are listed below, with toolnames in parentheses: <UL> <LI> Autozooming geographic network map and info system (possibly the first and only). </LI> <LI> Animation on map of any measured parameter, such as link and CPU load, packet loss and delay, or network flow parameters (Nemo) </LI> <LI> Automated, scaled, link statistics gathering (zino) </LI> <LI> Network status monitoring tool with precise link failure statistics (zino) </LI> <LI> Aggregation with Web-based trend graphs and sorted tables for all statistics </LI> <LI> Round trip measurements for IPv4/IPv6 with statistical parameters (mping) </LI> <LI> Netflow collection (flow-tools), aggregation and presentation </LI> <LI> Passive monitoring data collection system (Scampi) </LI> <LI> Campus network management system with automated topology discovery and statistics, shadow suppression alarms, load map, and mac-address tracing (Nav) </LI> </UL>

    View full abstract page.

    • Olav Kvittem, UNINETT
    • Olav Kvittem is Director of Experimental Networks at UNINETT, the Norwegian Research Network. He has been active in academic networking since 1987, and his main fields of interest are network management, traffic measurement, mobility, and QoS.
    pdfOlav Kvittem Presentation(PDF)
    youtubeScaling Network Management Tools
    3:00pm - 3:15pm Break
    3:15pm - 3:35pmSalons A-E

    Student Desktop TV: Safe and Secure Video Over IP

    Even without CATV wiring in their dorm rooms, Northwestern University students can watch 23 television channels on their computers in their dorm rooms. Northwestern University Information Technology and NU Student Affairs use technology developed by Video Furnace LLC to provide NUTV to students. Several issues had to be addressed during the development of this service. The data network had to be configured to allow a fixed number of users to connect to the service. Content providers had to understand this distribution mechanism so that they could pay their licensing fees to the content owners. Attention had to be paid to the number of MPEG2 software decoders in use by the service so that those fees could be paid appropriately. A mechanism insuring legal clients were viewing the material had to be developed. And then there was the question of recording... A follow-on service with CSPAN and CSPAN2, in which the license to redistribute comes from the content owner itself, had its own unique challenges. NUIT will demonstrate how NUTV works, how these copyright issues were dealt with, and the futures for this now one-year old service.

    View full abstract page.

    • Tim Ward, Northwestern University
    • Tim Ward is Associate Director of Telecommunications and Network Services, part of Information Technology at Northwestern Universtiy. He manages staff that provide and maintain the operational integrity of the voice, video, data and radio frequency infrastructures and services at Northwestern. Tim has been working in information technology for 11 years, and for seven years in telecommunications and network engineering. A long-time advocate of IP multicast for video delivery, he has been a member of the Internet2 Multicast Working Group since its inception.
    youtubeStudent Desktop TV: Safe and Secure Video Over IP
    pdfTim Ward Presentation(PDF)
    3:35pm - 4:05pmSalons A-E

    Stress Testing to Validate Router Readiness for Deployment

    Router testing has focused on isolated performance of control plane protocols and data plane forwarding. This is not always adequate to validate a router for network deployment, as routers in an operational network are simultaneously configured with multiple protocols and security policies while forwarding traffic and being managed. To accurately benchmark a router for deployment it is necessary to test the router in operational conditions by simultaneously configuring network protocols and security policies, sourcing traffic, and managing the router. Operational network conditions may be accelerated to benchmark the router under stress, enabling service providers to truly evaluate readiness for deployment. This presentation will discuss the benefits of router stress testing, stress testing model and framework, and current effort to standardize router stress testing in the IETF\'s Benchmarking Methodology Working Group.

    View full abstract page.

    • Scott Poretsky, Quarry
    • Scott Poretsky is currently Software Quality Assurance Manager at Quarry Technologies. Prior to that, he spent six years at Avici Systems as Manager of Product Verification. Scott also held network engineering positions with General DataComm and Raytheon Company. He has been an active contributor for router benchmarking standardization with the IETF\'s Benchmarking Methodology Working Group, where he has authored numerous Internet-Drafts. Scott has three IEEE published papers and a patent for ATM networking. He earned an MSEE from the Worcester Polytechnic Institute and a BSEE from the University of Vermont.

    • Shankar Rao, Qwest
    • Shankar Rao is a member of the Technology Management group at Qwest, where he is engaged in design and development of the core IP network infrastructure as well as new product engineering. He served in an operational role at Sprint for three years prior to joining Qwest in 1998. Shankar has a MS degree in Computer Science from the George Mason University, and a BS degree from the University of Mysore, India.
    pdfShankar Rao Presentation(PDF)
    youtubeStress Testing to Validate Router Readiness for Deployment
    4:05pm - 4:15pmSalons A-EClosing RemarksSpeakers:
    • Susan Harris, Merit Network.
    youtubeClosing Remarks
    pptSusan's final presentation(PPT)


    ^ Back to Top