Join us in Hollywood, CA for NANOG 86

Join us in Hollywood, CA for NANOG 86

Register Now
NANOG 2022 Election Cycle is here!

NANOG 2022 Election Cycle is here!

Learn More


Hollywood, CA | NANOG 86

Our 86th community-wide gathering was 17-19 Oct 2022.


NANOG 86 Keynote Speaker - Harlan Stenn

Tech Pioneer Talks about "The NTP Project" + the Importance of Timekeeping in Tech. 

Network Time Protocol (NTP) Project Manager + President of the Network Time Foundation, Harlan Stenn to the NANOG 86 Keynote stage!

Watch Now.

Keynote Talk Title: Me, NTP, The NTP Project, and Network Time Foundation - How We Got Here: Welcome to my Hallucination.

About Stenn: Harlan Stenn is a nearly 50-year veteran of the IT industry. Harlan began programming computers in high school in 1971. He holds a bachelors degree in Business Administration (Accounting) from The Colorado College in Colorado Springs, and an MSE in Computer Science from Washington University in St. Louis.

A well-versed entrepreneur, Harlan has launched several successful businesses and has been a respected, sought-after I/T consultant and contractor for decades who is well known for writing astonishingly portable C code since the early 1980s. To put it another way, if NTP is Dave Mills' edifice, Harlan is its janitor.

In mid-2011 he started Network Time Foundation (NTF), with the mission to provide direct services and support to improve the state of accurate computer network timekeeping. NTF now works with several time-related projects, including NTP, Ntimed, Linux PTP, RADclock, and the General Timestamp API and Library. The GTSAPI is a way to make sure that a timestamp contains enough information to be useful outside of the system on which it was “taken". Several new projects are in the works, including Khronos, and several SyncE packages.

Preface: History of the Network Time Foundation -  From the earliest days of human history, people have had a close relationship with time...

Computers aren't intelligent; they keep poor time. So how do global networks track when a transaction happened and the nanoseconds that make up a timestamp count? Learn More 


Dates Member Non Member Student Virtual
Early 11 JUL 2022 $675 $700 $100 $100
Standard 08 AUG 2022 $775 $800 $100 $100
Late 10 OCT 2022 $875 $900 $100 $100
Onsite 16 OCT 2022 $1,075 $1,100 $100 $100
NANOG Meeting Cancellation + Refund Policy

NANOG hopes everyone who registers for the meeting will be able to attend; however, we know extenuating circumstances do occur.
The NANOG cancellation and refund policies are as follows:
Any registration canceled between 11 Jul to 01 Oct, 2022 is refundable but will incur a $50.00 fee
Registrations canceled on 02 Oct to 15 Oct, 2022 is refundable but will incur a $100.00 fee
Registrations canceled on or after 16 Oct, 2022 will not receive a refund

NANOG Social Event Guest Pass: $50 per guest (purchase separately when you register, limit 2)


The Engineer Approved List of Sightseeing in Hollywood

We have put together a list sure to stimulate the imagination of any tech pro while visiting the city.

Read More


Hotel Information:

Headquarter Hotel
Hotel Guest Room Block

Loews Hollywood Hotel

1755 North Highland Ave.
Hollywood, CA 90028

Read More


NANOG 86 Health + Safety

The health and safety of meeting attendees are very important to us. We believe the most effective way to ensure the safety of all attendees is to be fully vaccinated against COVID-19 . Please note that proof of vaccination will not be required to attend NANOG 86. Be aware that while NANOG will make every effort to reduce the risk of COVID-19 transmission on site, it is possible that you may come into contact with people that carry the virus through your travels.

Learn More

Be Aware. Any company offering to sell you the NANOG 86 Attendee list is fraudulent.

Coming soon to the NANOG 86 Stage

Full Abstract

The IETF standards for BGP are created in the Inter-Domain Working Group. Are you interested in finding out what's changing in BGP standards? The IDR chairs will present the latest changes to BGP. This includes standards on Intent/Color Routing, BGP-LS, SR-Routing, BGP Yang models, fixing "Stuck BGP sessions," version 2 of Flow Specification, and more.

Are you irked about something in BGP or BGP standards? Come to the session and complain to the IDR Chairs. Your opinions matter to the IDR chairs.

Jeffrey Haas: Jeffrey Haas is a Distinguished Engineer at Juniper Networks where he works on the implementation and specification of BGP. Jeffrey is a Chair at the IETF IDR (inter-domain routing) Working Group where BGP is standardized. Additionally, in IETF, Jeffrey is a Chair for the BFD (bi-directional forwarding detection) Working Group. Jeffrey has been involved in working on Internet technologies since the late 90's where he worked at a small tier-3 ISP doing everything from helping people setup dial-up networking to helping maintain the company's Internet routing. Since then, he's worked at the NextHop startup that commercialized the GateD software; at Arbor Networks where he worked on routing, flow analytics, and management software; and most recently with Juniper. Jeffrey's day job is a mix of work on code, standards, and working with customers solving interesting problems. For fun, Jeffrey spends his off hours as an active participant in the Society for Creative Anachronism (SCA) and thoroughly enjoys a good, dark beer.
Full Abstract

RPKI ROV adoption has grown significantly over the past five years. In a recent milestone, the percentage of IPv4 routes in the global routing table with ROAs has finally crossed 50% (IPv6 crossed this mark last year). In addition, another major telecom began rejecting RPKI-invalid routes reducing the propagation of these problematic routes even farther.

Finally, this talk with present an analysis of the 'effective expirations' of ROAs and how the behavior of these expirations varies greatly between RIRs due to differences in their cryptographic chains.

Doug Madory: Doug Madory is the Director of Internet Analysis for Kentik where he works on Internet infrastructure analysis. The Washington Post dubbed him “The Man who can see the Internet" for his reputation in identifying significant developments in the structure of the Internet. Doug is regularly quoted by major news outlets about developments ranging from national blackouts to BGP hijacks to the activation of submarine cables. Prior to Kentik, he was the lead analyst for Oracle's Internet Intelligence team (formerly Dyn Research and Renesys).
Full Abstract

The use of IP spoofing for generating DDoS attacks has been around for decades. In the last several years, tracing back spoofed traffic and engaging networks to deploy ACLs/uRPF to enforce BCP38 has become a common method to disrupt DDoS-As-A-Service providers (also known as booters/stressers). This presentation will cover the overall effort along with methodologies that networks can use to detect this as well as controls they can implement to mitigate this behavior. A number of real-world trace back scenarios will be covered as well as interesting things found along the way.

Full Abstract

When it comes to Internet access, Indigenous communities are among the most underserved throughout North America. According to Canada’s ISED, 97 percent of urban households have access to high-speed Internet, compared to only 37 percent in rural communities. The statistics are even more bleak for Indigenous communities, where just 24 percent have access to high-speed Internet.
The Internet Society works with Indigenous communities to find and implement sustainable solutions that meet their unique connectivity needs. Supporting communities to build and maintain local Internet infrastructure has proven to be key to connect the unconnected.
This talk will cover a recent partnership between the Internet Society and the National Research Council of Canada (NRC) that aimed at identifying and training a number of indigenous communities in Ontario and Northwest territories, in preparation for broadband network deployments.
Also, this talk will cover the successful deployment of a wireless broadband network in the indigenous community of Ulukhaktok in the Arctic, which would perhaps be the northern-most such deployment.

Dr. Hosein Badran: Dr. Hosein Badran holds the position of Senior Director, Internet Growth and Trust, with the Internet Society, based in Ottawa, Canada. He represents the Internet Society at the ITU-T standardization organization, particularly SG11, SG13 and SG17, and invited member of the Canadian ITU-T National Study Groups NSG11, NSG13 and NSG17. Special focus in the standardization work is on topics related to the evolution of the Internet - proposals potentially resulting in the fragmentation of the Internet, like NewIP and related proposals. He is a member of the North American Network Operators Group (NANOG) Education Committee, and the Canadian Forum for Digital Infrastructure Resilience (CFDIR), established by Innovation, Science and Economic Development Canada (ISED). He is a co-author of the final report of the Canadian Multi-stakeholder Initiative on IoT Security: “Enhancing IoT Security: Final Outcomes and Recommendations”. He has been a member of the Steering Committee of the Arab IGF since its inception in 2010, overseeing the program content for the annual event, and was the Chair of the Program Committee of the Canadian IGF 2020. During his career of over 25 years as C-level expert, he spent 14 years with Cisco Systems as Distinguished Systems Architect and Regional Chief Technology Officer as a member of the Cisco CTO Office. Before joining the Internet Society, he spent three years as Director, Special Projects and Innovation, at Qatar Computing Research Institute (QCRI), a member of Qatar Foundation, in Doha, Qatar, where he led projects dealing with machine learning and data-driven optimization in different national socio-economic initiatives including smart transportation, e-health, aviation, and cybersecurity. He worked also with Nortel Networks in Ottawa, Canada, FORE Systems (now Ericsson) in Dubai, and Siemens AG in Munich, Germany. Dr. Badran holds a Ph.D. in Electrical Engineering from Queen’s University in Canada.
Full Abstract

An ongoing issue with Internet standards development is limited interaction between the standards developers and the network operator community. This talk is a step toward bridging that gap, highlighting ongoing work from the IETF that is likely to be published in the RFC series or will otherwise have notable operational considerations.

David Lawrence: A veteran of the Usenet Wars
Full Abstract

Google gRPC gNOI service is a commonly used tool today to manage TLS certificates. This session introduces the audience to gRPC gNSI service that is being developed by Google for all security related operations on the router. We will start with a brief overview of TLS, discuss challenges with TLS configuration on a router followed by a recap of gNOI and an introduction of gNSI.

Saju Salahudeen: Saju Salahudeen is a Principal Consulting Engineer for IP Networks at Nokia and a member of NANOG Education Committee. He has 17 years of experience in the Telecom industry with 12 years in IP Networking and Multi-Vendor Network Automation. In his current role, his focus area is to help Webscale networks adapt to the current and future demands of the industry. Prior to this, he was a Senior Sales Engineer for IP and Network Automation at Nokia. Saju was born in India, studied in Dubai and now resides in Toronto, Canada.
Full Abstract

In this session we review IPv6 features and capabilities on AWS, best practices for adopting IPv6 on AWS, and reference architectures. We also dive deeper into the common use cases that drive customer IPv6 adoption on AWS, and lessons learned to help you accelerate your IPv6 adoption journey.

Alexandra Huides: Alexandra Huides is a Principal Networking Specialist Solutions Architect within Strategic Accounts at Amazon Web Services. She focuses on helping customers build and develop networking architectures for highly scalable and resilient AWS environments. Alex is also a public speaker for AWS, and is helping customers adopt IPv6. Outside work, she loves sailing, especially catamarans, traveling, discovering new cultures, and reading.
Full Abstract

Datacenters are comprised of thousands of servers, network and storage devices. Data Center Networks (DCNs) are the communications backbone of a datacenter. Several architectural and design innovations have been introduced in DCNs to address the growing size and increasing operational demands of the datacenter. From a protocol perspective, these demands and challenges have been addressed primarily by aggregating multiple off-the-shelf protocols and retrofitting them to the DCN communication needs. This aggregation has resulted in higher overhead, added operational complexity and requires increased effort to perform DCN troubleshooting and maintenance.
In this work we present a new protocol that leverages the structured and symmetrical DCN topology to significantly simplify DCN operations of routing, load balancing, fast failure detection and IP packet forwarding between the servers. We introduce the Multi-Root Meshed Tree Protocol (MR-MTP) which establishes routes without a routing protocol, performs load balancing, provisions fast failure recovery and forwards IP packets between servers. Testing was performed by adopting the folded-Clos topology. The performance of MR-MTP was compared to the popular protocol suite used in folded-Clos topology DCN, i.e. Border Gateway Protocol (BGP for routing), Equal Cost Multipath Protocol (ECMP for load balancing) and Bidirectional Forwarding Detection (BFD to speed up convergence).
As both TCP and UDP are required in folded-Clos (BGP requires TCP for its operation and BFD requires UDP), MR-MTP is replacing six protocols in a DCN router, i.e. BGP, TCP, ECMP, BFD, UDP and IP. MR-MTP is fully backwards-compatible to Internet Protocol (IP) and Ethernet. MR-MTP autoconfigures and auto-assigns routable addresses to the DCN routers, reducing the configuration needs. MR-MTP coded in C language was compared to the protocol suite BGP/ECMP/BFD (from using folded clos topologies set up in the Fabric testbed (
The results (provided in the slides) of these comparisons clearly demonstrate that significant performance improvement can be achieved with MR-MTP over BGP/ECMP/BFD. The testing evaluated convergence time, control overhead, packets lost, and blast radius on an interface failure. Given its unique approach, MR-MTP offers many other benefits including reduced hardware required to manufacture, immunity from traditional attacks against BGP, TCP and IP, reduced power consumption (and associated cooling costs) among others which will be investigated in the future.

Nirmala Shenoy: Dr. Nirmala Shenoy, received her Bachelors and Master’s in Engineering from Madras University, India. She worked as a Research Scientist in Central Electronics Engineering Research Institute in Chennai, India. She was recipient of the Deutscher Akademischer AustauschDienst, (DAAD) a German fellowship, during which period she received a PhD in Computer Science from University of Bremen, Germany. Dr. Shenoy taught at the Information Communication Institute of Singapore, a collaboration of AT & T Bell Labs US & National Computer Board, Singapore. She subsequently held teaching and research positions in Australian Universities, before joining Rochester Institute of technology, Rochester, New York as Professor in the ISchool, School of Information, Golisano College of Computing and Information Sciences. Her research focus is design, development and evaluation of clean slate protocol solutions to challenging networks problems.
Full Abstract

With a few simple changes, IP-transit customers can increase the reliability of the prefix filtering provided to them by their IP-transit providers, and hopefully avoid easy-to-mitigate prefix filtering issues.

As an IP-Transit provider, we ( often encounter prefix list generation issues with our customer's IRR data. In this talk we'll present some easy to implement changes, in relation to their IRR data and PeeringDB data, that have helped our customers, which other IP-transit customers can implement to improve the quality of their service with their provider.

Full Abstract

This presentation chronicles our experience, highlighting the critical role of threat intelligence in understanding and countering malicious actors. We’ll delve into the data-driven approach we employed to crack their attack patterns, paving the way for strategic countermeasures.
The talk will showcase the effectiveness of these implemented best practices:
Disabling PTR Records: We’ll explore the strategic decision to disable PTR records, dismantling a tactic often used by spammers for social engineering. This proactive step empowered us to seize control of the narrative surrounding our IP reputation.
Enhanced Business Vetting: We’ll discuss how implementing stricter vetting processes for potential partners and customers significantly reduced the risk of unknowingly associating with malicious actors. By establishing a more rigorous onboarding process, we effectively shut down potential infiltration attempts.
Deeper RPKI Adoption: The presentation will highlight the benefits of a robust RPKI deployment, fortifying our network against spoofing attempts and easing our job whenever a quick announcement drop is needed. RPKI served as a digital security shield, ensuring that only authorized sources could originate traffic from our IP addresses.
Other security measures that deemed to be effective to fend off spammers.
The Cost of Resilience
Our proactive approach did not come without challenges. Spammers retaliated with a large-scale DDoS attack and fraudulent chargebacks. While impactful, these disruptions were outweighed by the long-term benefits of a secure network. We persevered, and the implemented strategies ultimately bolstered our ecosystem’s resilience.
By sharing our experiences and best practices, this keynote aims to empower the NANOG community to leverage threat intelligence and strategic defense to navigate the ever-evolving threat landscape and build robust network resilience.

Ignas Anfalovas: I'm Ignas, the Platform Engineering Manager at your service. With a strategic mindset and hands-on experience, I'm focused on ensuring network integrity and security. My mission? To lead our team in fortifying digital networks against threats like SPAM while optimizing performance. I thrive on making data-driven decisions, implementing cutting-edge solutions, and fostering collaboration to safeguard networking platforms and drive continuous improvement in SPAM mitigation strategies and networking efficiencies.
Full Abstract

Exploring integration options:
- gNMIc
- Prometheus client library (i.e. Python)
- Exporter installed directly in Network Element
- Unified Telemetry Model (NMS or SDN)
Dissect advantages and challenges of each option.
Selecting the best monitoring solution based on network needs and resources.

Mauricio Rojas: Mau has been working in the IT Industry for more than two decades, most of this time, leading the introduction of new technologies for Data Centers and Cloud in new markets. Originally from Santiago of Chile, he's currently working as Network Automation rPLM in Nokia, supporting US and Canada. Continuously testing the limits of use cases that involves techs like Kubernetes, YANG or Automation Frameworks in General. Mau's also passionate with art (Instagram: p1nrojas), using what is left of his creativity at work into the canvas or digital illustrations.
Full Abstract

A bird's-eye view over IONOS' European backbone, connecting about three dozen locations in Europe.
This is not about IONOS as a company, but the engineering decisions and lessons learned
Topics are
- How we route traffic
- How DDoS attacks are mitigated
- How acquired companies are integrated working around IPv4 collisions
- Operator's notes deploying unnumbered IS-IS + SR-MPLS and MACSEC everywhere.

Full Abstract

Network operators engineer their networks with enough capacity to service peak loads. They also engineer redundant capacity into their networks. During off-hours, much, if not most, of this capacity is unused.

Sadly, most networks consume nearly the same amount of power during off-hours as they consume during peak-hours.

In this presentation, we propose a power management portal that reports a) network status, b) network power utilization and c) network power efficiency. It also proposes strategies for powering down selected router components during off-hours and powers those router components up and down as per the proposed strategy.

This power management portal is under development and the authors are soliciting co-innovators.

Ronald Bonica: Ron Bonica is a Distinguished Engineer at Juniper Networks, specializing in IPv6 and Segment Routing. He is active in the Internet Engineering Task Force (IETF), having authored or co-authored twenty RFC documents and served three two-year terms as co-director of the IETF Operations and Management Area. Ron currently co-chairs the IETF V6OPS and OPSEC Working Groups. Prior to joining Juniper Networks, Ron was employed by a major Internet Service Provider and operated an Layer 3 Virtual Private Network for U.S. Government customers.
Full Abstract

This talk summarises for a NANOG audience an academic paper recently presented at the "23rd Workshop on the Economics of Information Security". In the paper we evaluate a rare successful intervention in the management of Internet infrastructure -– a multi-year "traceback" campaign to shut down sources of spoofed traffic utilised for DDoS attacks. We assess why it has been possible to "move the needle" on an issue that has dogged the network engineering community for more than thirty years. The decentralised community of competing network providers has few incentives to solve the issue -- which is why little has changed since the flurry of activity when BCP38 (and the century) was new. Our analysis is based on interviews with key players in the initiative. We find that success occurred because the issue of spoofing was migrated away from the incentives of these companies into the incentive structures of the far more densely networked and centralised professional community of network engineers.

Richard Clayton: Richard is a software developer by trade and his software company wrote one of the first Internet access programs for Windows. In the mid-90s the company was sold to Demon Internet (AS2529), then the UK's largest ISP. At the turn of the century he went back to Cambridge to do a PhD and has stayed on as an academic "because it's much more fun than working". He was the founding director of the Cambridge Cybercrime Centre, making many and varied datasets related to cybercrime available to academics so they can concentrate on their research rather than learning the tedium of data collection at scale. Recently he has been advising law enforcement on ways to disrupt "booter" activity and to measure the impact of their actions.
Full Abstract

meshrr is a concept of how to leverage the possibilities of cloud technologies for the benefit of traditional networking infrastructure. It is a demonstration-grade, scale-out, hierarchically-capable, BGP route reflector and route server approach using Juniper cRPD and intended for deployment on Kubernetes.

Jason Rokeach: Jason Rokeach is a Senior Solutions Architect with Juniper Networks' Professional Services division where he focuses on service providers across the US and Canada. Jason spent the decade prior to Juniper in network operations and leading network architecture for service providers, and his passion today lies at the intersection of service provider technologies with cloud-native technology and network automation. Jason spends his off-hours with family, running, hiking, and building and managing DisNOG, the Network Operators' Group on Discord.
Full Abstract

BGP’s deployment model makes even modest software bugs have significant consequences on global Internet routing. 
When is a bug just a bug and not a security issue? 
CVSS is a scoring system used to classify issues and is an important input toward vendors issuing security alerts – and subsequently locking down all information on that issue. 
We discuss BGP and CVSS scoring and its impact upon the availability of information on BGP implementation defects.

Jeffrey Haas: Jeffrey Haas is a Distinguished Engineer at Juniper Networks where he works on the implementation and specification of BGP. Jeffrey is a Chair at the IETF IDR (inter-domain routing) Working Group where BGP is standardized. Additionally, in IETF, Jeffrey is a Chair for the BFD (bi-directional forwarding detection) Working Group. Jeffrey has been involved in working on Internet technologies since the late 90's where he worked at a small tier-3 ISP doing everything from helping people setup dial-up networking to helping maintain the company's Internet routing. Since then, he's worked at the NextHop startup that commercialized the GateD software; at Arbor Networks where he worked on routing, flow analytics, and management software; and most recently with Juniper. Jeffrey's day job is a mix of work on code, standards, and working with customers solving interesting problems. For fun, Jeffrey spends his off hours as an active participant in the Society for Creative Anachronism (SCA) and thoroughly enjoys a good, dark beer.
Full Abstract

As Roblox scales at an unprecedented rate, our legacy network collector architecture is becoming increasingly inadequate for efficiently gathering network device metrics. This presentation dives into the limitations of the existing system and unveils our innovative new architecture designed to scale 10x our current capacity. We will explore the challenges that necessitated this shift and the key features of the new architecture that ensures it can handle Roblox's ever-growing needs.

Full Abstract

This talk discusses methods and challenges involved in disrupting the operations of groups that carry out Distributed Denial of Service (DDoS) attacks. To disrupt DDoS attack operations, automated mechanisms need to continuously track global DDoS attacks and identify their orchestration infrastructures. This information enables sending high-quality takedown requests to hosting providers and domain registrars used by the DDoS groups. Successful takedown requests disrupt the attacks and demotivate DDoS operators by hampering their ability to keep their services running for financial gain. The takedown requests also help the recipient service providers to address gaps in their abuse detection and keep DDoS operations out of their platforms. However, these service providers respond to takedown requests at varying degrees of speeds and efficacy. The talk will explore alternative mechanisms to address these inconsistent responses.

Full Abstract

IPv6 has been "the next generation of IP" for over 20 years. For the longest time, the gold standard has been to run a network with both IPv4 and IPv6, however operating both protocols at the same time presents an additional operational challenge. With the global share of IPv6 traffic nearing 40-50%, it's time to re-evaluate our goal and look at ways to run networks that are largely IPv6-only. So how do we start testing IPv6-only technologies? They can be complex to setup and troubleshoot even for seasoned network engineers let alone application developers, IT support personnel, and others with limited networking experience.

Enter the IPv6 Test Pod, a device that intends to makes testing IPv6-only networks easy, made possible by the ARIN Community Grants program. The IPv6 Test Pod delivers a several IPv6-enabled networks, presented as SSIDs that the user can join to start testing IPv6-only technologies -- including dual-stack (as a baseline), IPv6-only, DNS64/NAT64, 464XLAT, and others. The IPv6 Test Pod is made available for no cost to project participants and participants can be anyone interested in testing IPv6-only networks including IT support personnel, developers, or even network engineers that are too busy to test IPv6-only networks. Dual stack is arriving, let's get ready for an IPv6-only world.

Full Abstract

It's been a while since I adopted a new habit. The last few days of every year are a special time for me to recap what happened and what I learned in my personal and professional life. Additionally, I have a stash of notes that I've collected over the years. This session will demonstrate four of the most important lessons in my professional life and career in IT, notably managing high-performance teams in two of the largest public cloud providers in the world: Oracle Cloud and Amazon. While I learned these lessons the hard way and through a lot of trial and error, this short session is an attempt to share that experience not just with my peers in leadership roles but also with anyone who wants to manage even a small team of one. Here I will go over the four principles of (1) The power of authenticity, (2) The impossible self-cloning, (3) The concept of flexible 1:1s, and (4) The handling of unreasonable requests.

Kam Agahian: Kam is the director of cloud engineering with Oracle in Southern California with over 24 years of experience in designing and implementing complex network architectures. Over the years Kam has interviewed over 1000 candidates in North America, APAC and EMEA for various network engineering and leadership positions. Kam has previously presented at NANOG77 in Austin, TX and NANOG75 in Washington DC on IPv6 over MPLS and network engineering job interview processes. You can follow his random thoughts on Twitter.
Full Abstract

Where exactly are we with BGP security in the global Internet routing system? And what's ahead of us? In this talk I'll reflect on progress made in recent years and look ahead what problems remain and what solutions are in the pipeline. This won't be a "Look ROAs are up and to the right!!11!"-talk, but rather a reflection on various milestones the wider community managed to reach and where the gaps are in this multi-decade journey towards a secure routing system.

Job Snijders: Job Snijders is a Principal Engineer at Fastly where he analyzes and architects global networks for future growth. Job has been actively involved in the Internet community in both operational, engineering, and architectural capacity, as a frequent presenter at network operator events such as NANOG, ITNOG, DKNOG, RIPE, NLNOG & APRICOT, and in a number of community projects for over 15 years. Job is co-chair of the IETF GROW working group, co-chair of the RIPE Routing Working Group, vice president of PeeringDB, director of the Route Server Support Foundation, manager of the IRRd v4 project, member of the RIPE NCC Executive Board, and art director for the OpenBSD project. Job's special interests are BGP routing policies, RPKI based routing security, and Internet scale PKIX-RPKI & BGP deployments. Job helps maintain several tools such as IRRd, rpki-client, bgpq4, OpenBGPD, irrtree, rtrsub, and irrexplorer, and is active in the IETF where they have coauthored or contributed to RFCs and Internet-Drafts. Job also is an OpenBSD developer.
Full Abstract

This 15-minute talk introduces the audience to ICANN's KINDNS Initiative. Modeled on ISOC's MANRS program, KINDNS (which stands for Knowledge-sharing and Instantiating Norms for DNS and Naming Security) aims at developing a simple but effective framework for a secure DNS operation to which operators can voluntarily and easily commit. This framework should be something simple to refer to and be accessible to even small operators that may typically be unable to dedicate many resources to globally follow both the evolution of the DNS protocol and discussions about operational best practices.

Full Abstract

This presentation will explore the integral role of the Number Resource Organization (NRO) and the Regional Internet Registries (RIRs) in global internet governance, with an emphasis on the new NRO RPKI Program, an initiative overseen by the NRO Executive Council. As a strategic effort under the NRO and RIRs, the RPKI Program is pivotal in advancing the development and adoption of Resource Public Key Infrastructure (RPKI) across the globe, enhancing the security and stability of internet routing. We will introduce the leadership team spearheading this program, outline our strategic objectives, and discuss the impactful initiatives that are currently being developed. The presentation will emphasize how this program is a collaborative effort guided by the expertise and governance of the NRO Executive Council, seeking to draw in active feedback from the technical community to refine and innovate our approach. Concluding with detailed resources and avenues for engagement, attendees will gain insights into the significance of their participation in shaping the future of internet security through the NRO RPKI Program.

Sofia Silva Berenguer: Program Manager, Process and Productivity Engineer, Ontological Coach and mum. Sofía holds an MSc in Telematics Engineering and is an Ontological Coach. She works as the RPKI Program Manager for the NRO and the Process and Productivity Engineer for the Registry Value Stream at APNIC. She joined the RIR world in 2010 when she started working for LACNIC as a Hostmaster and Policy Officer. She then held a few different technical roles at LACNIC, as a Networks and Security Engineer first, then moving on to a role as a Senior Security and Stability Specialist. She joined APNIC in 2017 as a Data Scientist, then became a Product Manager and later a Productivity Coach.
Full Abstract

What if you could fully automate your internet exchange? You can! In this presentation, IX founders Chris Grundemann and Matt "Grizz" Griswold will walk through the thinking, the architecture, the tools, and a real example to show you how-to use modern, open-source tools to build an IX operations platform capable of setting your IX to FullAuto.

We will cover the terms and definitions that need to be understood, we'll introduce the network automation philosophy that drives successful projects, and cover the core principles that facilitate excellent execution. Then we'll walk you through an example, using a real IX (IX-Denver), to demonstrate the possibilities - and provide a roadmap for everyone else who wants to do the same.

Automation is not just for network operators. We can, and should, automate our internet exchanges as well. Let's go!

Chris Grundemann: Chris Grundemann is a passionate, creative technologist and a strong believer in technology's power to aid in the betterment of humankind. In his current role as Managing Director at Grundemann Technology Solutions he is expressing that passion by helping technology businesses grow and by helping any business grow with technology. Chris has been using technology, marketing, and strategy to build businesses and non-profit organizations for two decades. He holds 8 patents in network technology and is the author of two books, an IETF RFC, a personal weblog, and a multitude of industry papers, articles, and posts. He is a co-founder and Chief Executive Officer (CEO) for FullCtl, the interconnection automation company; as well as a co-founder of the Network Automation Forum, the organization behind the AutoCon series of events. Chris is the creator and co-host of The Imposter Syndrome Network Podcast, focused on encouraging the next generation of digital infrastructure engineers. He is also a co-founder, Director, and Chair Emeritus of IX-West and the Chair of the Board of Directors of OIX, the global data center and interconnection standards body. He has held previous volunteer positions with CO ISOC (which he founded), ISOC-NY (Vice President), ARIN, NANOG, SANOG, AfPIF, CEA, UPnP, DLNA, RMv6TF, and several others. Chris has given presentations in 34 countries on 5 continents and is often sought out to speak at conferences, NOGs, and NOFs the world over. Currently based in West Texas, Chris can be reached via his website at
Full Abstract

As part of this research, we demonstrate the surprising impact of 1% packet loss on throughput, both in symmetric and asymmetric networking topologies, in the environment using CUBIC congestion avoidance algorithm. Our findings reveal a significant decrease in throughput, more than 70%, compared to baseline measurements without packet loss. Moreover, we explore the effects of increasing packet loss levels, up to 10%, and observe a compounding decline in throughput, indicating the importance of addressing even minor levels of packet loss. We compare attained results using CUBIC congestion avoidance algorithm, in both topologies, with those achieved using the BBR congestion avoidance algorithm, advocating for broader and faster adoption of BBR.

Kemal Sanjta: Kemal is a result-oriented engineer focusing on designing, operating and troubleshooting large-scale networks. Passionate Linux user with a deep understanding of SRE/NRE practices. Over the last two decades, he worked at several large-scale companies applying NRE practices and automating remediation actions. As a Principal Internet Analyst at ThousandEyes, he focuses on research and providing deep and meaningful insights into outages through the lenses of ThousandEyes.
Full Abstract

The American Registry for Internet Numbers (ARIN) is a nonprofit, member-based organization that administers IP addresses and ASNs in support of the operation and growth of the Internet. Hear from ARIN's Chief Customer Officer on where the organization sits with IPv6 growth, IPv4 Waitlist and Transfer stats, along with other notable organizational updates.

John Sweeting: John Sweeting is the Chief Customer Officer of the American Registry for Internet Numbers (ARIN), responsible for the overall development, direction and operation of the department. Prior to joining ARIN staff, he served 12 years on the ARIN Advisory Council, 6 of which he was the Chair, and 1 year on the Address Supporting Organization’s Address Council (ASO AC). John served on the Consolidated RIR IANA Stewardship Proposal (CRISP) team which was convened in December 2014 to guide development of the Number Community response to the IANA Stewardship Transition Coordination Group’s RFP.


Apply for the Peering Coordination Forum

The Peering Coordination Forum is a 90-minute session to be held on 17 OCT during the NANOG 86 conference. The forum provides time for attendees to meet and network with others in the peering community present at NANOG. NANOG 86 Peering Coordination Forum applications will remain open until we have 20 applications or 10 OCT.

Learn More

Diamond Sponsor


Platinum Sponsors


Gold Sponsors