
Join us in Hollywood, CA for NANOG 86
Our 86th community-wide gathering was 17-19 Oct 2022.

NANOG 86 Keynote Speaker - Harlan Stenn
Tech Pioneer Talks about "The NTP Project" + the Importance of Timekeeping in Tech.
Network Time Protocol (NTP) Project Manager + President of the Network Time Foundation, Harlan Stenn to the NANOG 86 Keynote stage!
Watch Now.
Keynote Talk Title: Me, NTP, The NTP Project, and Network Time Foundation - How We Got Here: Welcome to my Hallucination.
About Stenn: Harlan Stenn is a nearly 50-year veteran of the IT industry. Harlan began programming computers in high school in 1971. He holds a bachelors degree in Business Administration (Accounting) from The Colorado College in Colorado Springs, and an MSE in Computer Science from Washington University in St. Louis.
A well-versed entrepreneur, Harlan has launched several successful businesses and has been a respected, sought-after I/T consultant and contractor for decades who is well known for writing astonishingly portable C code since the early 1980s. To put it another way, if NTP is Dave Mills' edifice, Harlan is its janitor.
In mid-2011 he started Network Time Foundation (NTF), with the mission to provide direct services and support to improve the state of accurate computer network timekeeping. NTF now works with several time-related projects, including NTP, Ntimed, Linux PTP, RADclock, and the General Timestamp API and Library. The GTSAPI is a way to make sure that a timestamp contains enough information to be useful outside of the system on which it was “taken". Several new projects are in the works, including Khronos, and several SyncE packages.
Preface: History of the Network Time Foundation - From the earliest days of human history, people have had a close relationship with time...
Computers aren't intelligent; they keep poor time. So how do global networks track when a transaction happened and the nanoseconds that make up a timestamp count? Learn More
Dates | Member | Non Member | Student | Virtual | |
---|---|---|---|---|---|
Early | 11 JUL 2022 | $675 | $700 | $100 | $100 |
Standard | 08 AUG 2022 | $775 | $800 | $100 | $100 |
Late | 10 OCT 2022 | $875 | $900 | $100 | $100 |
Onsite | 16 OCT 2022 | $1,075 | $1,100 | $100 | $100 |
NANOG hopes everyone who registers for the meeting will be able to attend; however, we know extenuating circumstances do occur.
The NANOG cancellation and refund policies are as follows:
Any registration canceled between 11 Jul to 01 Oct, 2022 is refundable but will incur a $50.00 fee
Registrations canceled on 02 Oct to 15 Oct, 2022 is refundable but will incur a $100.00 fee
Registrations canceled on or after 16 Oct, 2022 will not receive a refund
NANOG Social Event Guest Pass: $50 per guest (purchase separately when you register, limit 2)

The Engineer Approved List of Sightseeing in Hollywood
We have put together a list sure to stimulate the imagination of any tech pro while visiting the city.

Hotel Information:
Headquarter Hotel
Hotel Guest Room Block
Loews Hollywood Hotel
1755 North Highland Ave.
Hollywood, CA 90028

NANOG 86 Health + Safety
The health and safety of meeting attendees are very important to us. We believe the most effective way to ensure the safety of all attendees is to be fully vaccinated against COVID-19 . Please note that proof of vaccination will not be required to attend NANOG 86. Be aware that while NANOG will make every effort to reduce the risk of COVID-19 transmission on site, it is possible that you may come into contact with people that carry the virus through your travels.
Be Aware. Any company offering to sell you the NANOG 86 Attendee list is fraudulent.
Coming soon to the NANOG 86 Stage
Full AbstractHow often do you find yourself doing the same set of commands when troubleshooting issues in your network? I am willing to bet the answer to this is quite often! Usually we have a list of our favorite commands that we will always use to quickly narrow down a specific problem type. Switch reloaded unexpectedly? "show reload cause" Outputs like the above examples help you quickly pinpoint the source of your failures for remediation. SSH'ing into the boxes and running these commands by hand is time consuming, especially if you are for example a NOC dealing with numerous failures throughout the day. Most switch platforms have API's now and you can instead program against them to get these outputs in seconds. I will go over a variety of examples and creative ways to use these scripts for optimal use of your troubleshooting time and to get you away from continually doing these repetitive tasks by hand. NOTE: My tutorial examples will be using python and the Arista pyeapi module with Arista examples, but the concepts can easily be transferred to other platforms and languages. |
Full AbstractVideo-conferencing applications impose high loads and stringent performance requirements on the network. To better understand and manage these applications, we need effective ways to measure performance in the wild. For example, these measurements would help network operators in capacity planning, troubleshooting, and setting QoS policies. Unfortunately, large-scale measurements of production networks cannot rely on end-host cooperation, and an in-depth analysis of packet traces requires knowledge of the header formats. Zoom is one of the most sophisticated and popular applications, but it uses a proprietary network protocol. In this talk, we demystify how Zoom works at the packet level, and design techniques for analyzing Zoom performance from packet traces. We conduct systematic controlled experiments to discover the relevant unencrypted fields in Zoom packets, as well as how to group streams into meetings and how to identify peer-to-peer meetings. We show how to use the header fields to compute metrics like media bit rates, frame sizes and rates, and latency and jitter, and demonstrate the value of these fine-grained metrics on a 12-hour trace of Zoom traffic on our campus network. |
Full AbstractAs network engineers begin adopting automation in their organizations, they inevitably encounter a range of challenges. These are typically accepted as necessary engineering hurdles that need to be overcome in order to bring automation into production, and are subsequently addressed with a mix of de facto standard tooling and traditional training. Unfortunately, this logical but simplistic strategy overlooks some powerful alternatives by which automation can be introduced and even adopted. Chances are, opportunities for accelerating network automation already exist in your organization. In this practical talk we will discuss several alternative strategies to begin automating networks. Engineers who are struggling with the basics will learn new perspectives for addressing automation challenges. We will also introduce a flexible maturity model and a proposed framework for full-cycle automation deployment to aid in examining these uncommon paths to beginning network automation. |
Full AbstractHabits die hard, and the concepts of address allocation which are perfectly valid for IPv4 just don't work for IPv6, and in fact some IPv4 habits will technically break IPv6 routing efficiency. This is a summary of good address allocation hygiene when people have large blocks to split up, based on RFC suggestions and fifteen years of operational experience in IPv6 |
Full AbstractThe December 2018 release of our NSF-funded study analyzing legal barriers to RPKI adoption revitalized interest in reforms to lower these barriers. In the fall of 2022, ARIN made important changes to its Relying Party Agreement and Registration Services Agreement designed to address the concerns raised by our report. This proposed session would offer a legal assessment of these recent developments. |
Full AbstractOur current networks depend on fiber technology. This talk describes what it took to develop compact 400 Gigabit technology during the global pandemic. The current realities of compact 400g are discussed. |
Full AbstractThere are many platforms out there to help you automate your deployments and configurations of your network devices out there. This panel will cover some of the major ones such as Ansible, Puppet, Salt, Kubernetes, Nornir, Netmiko, Netpalm We shall focus on: |
Full AbstractAdvances in routing silicon and pluggable optics are enabling a new network architecture to converge traditional private line services onto a packet transport infrastructure. Private line emulation is cost-efficient for the delivery of high bandwidth, bit transparent and dedicated network connectivity services. In this session private line service attributes will be discussed and the key technology building blocks to deliver mission critical services in a fundamental new and beneficial way for both the end-customer and the provider |
Full AbstractgRIBI is a control plane gRPC service that enables an external entity (say a controller) to inject and query entries into a network device’s RIB. The data model to represent the entries reuses the OpenConfig Abstract Forwarding Table (AFT). Since the entries are injected into the RIB, there’s no need for the external entity to assume full ownership of the forwarding table nor be aware of all the forwarding entries. Programming operations are transactional with support for acknowledgements (per operation) of installed state in the device’s RIB and (hardware) FIB. Use of gRPC and AFT data model allows for vendor neutral support on the external entity. |
Full AbstractDE-CIX has been working on the introduction of EVPN on its peering platform since the beginning of 2022. Considering the increasing number of participants, especially in New York and Frankfurt, the introduction of EVPN, including ProxyARP/ND, is required to get the exponentially growing broadcast/multicast traffic in the Peering LANs under control and to reduce the load on customer routers. Additionally, further security features based on a ProxyARP/ND agent according to RFC 9161 are activated and the protocol stack of the DE-CIX global network will be expanded to include RSVP-TE and sBFD. In this presentation, we will present the course of the project, benefits, and side effects for DE-CIX customers explained in technical detail. |
Full AbstractIn this presentation, we will provide a synopsis of the criminal DDoS-for-hire ecosystem; examine details of a simultaneous, internationally-orchestrated takedown of multiple DDoS-for-hire services in December of 2022; and assess the real-world impact of this action via statistical analysis of global DDoS attack activity. |
Full AbstractOverview of the Fundamental components for Kubernetes that every Network Professional should know: Intro to Network Namespaces and the fundamentals of Pods and how they communicate in a Kubernetes Cluster. K8s services like NodePort and LoadBalancer. An overview about CNI plugins, the built-in ones and the ones available in the market (i.e. Calico, Cilium). Comparison between the most popular CNI Plugins. Why multus is so important in Telco? Security Policies. |
Full AbstractThis presentation discusses Imposter Syndrome, the silent myth that so many of us in Networking face. I dissect this myth with the audience, and provide real world examples of how they can overcome it. My examples focus on the Network Automation field, and how this feeling is even more prevalent as a Network Automation Engineer compared to other, more traditional IT roles. |
The Operational Impacts of Supporting a Disaggregated, Distributed, Cloud-based Network ArchitectureFull AbstractManaging and maintaining highly scalable networks has historically been a challenging task. A plethora of ISPs/CSPs have been trying to simplify processes and procedures; yet this task gets more complicated as they are faced with the growing cost pressure of supporting today’s IP network traffic demands (driven by video, gaming, and remote working) and future 5G traffic volumes. All these trends and market forces are forcing cable operators to rethink and rearchitect their legacy IP networks and operations in ways that can give them a competitive edge. The intent of this presentation is first to describe why distributed disaggregated services such as a Disaggregated Distributed Chassis (DDC) will be paramount for the success of ISPs/CSPs. It will examine how these services differ from traditional architectures, and which operational processes, engineering skills and supporting tools are needed. It will showcase an example of the DDC model deployed in the production environment of one of the largest cable operators in the world. It also will provide insights on how to improve network availability and reliability thanks to a smaller “blast radius” for outages. In summation, ISPs/CSPs’ interest in network disaggregation has been growing, driven by a variety of motives such as cost reduction, the removal of vendor lock-in and service innovation. Readers will have a granular understanding of the operational impacts of the DDC approach, and how networks can be managed in a more cloud-like and orchestrated manner. They will also achieve a clear vision for solving operational and business challenges before embarking on a disaggregation project. |
Full AbstractWe will be presenting 2 hours of related content regarding the current uncertainty in the employment/career market. Title: What You Can Do in Times of Uncertainty |
Full AbstractThe idea is to share the impact and the records that the FIFA World Cup 2022 generated over the Internet, and also the users. Warning NANOG that the next one is going to be in USA, Canada and Mexico, so better get ready for new records. Showing how capacity on the customers or peers should be ready for events with this characteristic to let the users use the internet without bad experiences. |
Full AbstractIPv4 is exhausted. We can do a better job of being efficient with our IPv4 utilization while also making IPv6 a reality in our networks. The perfection combination is dual-stacking IPv4 CGNAT and IPv6. Utilizing RFC6598 space, we can extend a dedicated VLAN per customer to make IPv6 EUI-64 possible without running out of IPv4 space to assign with it. |
Full AbstractSynopsis: Measurement Lab and Cloudflare want to empower network operators with free and open access to data that represents their user’s experience. Our presentation will: 1. Discuss how end-users define “good Internet” and how AIMScore defines the answer Running a distributed network is a challenge by itself, but ensuring that users are having a good experience on that network adds a layer of complexity that can make anyone’s head spin. It’s hard enough ensuring that users can reach the Internet through your network, but ensuring that they can access a myriad of services and applications at peak performance for each is orders of magnitude harder, especially when each application has a different concept of what peak performance looks like. To put it another way: it’s hard enough to know if every user on your network can access Discord, Netflix, and Dota reliably, but it’s even harder to know if every user on your network has a good experience accessing those services because each of those have completely different understandings of what it means to have a good experience. The way we use the Internet on top of a network is ever changing, and the success criteria for the ways we use the Internet is also constantly changing. New metrics like responsiveness are being developed and rolled out to help track these new criteria. Being able to make sure that users have a good experience on your network no matter what is critical for customer retention and cost efficiency. If people have a good experience, they’ll keep using your network. And if people have a good experience, they won’t call support and try and get things fixed. We are proposing a framework and data set that will not only give you insight into what applications consider success, but ways to programmatically detect when users in your network are experiencing degradations from success: Aggregated Internet Measurement |
Full AbstractRecent research studies highlighted a phenomenon known as “BGP zombies", which refers to active RIB entries for prefixes that have been withdrawn, but still persist in BGP routing tables. • the identification of BGP zombies using a BGP monitoring platform other than RIPE RIS (namely the Code BGP Platform) will yield comparable results to those obtained from RIS Live Our results reveal that BGP zombies are a pervasive problem in the Internet routing system, regardless of the monitoring platform and prefix announcement characteristics utilized. We advocate that monitoring platforms should develop mechanisms for accurately identifying and labeling BGP routes as zombies, as well as implementing strategies for promptly alerting users to their presence in order to mitigate the potential negative effects they may have on network stability and performance. |
Full Abstract400ZR and its variations have been the most successful development in optical networking in decades, with over 200k modules shipped in 2022, just two years after introduction. 400ZR has changed the way datacenters are interconnected and changed the way datacenters are designed. In this presentation, the speaker will show the current status of 400ZR development and deployment, how it is changing network designs, and explain what is coming next. |
Full AbstractWhen an IP network is congested, operators could take advantage of the channel margins in the underlying optical network and increase capacity of the IP links. Although channel margins are required for the long-term health of the optical service, it might be possible to tap into the margin while the IP network is being repaired. We present a new converged Traffic Engineering SDN approach that looks at the IP and optical layers of the network holistically to help operators alleviate IP congestion. |
Full AbstractThe need to reliably monitor today’s ever-growing networks in the WAN, edge, and data center domains is now more critical than ever. The industry relies largely on SNMP to monitor present networks, a protocol that falls short when used to monitor large networks let alone the increasingly complex networks of the future. Openconfig's gRPC-based streaming telemetry protocol, gNMI is considered by many to be the prime successor to SNMP. It packs features to build modern monitoring stacks, such as a push-based telemetry model, reliable transport, default TLS security, data model-based access to monitored data leaves, and exceptional performance on the wire. This tutorial introduces gNMIc, an open-source software suite which blends together a feature-rich gNMI CLI client and a performant, highly-available telemetry collector. Focusing on gNMI-based streaming telemetry, gNMIc sets itself apart from other general-purpose collectors with unique features including high availability and clustering of collector instances, rich data processing pipelines, sheer support for various outputs for metrics, and embedded caching, to name a few. By the end of this session, participants will understand how gNMIc can be used to configure network devices, and building a modern open-source telemetry stack comprised of a collector, time-series DB, and visualization layer. |
Full AbstractARIN is a nonprofit, member-based organization that administers IP addresses & ASNs in support of the operation and growth of the Internet. Hear from ARIN’s Chief Customer Officer on where the organization sits with IPv6 growth, IPv4 Waitlist and Transfer stats, along with other notable updates across our programs and services. |
Full AbstractPluggable Digital Coherent Optics (DCO) is a breakthrough technology that allows routers to integrate state of the art coherent DWDM interfaces without the need for specialized hardware. This is possible thanks to the incredible power efficiencies and compactness of recent DCO implementations over QSFP56-DD and other transceivers that can be deployed directly into standard 400GE host ports. Replacing traditional DWDM transponders by pluggable DCO significantly lowers the cost of building high-speed networks with massive capacity and extended reaches. Even greater gains in cost efficiencies are possible with Routed Optical Networking, a novel network architecture that couples DCO with innovations in IP/MPLS, management and automation to build a fully converged and programmable network architecture optimized at the packet switching layer. |
Full AbstractCloud Network Engineering: A closer look at a new career path What will be presented We believe this career has roots deep in a few different engineering fields such as network, systems and security engineering. This will be covered as part of the “intro” (part 1). In the second part the presenter will move on to the responsibilities and required skillsets (Part 2). Why do we need this session? Who is our target audience? |
Full AbstractNetwork Engineering Jeopardy will consist of three teams competing for all the glory! |
Full AbstractSophisticated attackers, typically nation-state actors, have begun to leverage access to key DNS infrastructure to then hijack target organization domains. Target organizations now not only |
Full AbstractWe analyze the properties of 712 prefixes that appeared in Spamhaus’ |
Full AbstractThis talk will explore the potential use cases for ChatGPT in network engineering, including automating configuration management, troubleshooting, and documentation. Examples will be provided of how ChatGPT has been used to assist in these tasks for popular vendors such as Cisco and Juniper. Additionally, the challenges and limitations of using ChatGPT in network engineering will be discussed. The talk will provide an overview of the benefits and possibilities of using ChatGPT in network engineering and how it can help network engineers to focus on more critical tasks. ChatGPT Prompt: Can you create an outline for a 30 minute talk about how ChatGPT could be used by network engineers in their daily duties? ChatGPT Response: I'd be happy to help! Here's an outline for a 30-minute talk on how ChatGPT could be used by network engineers in their daily duties: ChatGPT Prompt: Can you write an abstract for this talk? ChatGPT Response: The use of ChatGPT, a large language model developed by OpenAI, in network engineering can help to automate repetitive and time-consuming tasks, reduce human error, and improve the efficiency and accuracy of network operations. |

Apply for the Peering Coordination Forum
The Peering Coordination Forum is a 90-minute session to be held on 17 OCT during the NANOG 86 conference. The forum provides time for attendees to meet and network with others in the peering community present at NANOG. NANOG 86 Peering Coordination Forum applications will remain open until we have 20 applications or 10 OCT.