Full Abstract

Video-conferencing applications impose high loads and stringent performance requirements on the network. To better understand and manage these applications, we need effective ways to measure performance in the wild. For example, these measurements would help network operators in capacity planning, troubleshooting, and setting QoS policies. Unfortunately, large-scale measurements of production networks cannot rely on end-host cooperation, and an in-depth analysis of packet traces requires knowledge of the header formats. Zoom is one of the most sophisticated and popular applications, but it uses a proprietary network protocol. In this talk, we demystify how Zoom works at the packet level, and design techniques for analyzing Zoom performance from packet traces. We conduct systematic controlled experiments to discover the relevant unencrypted fields in Zoom packets, as well as how to group streams into meetings and how to identify peer-to-peer meetings. We show how to use the header fields to compute metrics like media bit rates, frame sizes and rates, and latency and jitter, and demonstrate the value of these fine-grained metrics on a 12-hour trace of Zoom traffic on our campus network.

Full Abstract

Habits die hard, and the concepts of address allocation which are perfectly valid for IPv4 just don't work for IPv6, and in fact some IPv4 habits will technically break IPv6 routing efficiency.

This is a summary of good address allocation hygiene when people have large blocks to split up, based on RFC suggestions and fifteen years of operational experience in IPv6

Full Abstract

Our current networks depend on fiber technology. This talk describes what it took to develop compact 400 Gigabit technology during the global pandemic. The current realities of compact 400g are discussed.
Presenter Len Bosack, founder of Cisco systems, oversaw the development of 400G products during lockdown and recovery. It was a bumpy ride. As the pandemic progressed, most of the back-room vendors had significant problems -- being crowned by the famous supply-chain collapse. At times, only one person was allowed in the building. Notwithstanding these, product development still happened. The XKL compact 400G products are the result.

Full Abstract

Advances in routing silicon and pluggable optics are enabling a new network architecture to converge traditional private line services onto a packet transport infrastructure. Private line emulation is cost-efficient for the delivery of high bandwidth, bit transparent and dedicated network connectivity services. In this session private line service attributes will be discussed and the key technology building blocks to deliver mission critical services in a fundamental new and beneficial way for both the end-customer and the provider

Full Abstract

DE-CIX has been working on the introduction of EVPN on its peering platform since the beginning of 2022. Considering the increasing number of participants, especially in New York and Frankfurt, the introduction of EVPN, including ProxyARP/ND, is required to get the exponentially growing broadcast/multicast traffic in the Peering LANs under control and to reduce the load on customer routers. Additionally, further security features based on a ProxyARP/ND agent according to RFC 9161 are activated and the protocol stack of the DE-CIX global network will be expanded to include RSVP-TE and sBFD. In this presentation, we will present the course of the project, benefits, and side effects for DE-CIX customers explained in technical detail.

Full Abstract

Overview of the Fundamental components for Kubernetes that every Network Professional should know: Intro to Network Namespaces and the fundamentals of Pods and how they communicate in a Kubernetes Cluster. K8s services like NodePort and LoadBalancer. An overview about CNI plugins, the built-in ones and the ones available in the market (i.e. Calico, Cilium). Comparison between the most popular CNI Plugins. Why multus is so important in Telco? Security Policies.
About the last trends regarding Segment Routing (SRv6 and Cilium) and Kubernetes, Customer Resource Definitions for Network Orchestration (i.e. Nephio) and eBPF vs iptables.

Full Abstract

Managing and maintaining highly scalable networks has historically been a challenging task. A plethora of ISPs/CSPs have been trying to simplify processes and procedures; yet this task gets more complicated as they are faced with the growing cost pressure of supporting today’s IP network traffic demands (driven by video, gaming, and remote working) and future 5G traffic volumes. All these trends and market forces are forcing cable operators to rethink and rearchitect their legacy IP networks and operations in ways that can give them a competitive edge.

The intent of this presentation is first to describe why distributed disaggregated services such as a Disaggregated Distributed Chassis (DDC) will be paramount for the success of ISPs/CSPs. It will examine how these services differ from traditional architectures, and which operational processes, engineering skills and supporting tools are needed. It will showcase an example of the DDC model deployed in the production environment of one of the largest cable operators in the world. It also will provide insights on how to improve network availability and reliability thanks to a smaller “blast radius” for outages.

In summation, ISPs/CSPs’ interest in network disaggregation has been growing, driven by a variety of motives such as cost reduction, the removal of vendor lock-in and service innovation. Readers will have a granular understanding of the operational impacts of the DDC approach, and how networks can be managed in a more cloud-like and orchestrated manner. They will also achieve a clear vision for solving operational and business challenges before embarking on a disaggregation project.

Full Abstract

The idea is to share the impact and the records that the FIFA World Cup 2022 generated over the Internet, and also the users. Warning NANOG that the next one is going to be in USA, Canada and Mexico, so better get ready for new records.

Showing how capacity on the customers or peers should be ready for events with this characteristic to let the users use the internet without bad experiences.

Full Abstract

Synopsis: Measurement Lab and Cloudflare want to empower network operators with free and open access to data that represents their user’s experience. Our presentation will:

1. Discuss how end-users define “good Internet” and how AIMScore defines the answer
2. Announce the free and open availability of AIMScore data that enable network operators to get actionable insights from CloudFlare and Measurement Lab’s speed tests
3.Solicit feedback from NANOG community about access and usability of the data and discuss future milestones

Running a distributed network is a challenge by itself, but ensuring that users are having a good experience on that network adds a layer of complexity that can make anyone’s head spin. It’s hard enough ensuring that users can reach the Internet through your network, but ensuring that they can access a myriad of services and applications at peak performance for each is orders of magnitude harder, especially when each application has a different concept of what peak performance looks like. To put it another way: it’s hard enough to know if every user on your network can access Discord, Netflix, and Dota reliably, but it’s even harder to know if every user on your network has a good experience accessing those services because each of those have completely different understandings of what it means to have a good experience.

The way we use the Internet on top of a network is ever changing, and the success criteria for the ways we use the Internet is also constantly changing. New metrics like responsiveness are being developed and rolled out to help track these new criteria. Being able to make sure that users have a good experience on your network no matter what is critical for customer retention and cost efficiency. If people have a good experience, they’ll keep using your network. And if people have a good experience, they won’t call support and try and get things fixed.

We are proposing a framework and data set that will not only give you insight into what applications consider success, but ways to programmatically detect when users in your network are experiencing degradations from success: Aggregated Internet Measurement

Full Abstract

400ZR and its variations have been the most successful development in optical networking in decades, with over 200k modules shipped in 2022, just two years after introduction. 400ZR has changed the way datacenters are interconnected and changed the way datacenters are designed. In this presentation, the speaker will show the current status of 400ZR development and deployment, how it is changing network designs, and explain what is coming next.

Full Abstract

The need to reliably monitor today’s ever-growing networks in the WAN, edge, and data center domains is now more critical than ever. The industry relies largely on SNMP to monitor present networks, a protocol that falls short when used to monitor large networks let alone the increasingly complex networks of the future.

Openconfig's gRPC-based streaming telemetry protocol, gNMI is considered by many to be the prime successor to SNMP. It packs features to build modern monitoring stacks, such as a push-based telemetry model, reliable transport, default TLS security, data model-based access to monitored data leaves, and exceptional performance on the wire.

This tutorial introduces gNMIc, an open-source software suite which blends together a feature-rich gNMI CLI client and a performant, highly-available telemetry collector. Focusing on gNMI-based streaming telemetry, gNMIc sets itself apart from other general-purpose collectors with unique features including high availability and clustering of collector instances, rich data processing pipelines, sheer support for various outputs for metrics, and embedded caching, to name a few.

By the end of this session, participants will understand how gNMIc can be used to configure network devices, and building a modern open-source telemetry stack comprised of a collector, time-series DB, and visualization layer.

Full Abstract

Pluggable Digital Coherent Optics (DCO) is a breakthrough technology that allows routers to integrate state of the art coherent DWDM interfaces without the need for specialized hardware. This is possible thanks to the incredible power efficiencies and compactness of recent DCO implementations over QSFP56-DD and other transceivers that can be deployed directly into standard 400GE host ports. Replacing traditional DWDM transponders by pluggable DCO significantly lowers the cost of building high-speed networks with massive capacity and extended reaches. Even greater gains in cost efficiencies are possible with Routed Optical Networking, a novel network architecture that couples DCO with innovations in IP/MPLS, management and automation to build a fully converged and programmable network architecture optimized at the packet switching layer.

As the industry embraces DCO, adoption increases and new use cases are explored, questions about how to manage this technology when deployed in the routers emerge. What are the new optical parameters that DCO expose to the router? How to leverage them for pro-active fiber and DWDM performance management? How to give visibility of that data to fellow transport operations teams and data lakes without exposing the IP network details?

This session will present DCO technology covering its basic concepts, the new optical signal monitoring capabilities enabled by its built-in the Digital Signal Processors (DSPs) and transport encapsulations, and how they can be used to enhance IP networks and their operations. It will also discuss the state of the industry standards and open networking initiatives that can be leveraged to build a multi-vendor ecosystem.

Full Abstract

Network Engineering Jeopardy will consist of three teams competing for all the glory!

Full Abstract

We analyze the properties of 712 prefixes that appeared in Spamhaus’
Don’t Route Or Peer (DROP) list over a nearly three-year period
from June 2019 to March 2022. We show that attackers are subverting multiple defenses against malicious use of address space,
including creating fraudulent Internet Routing Registry records for
prefixes shortly before using them. Other attackers disguised their
activities by announcing routes with spoofed origin ASes consistent
with historic route announcements, and in one case, with the ASN
in a Route Origin Authorization. We quantify the substantial and
actively-exploited attack surface in unrouted address space, which
warrants reconsideration of RPKI eligibility restrictions by RIRs,
and reconsideration of AS0 policies by both operators and RIRs.