Sunday, June 3, 2007
Topic/Presenter |
---|
Full AbstractWelcome & Introduction to NANOG , Steve Feldman, PC Chair MERIT Report, Betty Burke, Nanog Project Chair at MERIT NANOG History, William B. Norton, Equinix Speakers |
Full AbstractSecurity incidents are a daily event for Internet Service Providers. Attacks on an ISP's customers, attacks from an ISP's customer, worms, BOTNETs, and attacks on the ISP's infrastructure are now one of many"security" NOC tickets throughout the day. This increase in the volume and intensity of attacks has forced ISP's to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation. Hence, these ISP Security BOFs are also used as a face-to-face sync up meeting for the NSP-SEC forum.
Speakers Danny McPherson, Arbor Networks |
Full AbstractThe tutorial introduces service providers to some more advanced BGP features and techniques to aid with operating their networks within the Internet. After a recap of iBGP, eBGP and common attributes, the tutorial will look at the various scaling techniques available, when to use BGP instead of an IGP, and examine policy options available through the use of local preference, MED and communities. The tutorial then looks at deployment techniques, including aggregation, announcing and receiving prefixes, pressure points on the routing system, and some of the newer features available. Speakers |
Monday, June 4, 2007
Topic/Presenter |
---|
Full AbstractSpeakers |
Full AbstractULA-C has been an active discussion on the RIR lists as well as leaking into the NANOG fora. There is both policy and operational impact of ULAs, and, as usual, there is a tension between the two.
Speakers |
Full AbstractArbor Networks |
RecordingsFull AbstractSpeakers |
Full AbstractIn previous research we documented three significant disruptions to the U.S. Peering Ecosystem as the Cable Companies, Large Scale Network Savvy Content Companies, and Tier 2 ISPs started peering openly. By peering content directly with eyeballs, they effectively bypassed the Tier 1 ISPs resulting in improved performance, greater control over the end-user experience, and overall lower operating costs. This paper predicts a new wave of disruption that potentially dwarfs this previous redirection of Internet traffic. Short video clip web sites, full length motion pictures, and television shows are now available via streaming to on-line devices and via downloading to iPods. More sites are coming on-line High quality movies from independent producers are being distributed via peer-to-peer methods. We observe these flash crowd effects and the larger movie file sizes as the crest of the first wave of significant incremental load on the Internet. The majority of this paper details four models for Internet Video Distribution (Transit, Content Delivery Networks, Transit/Peering/DIY CDN, Peer2Peer) across three load models. The cost models include network and server equipment along with pricing models for various distribution methods. Over one hundred walkthroughs of this paper have led to stepwise refinements of the models and insights into why one would prefer or not prefer one model over the other. The summary of the paper is a comparison of these video distribution techniques in terms of $-per-video units from the Video Service Provider perspective. We highlight cascading obstacles preventing large scale delivery of video traffic using commodity transit in a single location. The CDN solution and the multi-site Transit with Peering solution bypass some of these obstacles, while the peer-2-peer solution, while controversial, yields (by far) the lowest cost solution from the video service provider perspective. Speakers |
RecordingsFull AbstractA debate over the merits of 40G vs 100G technology. Still assembling panelists, but would expect to see some major vendor and customer proponents on both sides, as well as some "neutral" third parties to discuss the difficulties at the optical and ASIC layers. Speakers Panelist - Igor Gashinsky, Yahoo! Panelist - Greg Hankins, Force10 Networks Panelist - Lane Patterson, Equinix. |
RecordingsFull AbstractAs the number of the DNS servers or server farms an ISP operates increases, it has become difficult to detect DNS anomalies among the servers and resolve the problem as soon as possible, thus bringing the needs of a centralized monitoring system. For the purpose, we developed an anomaly analysis system to deploy it on individual DNS server farm of KT, and a centralized anomaly detection system to gather the analyzed results and generate the information to identify DNS anomalies. The anomaly analysis system monitors its associated DNS server farm 24 hours a day, 365 days of a year by capturing all DNS packets and inspecting their contents, while the centralized system detects whether there is any anomaly found with the data provided by the individual anomaly analysis systems. The parameters we collected for the analysis include distribution of query types, the ratio of resolved queries, and so on. Speakers |
Full AbstractWe present a new methodology to detect and localize events that affect interdomain routing. While it is still based on the analysis of BGP updates collected at different monitoring points like other previous works, every other aspect of the method is part of our contribution. First, measuring both long and short term interdomain routing behavior, we point out key features in interdomain routing stability and reachability. Then, we derive empirical criteria from these characteristics to analyze each and every update (not only bursts) as they come along. Our method is therefore free from any kind of arbitrary thresholds. What is more, the method has been designed to throw an alarm as early as possible, once an event has been detected with a succinct accuracy. We test our method, analyzing a month of updates collected by sixteen routers in various ASs. Validation, which is somewhat tricky in interdomain root cause analysis is realized upon outage tickets from a Tier1 AS. Speakers |
|
Full AbstractIn recent years various non-commercial tools have been developed to collected and analyze BGP data. When combined with BGP data collected by individual ISPs as well as by public archives such as RouteViews and RIPE RIS, these tools can potentially provide invaluable insight into the operations of inter-domain routing. The fifth BGP Analysis Tools BOF builds on the potential of these tools by fostering a closer interaction between non-commercial tool developers and the potential users represented by NANOG attendees. Speakers |
RecordingsFull AbstractIn today's networks there are an increasing number of new protocols and changes to existing protocol changes occurring on an almost daily basis. One of the tried and tested methods of diagnosing problems by networking professionals is using a 'network analyzer' or sniffer. However, with the velocity of protocol changes the protocol analyser may not have been updated to decode the new formats. This problem is even more common in our test and validation labs. This presentation will give a overview of how Wireshark works from a user perspective. From the developer perspective, layout of the code, commonly used functions, and a walk through of extending Wireshark to support MVPN (multicast VPN) decoding of BGP. Wireshark is free and licensed under GPL. Speakers |
Full AbstractA discussion about BGP community systems for Service Providers. Covers the design and implementation considerations of many powerful features, and provides examples for Cisco and Juniper implementations. Speakers |
Tuesday, June 5, 2007
Topic/Presenter |
---|
Full AbstractWelcome - 10 minutes - Bill Norton - Agenda Bashing and Observations Anonymous Survey and Discussion - 5 minutes - Bill Norton - On behalf of an anonymous community member who is employer mute would like to know 1) Who is using graceful restart on their BGP peering sessions? 2) Why graceful restart is a good idea? 3) Why graceful restart is a bad idea? PeeringDB.com Presentation - 10 minutes - Terry Rodery (BitGravity) - an update on the function and enhancement of this community contact information database. UnderHanded Peering Techniques - 10 minutes - Jim Deleskie (VSNL) - some updates to the Art of Peering white paper detailing some of the more unusual tactics seen in the field. Peering in Seattle Presentation- 10 minutes - Patrick Gilmore (Akamai) - Since we are all near Seattle, a major peering location in the U.S., Patrick will review the peering landscape in Seattle. Specifically - Why peer in Seattle? Where do folks peer in Seattle? What is different about peering in Seattle? What ASes are uniquely available here? Any gotchas. lessons learned? Peering BOF HotSeat Topic - Transit Survey(s) - 10 Minutes - Joe Provo - Here we to perform another survey that will hopefully mitigate the privacy concerns while still providing interesting useful data. Additional topics as they come up at NANOG. Send email to bill.norton at gmail.com if you want to volunteer to facilitate a short peering discussion. Peering Spotlight - remainder of the time - ALL - for Peering Coordinators that are just starting peering with their AS in the US we have a few minutes for them to introduce themselves to the group. This will provide a chance for them to be approached by active peers in the room as we break. ------------------------------------------------- Still TBD... Here are the ideas without someone to volunteer to step up and lead the discussion. Add your name if you would volunteer.... ------------------------------------------------- Is peering with the eyeball networks becoming more difficult with all the mergers. SBC used to be selective, now with BellSouth and AT&T, present more eyeballs and presumably is more restrictive. Likewise with Adelphia, Time Warner/Roadrunner merging and Verizon/MCI/UUNet, are we seeing a tightening of peering with eyeball networks? (Need a discussion leader here) Peering Capacity Upgrade - The Peering Community often upgrades peering capacity when utilization reaches 60%/75%/80%...but what do folks find is the right number? When should folks upgrade from 1G to 10G public peering or 1G to n*1G private peering? (from boggits-8468) Pros and Cons of hot potato routing for video traffic (i.e. relying on the quality your own vs. your peers network) (from Remco-16243) VOIP Peering Requests - while voip is still in its infancy it continues to be a growth area and companies make money from it. This sub topic will explore the practical side of peering voice traffic. (from ren-8172) Multicast Peering - as bandwidth for video becomes a constraint, is it time for multicast to be considered as an efficient inter-as distribution? (from Niels) Jumbo frames - should we explore big mtu VLANs for peering this traffic? (from Niels) -- YES! Small MTU's are a waste! (Martin) Do shared Route Servers make sense anymore? (from Niels) A random walk through IRC Peering Topics and Discussions - what are the peering coordinators discussing these days? Peering Debate - a staple of the Peering BOF, this section identifies an interesting topic for which there are two diametrically opposing views. Two debaters are recruited to present the strongest case on each side and the audience votes on which side presented the most compelling case. Then we discuss points that didn't come up or were not made strongly enough. How about peering point support for carriers that have 10G, and potentially 40G, undersea cable backbones arriving in the US at the Pacific or Atlantic coasts. (Martin) Speakers |
Full AbstractSteering Committee Report, Randy Bush, Acting SC Chair Program Committee Report, Steve Feldman, PC Chair Mailing List Committee Report, Aleksandr Pilosov, Acting MLC Chair MERIT Administrative Report, Betty Burke, Nanog Project Chair at MERIT Speakers |
Full AbstractSpeakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractsFlow is a relatively new but more and more popular standard to capture traffic data in switched or routed networks. It uses a sampling technology to collect statistics from the device and is for that reason applicable to gigabit speeds or higher. AMS-IX implemented a traffic flow visualization service for it's members based on sFlow data. Due to the high and constantly increasing throughput on the AMS-IX platform the implementation was focused on performance as well as on scalability. This talk describes the implementation of the tools, visualization to the members and the benefits for traffic engineering within the exchange gained from sFlow data. Speakers |
RecordingsFull AbstractThe Internet network is composed of tens of thousands Autonomous Systems (AS) networks. Each AS establishes links with other AS to learn routes toward any destination in the whole Internet. Border Gateway Protocol (BGP) is responsible for the propagation of reachability informations (routes to address ranges) originated by all AS in the Internet. Routing policies of ASs and the AS-level network topology are unknown, but they shape the possible BGP paths learned and used by routers and though end-to-end flows of IP packets in the network. The position of an AS in the Internet hierarchy determines its reachability profile to the hundreds of thousands destinations in the Network. We study here a new algorithm to compute an AS ranking that evaluates the average transit operated by an AS in BGP routing. This ranking can be used for decision support in (re-)negotiation of business agreements between AS. Speakers |
RecordingsFull AbstractToday, the complexity of ISPs' networks make it difficult to investigate the implications of internal or external changes on the distribution of the traffic across their network. In this talk, we present an open-source routing solver, called C-BGP, that eases the investigation of changes in the routing or the topology of large networks. We illustrate how to build a model of a real transit network. Then, we use the model to evaluate two different "what-if" scenarios. The first scenario studies the impact of changes in the Internet connectivity of the transit network (peering placement). The second investigates the impact of failures in its internal topology on the traffic distribution. Speakers |
RecordingsFull AbstractWe present path splicing, a new routing primitive that allows network paths to be constructed from multiple independent routing processes that run over a single network topology. Path splicing computes multiple independent routing trees by randomly perturbing link weights and, using network virtualization, runs multiple routing protocols in parallel slices, which collectively insert entries into a shared forwarding table. Using a small number of additional bits in packet headers, end systems can then redirect traffic between forwarding tables at any hop in the network. By allowing paths to be ``spliced'' by assembling segments from each of these trees, path splicing achieves exponential improvements in path diversity with only a linear increase in state and message complexity. Our evaluation of path splicing on several realistic ISP topologies demonstrates a dramatic increase in reliability that approaches the best possible using only a small number of slices and for only a small increase in latency. We also describe the implementation and deployment of path splicing on the VINI testbed. Speakers Murtaza Motiwala, Georgia Tech University. |
RecordingsFull AbstractSpeakers |
Wednesday, June 6, 2007
Topic/Presenter |
---|
Full AbstractArbor Networks |
Full AbstractIn IPTV networks it is important to be able to make efficient and reliable multicast deliver. Different functionalities exist for being able to deliver multicast traffic through networks, MPLS P2MP is one such option where MPLS FRR can be used to protect multicast traffic from network failures, another solution is a functionality we call PIM Dual Join multicast streams. This presentation will go into discussions on these 2 functionalities and try and highlight benefits of each solution and also provide some test numbers for multicast traffic recovery in different failure scenarios. Speakers |
Full AbstractBGP prefix hijacks are a known operational problem in the Internet. In this talk we propose BGP Origins; a system that uses both public data (derived from sources such as RouteViews) to suggest stable prefix-to-origin mappings, and information submitted by users that has been cryptographically signed by a PGP key. This talk will outline the design and usage of this system. Part of the difficulty in developing a prevention technique for prefix hijacking stems from the fact that it is very difficult to determine the rightful origin for an announced prefix (and almost impossible to do so in an automated way). In BGP Origins, users are able to use observed origin information and augment it with their own attestations (of prefix-to-origin mappings). BGP Origins does not require a defacto PKI, and leverages concepts from PGP's Web of Trust. End users decide whose attestations they believe. BGP Origins is accessible via DNS' standard protocol. Users are able to query for origin mappings based on prefixes and can submit their own attestations using DNS updates. BGP Origins is intended to facilitate the operational practice of verifying proper origin mappings and to allow an automated approach for this. Speakers |
RecordingsFull AbstractIt is common to characterize any BGP-related routing convergence as hopelessly slow due to the linear relationship between the number of impacted prefixes (in the 500k range in early 2007 counting internet and vpn routes) and the number of convergence operation (bestpath, RIB and FIB update, transmission or reception of withdraw/update). The objective of this paper is to demonstrate that this belief is wrong for any failures occurring within the network of a service provider or on peering links with redundantly-connected peers. This covers the vast majority (if not all) of business models involving BGP convergence requirements. Thanks to BGP Prefix Independent Convergence (BGP PIC), an alternative path to the existing BGP next-hop is enabled at IGP convergence time (modify) in the core scenario, while in the edge scenario, the deletion of the IGP path to a BGP next-hop triggers an immediate and prefix-independent rerouting of the dependent BGP destinations via an alternate BGP next-hop. Aside the obvious convergence gains, BGP PIC and its underlying hierarchical FIB organization bring significant scaling and robustness gains to router architecture. The first section defines the problem and introduces concepts such as RIB, FIB, recursion, dependency, flattened and hierarchical FIB organization. The second section explains why modern high-end router design invests in more complex and expensive packet lookup engine to support hierarchical FIB databases. This allows for significant gains in scaling, robustness and routing convergence (BGP PIC Core). The next section generalizes the hierarchical FIB structure and introduces the concepts of shared BGP path-lists and loadbalancing FIB entries. BGP PIC edge is then defined both for the multipath and unipath BGP policies. The next section describes the BGP control Plane reaction to the core and edge failures, how it is automatically serialized with IGP convergence and how the later BGP control-plane induced FIB modifications reconciliate with the BGP-PIC-modified FIB in a lossless manner. We then review the vast applicability for BGP PIC behavior and report detailed lab measurement based on a commercially-available product. We finish with a conclusion. Speakers |
RecordingsFull AbstractWe describe a methodology which targets the identification of wrongly configured route filters by Internet Service Providers (ISPs). A current problem for network operators is that newly announced IP address space (from previously unused IP blocks) is often not reachable as it is still blocked by certain ISPs. It is common for network operators to filter out address space which is known to be unallocated (bogon addresses). However, as allocated address space changes over time these bogons might become legitimately announced prefixes. Unfortunately, some ISPs still do not configure their bogon filters via lists published by the RIRs, instead choosing to manually configure filters. Therefore it would be desirable to test whether filters block IP blocks, before this address space is allocated to ISPs and/or end users. In this article we present a methodology that detects where wrongly configured filters exists, so that ISPs can be contacted and asked to update their filters. Speakers |
Full AbstractMicrosoft |
Full AbstractSpeakers |
RecordingsFull AbstractSpeakers |
Full AbstractSpeakers |
Full AbstractSpeakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractStability is one of the key challenges of BGP, the de facto inter-domain routing protocol in today's Internet. BGP's slow convergence and recovery in the face of routing failures and policy changes can lead to poor data plane performance including significant periods of packet loss. In this talk, we propose stable route selection (SRS), a simple approach to improve BGP stability, by directly incorporating route stability as a factor in the route selection process. Through extensive simulations in a realistic environment, we show that the mean rate at which routes change can be reduced by a factor of 4.9, while preserving local preferences based on ISP business relationships, and limiting the increase in path length to less than 15%. Moreover, this approach can be deployed easily, as it requires no protocol changes or coordination among ISPs. A single ISP can unilaterally implement SRS and obtain a significant improvement in stability, with benefits increasing as more ISPs participate. Speakers |
Full AbstractWe have developed iPlane, an Internet-wide information plane that provides real-time predictions of approximate paths and path properties between arbitrary end-hosts. iPlane continually performs measurements from several hundred geographically distributed vantage points to build a map of the Internet's structure and to annotate links in this map with performance metrics such as latency, loss rate, and bandwidth capacity. We have evaluated the utility of iPlane by applying it to several popular distributed services in use today: content distribution, swarming peer-to-peer file-sharing, and voice-over-IP. In each case, using iPlane's predictions leads to improved application performance. Speakers |
RecordingsFull AbstractWe present Hubble, a system designed to identify and diagnose reachability problems on the Internet in real-time. Using Hubble, we are able to evaluate the extent to which global reachability is violated: how many prefixes are reachable from some vantages and not others, and how long do these problems persist? Whereas previous work focused on either reachability within a single AS or simple passive monitoring of BGP updates, we have designed Hubble to unify RouteViews and distributed vantage points into a system that can perform active probe monitoring and diagnosis of reachability problems to about 90% of the Internet's edge prefixes. Our results show that 10% of prefixes experience reachability problems on a given day. Beyond identifying problems, Hubble gathers data and can trigger measurements to help troubleshoot and categorize commonly occuring reachability problems in real-time. Is a prefix currently unreachable from portions of the Internet? Is the problem due to issues with multi-homed failover? Is some AS dropping all traffic to the prefix? Hubble can provide answers to these questions. Speakers Arvind Krishnamurthy, University of Washington. |