Agenda

NANOG 91 Agenda

Click on any talk title in the agenda to view the full abstract and speaker info.

Please note agenda is subject to change.
Our sponsors make these meetings possible, and we appreciate their support.
Please take the opportunity to learn more about the difference-makers within our community!

Sunday, June 9, 2024
Topic/Presenter
Full Abstract

The NANOG 91 Hackathon will focus on Problem Solving/Troubleshooting competitions.
During this Hackathon, teams will collaborate to solve the posed problems.
Scoring will be based on network reachability and how fast you solve the problems. Prizes will be provided to the top finishers.

Utilizing collaboration services from Zoom and Slack and lab infrastructure consisting of virtualized devices from several vendors, Hackathon participants can work individually or self-organize into teams to work on the problems provided or software passion projects.

To learn more or register visit https://nanog.org/events/nanog-91-hackathon/

Full Abstract

The Women in Tech Mixer welcomes all attendees that identify as female and/or with she/her pronouns for an afternoon of networking with other fellow community members with light fare and drinks.

*NANOG Badge required for entry

Monday, June 10, 2024
Topic/Presenter
Full Abstract

New to NANOG? Don’t miss our Newcomers Orientation for an opportunity to network with fellow newcomers and learn more about NANOG - both the community and the organization.

Topics to be covered include:
What is NANOG
What is a NOG
NANOG Governance
NANOG Resources
NANOG 91 Program Information

Justin Ryburn: Justin Ryburn is the Field CTO at network observability company Kentik. He has 25 years of experience in network operations, engineering, sales, and marketing with service providers and vendors. Justin contributed content to Cyber Forensics (Auerbach Publishing, 2007) and authored Day One: Deploying BGP FlowSpec (Juniper, 2015). He has also spoken at numerous industry conferences on the topics of network observability and security. Justin currently lives in St. Louis with his wife and two kids. His blog is at ryburn.org and you can follow him on Twitter or LinkedIn.
Full Abstract

Welcome to NANOG 91! Join us as we officially kick-off three days of great programming and networking events.

Leslie Daigle: Leslie Daigle has been working at the intersection of technology, business/economics and policy to drive effective change for more than twenty years. Leslie is currently the Chief Technical Officer and Director of the Internet Integrity Program at the Global Cyber Alliance (GCA), furthering GCA’s development and deployment of global solutions that contribute to eradicating cyber risk. Leslie is the Principal at ThinkingCat Enterprises, as well as co-founder and co-host of the TechSequences podcast, which explores the many facets of Internet technology, along with its intended (and sometimes unintended) consequences.
Stevan E Plote: Have worked at multiple start-ups as well as larger companies. Extensive experience evangelizing networking solutions to Telecom, Internet Content and Data Center Service Providers as well as OEM and component partners. Active with Industry Forums and Standards Bodies including IEEE, MEF, Optica and NANOG.
Full Abstract

Once upon a time it was unthinkable to have a company meaningfully more complicated than a local florist that didn't have a network engineer on staff, or at least retainer. Today the world is vastly different. Remarkably good senior engineers abound in the tech industry who are pretty sure "BGP" is a band that teenagers are into. In this disturbingly entertaining talk, we'll explore what's happened to our industry, and where it's going next.

Corey Quinn: Corey is the Chief Cloud Economist at The Duckbill Group, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "Last Week in AWS" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure.
Speakers
  • Speaker Corey Quinn - The Duckbill Group
Full Abstract

It's been a while since I adopted a new habit. The last few days of every year are a special time for me to recap what happened and what I learned in my personal and professional life. Additionally, I have a stash of notes that I've collected over the years. This session will demonstrate four of the most important lessons in my professional life and career in IT, notably managing high-performance teams in two of the largest public cloud providers in the world: Oracle Cloud and Amazon. While I learned these lessons the hard way and through a lot of trial and error, this short session is an attempt to share that experience not just with my peers in leadership roles but also with anyone who wants to manage even a small team of one. Here I will go over the four principles of (1) The power of authenticity, (2) The impossible self-cloning, (3) The concept of flexible 1:1s, and (4) The handling of unreasonable requests.

Kam Agahian: Kam is the Senior Director of Cloud Engineering at Oracle in Southern California, with over 25 years of experience in designing and implementing complex network and cloud architectures. Over the years, Kam has interviewed over 1,000 candidates in North America, APAC, and EMEA for various network engineering and leadership positions. He has also managed truly diverse and international teams around the world. Kam has previously presented at NANOG 76, NANOG 77, NANOG 85, and NANOG 87. You can follow his random thoughts and educational posts on LinkedIn.
Speakers
  • Speaker Kam Agahian - Oracle
Full Abstract

As part of this research, we demonstrate the surprising impact of 1% packet loss on throughput, both in symmetric and asymmetric networking topologies, in the environment using CUBIC congestion avoidance algorithm. Our findings reveal a significant decrease in throughput, more than 70%, compared to baseline measurements without packet loss. Moreover, we explore the effects of increasing packet loss levels, up to 10%, and observe a compounding decline in throughput, indicating the importance of addressing even minor levels of packet loss. We compare attained results using CUBIC congestion avoidance algorithm, in both topologies, with those achieved using the BBR congestion avoidance algorithm, advocating for broader and faster adoption of BBR.

Kemal Sanjta: Kemal is a result-oriented engineer focusing on designing, operating and troubleshooting large-scale networks. Passionate Linux user with a deep understanding of SRE/NRE practices. Over the last two decades, he worked at several large-scale companies applying NRE practices and automating remediation actions. As a Principal Internet Analyst at ThousandEyes, he focuses on research and providing deep and meaningful insights into outages through the lenses of ThousandEyes.
Adiel Akplogan - ICANN
Full Abstract

This 15-minute talk introduces the audience to ICANN's KINDNS Initiative. Modeled on ISOC's MANRS program, KINDNS (which stands for Knowledge-sharing and Instantiating Norms for DNS and Naming Security) aims at developing a simple but effective framework for a secure DNS operation to which operators can voluntarily and easily commit. This framework should be something simple to refer to and be accessible to even small operators that may typically be unable to dedicate many resources to globally follow both the evolution of the DNS protocol and discussions about operational best practices.

Speakers
  • Speaker Adiel Akplogan - ICANN
Full Abstract

The use of IP spoofing for generating DDoS attacks has been around for decades. In the last several years, tracing back spoofed traffic and engaging networks to deploy ACLs/uRPF to enforce BCP38 has become a common method to disrupt DDoS-As-A-Service providers (also known as booters/stressers). This presentation will cover the overall effort along with methodologies that networks can use to detect this as well as controls they can implement to mitigate this behavior. A number of real-world trace back scenarios will be covered as well as interesting things found along the way.

Speakers
  • Speaker Tom Scholl
John Sweeting - ARIN
Full Abstract

The American Registry for Internet Numbers (ARIN) is a nonprofit, member-based organization that administers IP addresses and ASNs in support of the operation and growth of the Internet. Hear from ARIN's Chief Customer Officer on where the organization sits with IPv6 growth, IPv4 Waitlist and Transfer stats, along with other notable organizational updates.

John Sweeting: John Sweeting is the Chief Customer Officer of the American Registry for Internet Numbers (ARIN), responsible for the overall development, direction and operation of the department. Prior to joining ARIN staff, he served 12 years on the ARIN Advisory Council, 6 of which he was the Chair, and 1 year on the Address Supporting Organization’s Address Council (ASO AC). John served on the Consolidated RIR IANA Stewardship Proposal (CRISP) team which was convened in December 2014 to guide development of the Number Community response to the IANA Stewardship Transition Coordination Group’s RFP.
Speakers
  • Speaker John Sweeting - ARIN
Full Abstract

This talk summarises for a NANOG audience an academic paper recently presented at the "23rd Workshop on the Economics of Information Security". In the paper we evaluate a rare successful intervention in the management of Internet infrastructure -– a multi-year "traceback" campaign to shut down sources of spoofed traffic utilised for DDoS attacks. We assess why it has been possible to "move the needle" on an issue that has dogged the network engineering community for more than thirty years. The decentralised community of competing network providers has few incentives to solve the issue -- which is why little has changed since the flurry of activity when BCP38 (and the century) was new. Our analysis is based on interviews with key players in the initiative. We find that success occurred because the issue of spoofing was migrated away from the incentives of these companies into the incentive structures of the far more densely networked and centralised professional community of network engineers.

Richard Clayton: Richard is a software developer by trade and his software company wrote one of the first Internet access programs for Windows. In the mid-90s the company was sold to Demon Internet (AS2529), then the UK's largest ISP. At the turn of the century he went back to Cambridge to do a PhD and has stayed on as an academic "because it's much more fun than working". He was the founding director of the Cambridge Cybercrime Centre, making many and varied datasets related to cybercrime available to academics so they can concentrate on their research rather than learning the tedium of data collection at scale. Recently he has been advising law enforcement on ways to disrupt "booter" activity and to measure the impact of their actions.
Speakers
  • Speaker Richard Clayton - University of Cambridge
Full Abstract

An ongoing issue with Internet standards development is limited interaction between the standards developers and the network operator community. This talk is a step toward bridging that gap, highlighting ongoing work from the IETF that is likely to be published in the RFC series or will otherwise have notable operational considerations.

David Lawrence: A veteran of the Usenet Wars
Full Abstract

What if you could fully automate your internet exchange? You can! In this presentation, IX founders Chris Grundemann and Matt "Grizz" Griswold will walk through the thinking, the architecture, the tools, and a real example to show you how-to use modern, open-source tools to build an IX operations platform capable of setting your IX to FullAuto.

We will cover the terms and definitions that need to be understood, we'll introduce the network automation philosophy that drives successful projects, and cover the core principles that facilitate excellent execution. Then we'll walk you through an example, using a real IX (IX-Denver), to demonstrate the possibilities - and provide a roadmap for everyone else who wants to do the same.

Automation is not just for network operators. We can, and should, automate our internet exchanges as well. Let's go!

Chris Grundemann: Chris Grundemann is a passionate, creative technologist and a strong believer in technology's power to aid in the betterment of humankind. In his current role as Managing Director at Grundemann Technology Solutions he is expressing that passion by helping technology businesses grow and by helping any business grow with technology. Chris has been using technology, marketing, and strategy to build businesses and non-profit organizations for two decades. He holds 8 patents in network technology and is the author of two books, an IETF RFC, a personal weblog, and a multitude of industry papers, articles, and posts. He is a co-founder and Chief Executive Officer (CEO) for FullCtl, the interconnection automation company; as well as a co-founder of the Network Automation Forum, the organization behind the AutoCon series of events. Chris is the creator and co-host of The Imposter Syndrome Network Podcast, focused on encouraging the next generation of digital infrastructure engineers. He is also a co-founder, Director, and Chair Emeritus of IX-West and the Chair of the Board of Directors of OIX, the global data center and interconnection standards body. He has held previous volunteer positions with CO ISOC (which he founded), ISOC-NY (Vice President), ARIN, NANOG, SANOG, AfPIF, CEA, UPnP, DLNA, RMv6TF, and several others. Chris has given presentations in 34 countries on 5 continents and is often sought out to speak at conferences, NOGs, and NOFs the world over. Currently based in West Texas, Chris can be reached via his website at chrisgrundemann.com.
Speakers
Nima Sharifi Mehr - Amazon Web Services (AWS)
Full Abstract

This talk discusses methods and challenges involved in disrupting the operations of groups that carry out Distributed Denial of Service (DDoS) attacks. To disrupt DDoS attack operations, automated mechanisms need to continuously track global DDoS attacks and identify their orchestration infrastructures. This information enables sending high-quality takedown requests to hosting providers and domain registrars used by the DDoS groups. Successful takedown requests disrupt the attacks and demotivate DDoS operators by hampering their ability to keep their services running for financial gain. The takedown requests also help the recipient service providers to address gaps in their abuse detection and keep DDoS operations out of their platforms. However, these service providers respond to takedown requests at varying degrees of speeds and efficacy. The talk will explore alternative mechanisms to address these inconsistent responses.

Speakers
  • Speaker Nima Sharifi Mehr - Amazon Web Services (AWS)
Full Abstract

In this session we review IPv6 features and capabilities on AWS, best practices for adopting IPv6 on AWS, and reference architectures. We also dive deeper into the common use cases that drive customer IPv6 adoption on AWS, and lessons learned to help you accelerate your IPv6 adoption journey.

Alexandra Huides: Alexandra Huides is a Principal Networking Specialist Solutions Architect within Strategic Accounts at Amazon Web Services. She focuses on helping customers build and develop networking architectures for highly scalable and resilient AWS environments. Alex is also a public speaker for AWS, and is helping customers adopt IPv6. Outside work, she loves sailing, especially catamarans, traveling, discovering new cultures, and reading.
Speakers
  • Speaker Alexandra Huides - AWS
Full Abstract

The forum provides time for attendees to meet and network with others in the peering community present at NANOG.

Peering Representatives, who completed and submitted the form will have a dedicated highboy table for up to 2 representatives. They will be able to distribute business cards, and provide a white paper or 1 sheet marketing page. Please note: any other type of giveaway is not allowed.

Complete the form here: https://www.nanog.org/events/nanog-91/peering/

Full Abstract

Time: 7:00pm - 10:00pm
Location: No Other Pub (https://www.powerandlightdistrict.com/eat-and-drink/no-other-pub)
Address: 1370 Grand Blvd - 8 Min walk

*NANOG Badge required for entry

Tuesday, June 11, 2024
Topic/Presenter
Full Abstract

The Members Meeting agenda and link to the webinar details are available for Members only. You MUST be signed in with your NANOG Profile account to view the Members Meeting Agenda page. Please bring (or share via email) any questions you would like to discuss at the meeting.

Kireeti Kompella - Juniper Networks
Full Abstract

Digital twins are used in many contexts, for example, space flights. As networks ramp up on automation, this is a logical next step. This talk will describe what a network digital twin is, what form it could take, how it can be instantiated, what one can do with an NDT, and in what use cases an NDT becomes vital. This talk explores the concepts of NDT and invites discussion and feedback; products and delivery plans, while crucial (in other contexts), are not implied or promised. The desired outcome is an ongoing open dialog.

Kireeti Kompella: Currently SVP and Chief Engineer for the AWAN BU in Juniper Networks, Dr. Kompella was formerly CTO at Contrail Systems, and before that, CTO and Chief Architect, JunOS at Juniper Networks. He has deep experience in Packet Transport, large-scale MPLS, VPNs, VPLS, and Layer 1 to Layer 3 networking, and has been very active in the IETF, both as a former co-chair of the CCAMP Working Group and as author of several Internet Drafts and RFCs (in the CCAMP, IS-IS, L2VPN, MPLS, NVO3, OSPF, and TE WGs). His current passion is to develop the Self-Driving Network(tm). He has been working in WAN automation as part of the Paragon Automation team. His focus is a highly customizable, intent-based service orchestration system with intelligent service placement. Prior to Juniper, Kireeti worked on file systems at NetApp, SGI, and ACSC (acquired by Veritas). Kireeti received his BS EE and MS CS at IIT, Kanpur, and his PhD in Computer Science at USC, specializing in Computational Number Theory and cryptography.
Speakers
  • Speaker Kireeti Kompella - Juniper Networks
James Harr - Internet2
Full Abstract

IPv6 has been "the next generation of IP" for over 20 years. For the longest time, the gold standard has been to run a network with both IPv4 and IPv6, however operating both protocols at the same time presents an additional operational challenge. With the global share of IPv6 traffic nearing 40-50%, it's time to re-evaluate our goal and look at ways to run networks that are largely IPv6-only. So how do we start testing IPv6-only technologies? They can be complex to setup and troubleshoot even for seasoned network engineers let alone application developers, IT support personnel, and others with limited networking experience.

Enter the IPv6 Test Pod, a device that intends to makes testing IPv6-only networks easy, made possible by the ARIN Community Grants program. The IPv6 Test Pod delivers a several IPv6-enabled networks, presented as SSIDs that the user can join to start testing IPv6-only technologies -- including dual-stack (as a baseline), IPv6-only, DNS64/NAT64, 464XLAT, and others. The IPv6 Test Pod is made available for no cost to project participants and participants can be anyone interested in testing IPv6-only networks including IT support personnel, developers, or even network engineers that are too busy to test IPv6-only networks. Dual stack is arriving, let's get ready for an IPv6-only world.

Speakers
  • Speaker James Harr - Internet2
Full Abstract

An exploration of network automation, specifically crafted for experienced network engineers. This session will guide you through different automation types, from scripting for task automation to the advanced strategies of intent-based networking. We'll clarify the vital role of a 'Source of Truth' in network automation, discuss the integration of workflow engines into broader network strategies, and distinguish between templates and services in practical scenarios. Designed to offer clear, actionable insights, this talk aims to enable your assessment of network automation techniques.

James Henderson: James Henderson is an Automation Solutions Architect at Ductus with over a decade of experience in the telecom industry. He specializes in network automation, NETCONF, YANG, and RESTful APIs. With a background as an instructor, architect, and lead developer, James brings a passion for optimizing network design changes and enforcing rigorous testing systems.
Full Abstract

When it comes to Internet access, Indigenous communities are among the most underserved throughout North America. According to Canada’s ISED, 97 percent of urban households have access to high-speed Internet, compared to only 37 percent in rural communities. The statistics are even more bleak for Indigenous communities, where just 24 percent have access to high-speed Internet.
The Internet Society works with Indigenous communities to find and implement sustainable solutions that meet their unique connectivity needs. Supporting communities to build and maintain local Internet infrastructure has proven to be key to connect the unconnected.
This talk will cover a recent partnership between the Internet Society and the National Research Council of Canada (NRC) that aimed at identifying and training a number of indigenous communities in Ontario and Northwest territories, in preparation for broadband network deployments.
Also, this talk will cover the successful deployment of a wireless broadband network in the indigenous community of Ulukhaktok in the Arctic, which would perhaps be the northern-most such deployment.

Dr. Hosein Badran: Dr. Hosein Badran holds the position of Senior Director, Internet Growth and Trust, with the Internet Society, based in Ottawa, Canada. He represents the Internet Society at the ITU-T standardization organization, particularly SG11, SG13 and SG17, and invited member of the Canadian ITU-T National Study Groups NSG11, NSG13 and NSG17. Special focus in the standardization work is on topics related to the evolution of the Internet - proposals potentially resulting in the fragmentation of the Internet, like NewIP and related proposals. He is a member of the North American Network Operators Group (NANOG) Education Committee, and the Canadian Forum for Digital Infrastructure Resilience (CFDIR), established by Innovation, Science and Economic Development Canada (ISED). He is a co-author of the final report of the Canadian Multi-stakeholder Initiative on IoT Security: “Enhancing IoT Security: Final Outcomes and Recommendations”. He has been a member of the Steering Committee of the Arab IGF since its inception in 2010, overseeing the program content for the annual event, and was the Chair of the Program Committee of the Canadian IGF 2020. During his career of over 25 years as C-level expert, he spent 14 years with Cisco Systems as Distinguished Systems Architect and Regional Chief Technology Officer as a member of the Cisco CTO Office. Before joining the Internet Society, he spent three years as Director, Special Projects and Innovation, at Qatar Computing Research Institute (QCRI), a member of Qatar Foundation, in Doha, Qatar, where he led projects dealing with machine learning and data-driven optimization in different national socio-economic initiatives including smart transportation, e-health, aviation, and cybersecurity. He worked also with Nortel Networks in Ottawa, Canada, FORE Systems (now Ericsson) in Dubai, and Siemens AG in Munich, Germany. Dr. Badran holds a Ph.D. in Electrical Engineering from Queen’s University in Canada. https://www.linkedin.com/in/dr-hosein-f-badran-4b56941/
Speakers
  • Speaker Dr. Hosein Badran - Internet Society
Full Abstract

Continue the conversation! Join us in the Diversity, Equity, + Inclusion Lunch to extend the discussion about how to help create a more inclusive and diverse workplace.

Full Abstract

Check out NANOG’s new series - Community Deep Dive. Each episode, NANOG host + producer Elizabeth Drolet will take a deeper look at the tech leaders + legends that call NANOG home. Videographer: Leigh Brooks

Full Abstract

Exploring integration options:
- gNMIc
- Prometheus client library (i.e. Python)
- Exporter installed directly in Network Element
- Unified Telemetry Model (NMS or SDN)
Dissect advantages and challenges of each option.
Selecting the best monitoring solution based on network needs and resources.

Mauricio Rojas: Mau has been working in the IT Industry for more than two decades, most of this time, leading the introduction of new technologies for Data Centers and Cloud in new markets. Originally from Santiago of Chile, he's currently working as Network Automation rPLM in Nokia, supporting US and Canada. Continuously testing the limits of use cases that involves techs like Kubernetes, YANG or Automation Frameworks in General. Mau's also passionate with art (Instagram: p1nrojas), using what is left of his creativity at work into the canvas or digital illustrations.
Speakers
  • Speaker Mauricio Rojas - Nokia
Full Abstract

In the rapidly evolving landscape of network management, the integration of automation has become a pivotal force in ensuring efficiency, reliability, and adaptability. Join us in this enlightening session as we delve into the world of Network Automation through the lens of Model Based/Driven Management.
The journey begins by unraveling the significance of network automation for operators, exploring its transformative impact on operational agility, error reduction, and scalability. A focal point of our discussion will be the introduction to YANG data modeling, shedding light on its role as a standardized framework for expressing network device configuration and state data.
As we navigate the diverse terrain of network automation tools, our exploration extends to the realm of data formats such as JSON and XML. Emphasis will be placed on the integration of open-source tools as a powerful facilitator in automating intricate network tasks.
The session culminates in practical demonstrations showcasing the open-source application of automation in critical domains—configuration management, service provisioning, and network monitoring. Witness firsthand the seamless orchestration of tasks, empowering network operators to optimize their resources and respond dynamically to evolving demands.

ILKER ALICI: ilker is Regional Product Line Manager and Senior Consulting Engineer focused on Nokia SROS & SR-Linux products & solutions within Nokia`s Network Infrastructure Division based in Sunnyvale, CA. ilker has 17 years of experience in the networking industry within the areas of network design, pre-sales, business development and product line management. He has gained extensive international experiences with a deep understanding diverse cultural and business practice by participating projects and holding different roles within Nokia over 20 Countries, 5 Continents. Ilker has a Master of Business Administration, Electronics and Telecommunication Engineering degrees.
Mauricio Rojas: Mau has been working in the IT Industry for more than two decades, most of this time, leading the introduction of new technologies for Data Centers and Cloud in new markets. Originally from Santiago of Chile, he's currently working as Network Automation rPLM in Nokia, supporting US and Canada. Continuously testing the limits of use cases that involves techs like Kubernetes, YANG or Automation Frameworks in General. Mau's also passionate with art (Instagram: p1nrojas), using what is left of his creativity at work into the canvas or digital illustrations.
Speakers
  • Speaker ILKER ALICI - NOKIA
  • Mauricio Rojas - Nokia
Ron Bonica - Juniper Networks
Full Abstract

Network operators engineer their networks with enough capacity to service peak loads. They also engineer redundant capacity into their networks. During off-hours, much, if not most, of this capacity is unused.

Sadly, most networks consume nearly the same amount of power during off-hours as they consume during peak-hours.

In this presentation, we propose a power management portal that reports a) network status, b) network power utilization and c) network power efficiency. It also proposes strategies for powering down selected router components during off-hours and powers those router components up and down as per the proposed strategy.

This power management portal is under development and the authors are soliciting co-innovators.

Ron Bonica: Ron Bonica is a Distinguished Engineer at Juniper Networks, specializing in network operations, IPv6 and Segment Routing. He is active in the Internet Engineering Task Force (IETF), having authored or co-authored twenty-two RFC documents and served three two-year terms as co-director of the IETF Operations and Management Area. Ron currently co-chairs the IETF V6OPS and OPSEC Working Groups. Prior to joining Juniper Networks, Ron was employed by a major Internet Service Provider and operated an Layer 3 Virtual Private Network for U.S. Government customers.
Speakers
  • Speaker Ron Bonica - Juniper Networks
David Tatlisu - IONOS SE
Full Abstract

A bird's-eye view over IONOS' European backbone, connecting about three dozen locations in Europe.
This is not about IONOS as a company, but the engineering decisions and lessons learned
Topics are
- How we route traffic
- How DDoS attacks are mitigated
- How acquired companies are integrated working around IPv4 collisions
- Operator's notes deploying unnumbered IS-IS + SR-MPLS and MACSEC everywhere.

Speakers
  • Speaker David Tatlisu - IONOS SE
Full Abstract

As Roblox scales at an unprecedented rate, our legacy network collector architecture is becoming increasingly inadequate for efficiently gathering network device metrics. This presentation dives into the limitations of the existing system and unveils our innovative new architecture designed to scale 10x our current capacity. We will explore the challenges that necessitated this shift and the key features of the new architecture that ensures it can handle Roblox's ever-growing needs.

Speakers
Susan Hares - Huawei
Jeffrey Haas
Full Abstract

The IETF standards for BGP are created in the Inter-Domain Working Group. Are you interested in finding out what's changing in BGP standards? The IDR chairs will present the latest changes to BGP. This includes standards on Intent/Color Routing, BGP-LS, SR-Routing, BGP Yang models, fixing "Stuck BGP sessions," version 2 of Flow Specification, and more.

Are you irked about something in BGP or BGP standards? Come to the session and complain to the IDR Chairs. Your opinions matter to the IDR chairs.

Jeffrey Haas: Jeffrey Haas is a Distinguished Engineer at Juniper Networks where he works on the implementation and specification of BGP. Jeffrey is a Chair at the IETF IDR (inter-domain routing) Working Group where BGP is standardized. Additionally, in IETF, Jeffrey is a Chair for the BFD (bi-directional forwarding detection) Working Group. Jeffrey has been involved in working on Internet technologies since the late 90's where he worked at a small tier-3 ISP doing everything from helping people setup dial-up networking to helping maintain the company's Internet routing. Since then, he's worked at the NextHop startup that commercialized the GateD software; at Arbor Networks where he worked on routing, flow analytics, and management software; and most recently with Juniper. Jeffrey's day job is a mix of work on code, standards, and working with customers solving interesting problems. For fun, Jeffrey spends his off hours as an active participant in the Society for Creative Anachronism (SCA) and thoroughly enjoys a good, dark beer.
Speakers
  • Speaker Susan Hares - Huawei
  • Jeffrey Haas
Stefan Funke - Inter.link
Full Abstract

With a few simple changes, IP-transit customers can increase the reliability of the prefix filtering provided to them by their IP-transit providers, and hopefully avoid easy-to-mitigate prefix filtering issues.

As an IP-Transit provider, we (Inter.link) often encounter prefix list generation issues with our customer's IRR data. In this talk we'll present some easy to implement changes, in relation to their IRR data and PeeringDB data, that have helped our customers, which other IP-transit customers can implement to improve the quality of their service with their provider.

Speakers
  • Speaker Stefan Funke - Inter.link
Full Abstract

The FCC published an NPRM about issuing regulation relating to securing internet routing.

Speakers
  • Speaker Nimrod Levy - AT&T
Vicky Risk - Internet Systems Corporation (isc.org)
Full Abstract

What do users look for when assessing the security and quality of open source? How does that compare with what open source developers think is important in controlling quality and security?
This talk presents the results of a survey of network administrators done earlier this year. The user results were surprising for this open source developer and publisher. Given the current wave of regulation and standards-making in both the EU and the US around software security and quality, perhaps more should be done to assess what matters to open source consumers.

Speakers
  • Speaker Vicky Risk - Internet Systems Corporation (isc.org)
Barrie Cook - Barrie Jones Cook Consulting LLC
Full Abstract

Barrie has been an independent network engineering consultant for 20 years. She will talk about why someone might want to do this over a steady full-time job, and some pros and cons of doing so. She'll wrap up with a few tips and ideas for those who do decide to take the plunge.

Speakers
  • Speaker Barrie Cook - Barrie Jones Cook Consulting LLC
Full Abstract

Time: 8:00pm
Two Locations: (located side by side)
Sinkers Lounge 53 W 13th Street Kansas City, MO 64105
Blade and Timber 1303 Baltimore Avenue Kansas City 64105

RSVP required - https://teetimewithh5segraandarelion.splashthat.com/

*NANOG Badge required for entry

Wednesday, June 12, 2024
Topic/Presenter
Full Abstract

Google gRPC gNOI service is a commonly used tool today to manage TLS certificates. This session introduces the audience to gRPC gNSI service that is being developed by Google for all security related operations on the router. We will start with a brief overview of TLS, discuss challenges with TLS configuration on a router followed by a recap of gNOI and an introduction of gNSI.

Saju Salahudeen: Saju Salahudeen is a Principal Consulting Engineer for IP Networks at Nokia and a member of NANOG Education Committee. He has 17 years of experience in the Telecom industry with 12 years in IP Networking and Multi-Vendor Network Automation. In his current role, his focus area is to help Webscale networks adapt to the current and future demands of the industry. Prior to this, he was a Senior Sales Engineer for IP and Network Automation at Nokia. Saju was born in India, studied in Dubai and now resides in Toronto, Canada.
Speakers
  • Speaker Saju Salahudeen
Full Abstract

Sub-prefix BGP hijacks and fraudulent SSL certificates are becoming more common.
This session will review several hijacks and include discussion and Q&A relevant to the ISP, network operator, and hosting community.
This presentation and panel discussion time is an opportunity to review current best practices for prevention, detection, and response and what solutions are emerging.

Full Abstract

Datacenters are comprised of thousands of servers, network and storage devices. Data Center Networks (DCNs) are the communications backbone of a datacenter. Several architectural and design innovations have been introduced in DCNs to address the growing size and increasing operational demands of the datacenter. From a protocol perspective, these demands and challenges have been addressed primarily by aggregating multiple off-the-shelf protocols and retrofitting them to the DCN communication needs. This aggregation has resulted in higher overhead, added operational complexity and requires increased effort to perform DCN troubleshooting and maintenance.
In this work we present a new protocol that leverages the structured and symmetrical DCN topology to significantly simplify DCN operations of routing, load balancing, fast failure detection and IP packet forwarding between the servers. We introduce the Multi-Root Meshed Tree Protocol (MR-MTP) which establishes routes without a routing protocol, performs load balancing, provisions fast failure recovery and forwards IP packets between servers. Testing was performed by adopting the folded-Clos topology. The performance of MR-MTP was compared to the popular protocol suite used in folded-Clos topology DCN, i.e. Border Gateway Protocol (BGP for routing), Equal Cost Multipath Protocol (ECMP for load balancing) and Bidirectional Forwarding Detection (BFD to speed up convergence).
As both TCP and UDP are required in folded-Clos (BGP requires TCP for its operation and BFD requires UDP), MR-MTP is replacing six protocols in a DCN router, i.e. BGP, TCP, ECMP, BFD, UDP and IP. MR-MTP is fully backwards-compatible to Internet Protocol (IP) and Ethernet. MR-MTP autoconfigures and auto-assigns routable addresses to the DCN routers, reducing the configuration needs. MR-MTP coded in C language was compared to the protocol suite BGP/ECMP/BFD (from frrouting.org) using folded clos topologies set up in the Fabric testbed (https://portal.fabric-testbed.net).
The results (provided in the slides) of these comparisons clearly demonstrate that significant performance improvement can be achieved with MR-MTP over BGP/ECMP/BFD. The testing evaluated convergence time, control overhead, packets lost, and blast radius on an interface failure. Given its unique approach, MR-MTP offers many other benefits including reduced hardware required to manufacture, immunity from traditional attacks against BGP, TCP and IP, reduced power consumption (and associated cooling costs) among others which will be investigated in the future.

Nirmala Shenoy: Dr. Nirmala Shenoy, received her Bachelors and Master’s in Engineering from Madras University, India. She worked as a Research Scientist in Central Electronics Engineering Research Institute in Chennai, India. She was recipient of the Deutscher Akademischer AustauschDienst, (DAAD) a German fellowship, during which period she received a PhD in Computer Science from University of Bremen, Germany. Dr. Shenoy taught at the Information Communication Institute of Singapore, a collaboration of AT & T Bell Labs US & National Computer Board, Singapore. She subsequently held teaching and research positions in Australian Universities, before joining Rochester Institute of technology, Rochester, New York as Professor in the ISchool, School of Information, Golisano College of Computing and Information Sciences. Her research focus is design, development and evaluation of clean slate protocol solutions to challenging networks problems.
Full Abstract

RPKI ROV adoption has grown significantly over the past five years. In a recent milestone, the percentage of IPv4 routes in the global routing table with ROAs has finally crossed 50% (IPv6 crossed this mark last year). In addition, another major telecom began rejecting RPKI-invalid routes reducing the propagation of these problematic routes even farther.

Finally, this talk with present an analysis of the 'effective expirations' of ROAs and how the behavior of these expirations varies greatly between RIRs due to differences in their cryptographic chains.

Doug Madory: Doug Madory is the Director of Internet Analysis for Kentik where he works on Internet infrastructure analysis. The Washington Post dubbed him “The Man who can see the Internet" for his reputation in identifying significant developments in the structure of the Internet. Doug is regularly quoted by major news outlets about developments ranging from national blackouts to BGP hijacks to the activation of submarine cables. Prior to Kentik, he was the lead analyst for Oracle's Internet Intelligence team (formerly Dyn Research and Renesys).
Speakers
  • Speaker Doug Madory - Kentik
Full Abstract

meshrr is a concept of how to leverage the possibilities of cloud technologies for the benefit of traditional networking infrastructure. It is a scale-out, hierarchically-capable, BGP route reflector and route server approach using Juniper cRPD on Kubernetes.

Jason Rokeach: Jason Rokeach is a Senior Solutions Architect with Juniper Networks' Professional Services division where he focuses on service providers across the US and Canada. Jason spent the decade prior to Juniper in network operations and leading network architecture for service providers, and his passion today lies at the intersection of service provider technologies with cloud-native technology and network automation. Jason spends his off-hours with family, running, hiking, and building and managing DisNOG, the Network Operators' Group on Discord.
Full Abstract

Where exactly are we with BGP security in the global Internet routing system? And what's ahead of us? In this talk I'll reflect on progress made in recent years and look ahead what problems remain and what solutions are in the pipeline. This won't be a "Look ROAs are up and to the right!!11!"-talk, but rather a reflection on various milestones the wider community managed to reach and where the gaps are in this multi-decade journey towards a secure routing system.

Job Snijders: Job Snijders is a Principal Engineer at Fastly where he analyzes and architects global networks for future growth. Job has been actively involved in the Internet community in both operational, engineering, and architectural capacity, as a frequent presenter at network operator events such as NANOG, ITNOG, DKNOG, RIPE, NLNOG & APRICOT, and in a number of community projects for over 15 years. Job is co-chair of the IETF GROW working group, co-chair of the RIPE Routing Working Group, vice president of PeeringDB, director of the Route Server Support Foundation, manager of the IRRd v4 project, member of the RIPE NCC Executive Board, and art director for the OpenBSD project. Job's special interests are BGP routing policies, RPKI based routing security, and Internet scale PKIX-RPKI & BGP deployments. Job helps maintain several tools such as IRRd, rpki-client, bgpq4, OpenBGPD, irrtree, rtrsub, and irrexplorer, and is active in the IETF where they have coauthored or contributed to RFCs and Internet-Drafts. Job also is an OpenBSD developer.
Speakers
  • Speaker Job Snijders - Fastly
Full Abstract

This presentation chronicles our experience, highlighting the critical role of threat intelligence in understanding and countering malicious actors. We’ll delve into the data-driven approach we employed to crack their attack patterns, paving the way for strategic countermeasures.
The talk will showcase the effectiveness of these implemented best practices:
Disabling PTR Records: We’ll explore the strategic decision to disable PTR records, dismantling a tactic often used by spammers for social engineering. This proactive step empowered us to seize control of the narrative surrounding our IP reputation.
Enhanced Business Vetting: We’ll discuss how implementing stricter vetting processes for potential partners and customers significantly reduced the risk of unknowingly associating with malicious actors. By establishing a more rigorous onboarding process, we effectively shut down potential infiltration attempts.
Deeper RPKI Adoption: The presentation will highlight the benefits of a robust RPKI deployment, fortifying our network against spoofing attempts and easing our job whenever a quick announcement drop is needed. RPKI served as a digital security shield, ensuring that only authorized sources could originate traffic from our IP addresses.
Other security measures that deemed to be effective to fend off spammers.
The Cost of Resilience
Our proactive approach did not come without challenges. Spammers retaliated with a large-scale DDoS attack and fraudulent chargebacks. While impactful, these disruptions were outweighed by the long-term benefits of a secure network. We persevered, and the implemented strategies ultimately bolstered our ecosystem’s resilience.
By sharing our experiences and best practices, this keynote aims to empower the NANOG community to leverage threat intelligence and strategic defense to navigate the ever-evolving threat landscape and build robust network resilience.

Ignas Anfalovas: I'm Ignas, the Platform Engineering Manager at your service. With a strategic mindset and hands-on experience, I'm focused on ensuring network integrity and security. My mission? To lead our team in fortifying digital networks against threats like SPAM while optimizing performance. I thrive on making data-driven decisions, implementing cutting-edge solutions, and fostering collaboration to safeguard networking platforms and drive continuous improvement in SPAM mitigation strategies and networking efficiencies.
Jeffrey Haas
Matt Paulsen - Juniper Networks, Inc.
Full Abstract

BGP’s deployment model makes even modest software bugs have significant consequences on global Internet routing. 
When is a bug just a bug and not a security issue? 
CVSS is a scoring system used to classify issues and is an important input toward vendors issuing security alerts – and subsequently locking down all information on that issue. 
We discuss BGP and CVSS scoring and its impact upon the availability of information on BGP implementation defects.

Jeffrey Haas: Jeffrey Haas is a Distinguished Engineer at Juniper Networks where he works on the implementation and specification of BGP. Jeffrey is a Chair at the IETF IDR (inter-domain routing) Working Group where BGP is standardized. Additionally, in IETF, Jeffrey is a Chair for the BFD (bi-directional forwarding detection) Working Group. Jeffrey has been involved in working on Internet technologies since the late 90's where he worked at a small tier-3 ISP doing everything from helping people setup dial-up networking to helping maintain the company's Internet routing. Since then, he's worked at the NextHop startup that commercialized the GateD software; at Arbor Networks where he worked on routing, flow analytics, and management software; and most recently with Juniper. Jeffrey's day job is a mix of work on code, standards, and working with customers solving interesting problems. For fun, Jeffrey spends his off hours as an active participant in the Society for Creative Anachronism (SCA) and thoroughly enjoys a good, dark beer.
Speakers
  • Speaker Jeffrey Haas
  • Matt Paulsen - Juniper Networks, Inc.
Full Abstract

This presentation will explore the integral role of the Number Resource Organization (NRO) and the Regional Internet Registries (RIRs) in global internet governance, with an emphasis on the new NRO RPKI Program, an initiative overseen by the NRO Executive Council. As a strategic effort under the NRO and RIRs, the RPKI Program is pivotal in advancing the development and adoption of Resource Public Key Infrastructure (RPKI) across the globe, enhancing the security and stability of internet routing. We will introduce the leadership team spearheading this program, outline our strategic objectives, and discuss the impactful initiatives that are currently being developed. The presentation will emphasize how this program is a collaborative effort guided by the expertise and governance of the NRO Executive Council, seeking to draw in active feedback from the technical community to refine and innovate our approach. Concluding with detailed resources and avenues for engagement, attendees will gain insights into the significance of their participation in shaping the future of internet security through the NRO RPKI Program.

Sofia Silva Berenguer: Program Manager, Process and Productivity Engineer, Ontological Coach and mum. Sofía holds an MSc in Telematics Engineering and is an Ontological Coach. She works as the RPKI Program Manager for the NRO and the Process and Productivity Engineer for the Registry Value Stream at APNIC. She joined the RIR world in 2010 when she started working for LACNIC as a Hostmaster and Policy Officer. She then held a few different technical roles at LACNIC, as a Networks and Security Engineer first, then moving on to a role as a Senior Security and Stability Specialist. She joined APNIC in 2017 as a Data Scientist, then became a Product Manager and later a Productivity Coach.
Aaron Atac - Akamai
Speakers
  • Speaker Aaron Atac - Akamai
Full Abstract

To be presented by Lee Howard:
I want people to go home and tell their bosses how great NANOG was and how much they learned. But I think people need reminders.

So my lightning talk will be the above paragraph, followed by:

So what did you learn this week? What will you take back to work?
Please, everyone line up at the mic. And if you don't mind, if you're standing in line and you see someone behind you with a Newcomer badge, maybe let them go in front of you.

I think that not only will this get people thinking about how to justify their travel to Toronto, but having other people say, "This is what I learned" will remind people of the good stuff that they can also take back.

Speakers
  • Speaker Lee Howard - IPv4.Global
Full Abstract

The Elections Committee will provide a brief session on the how to and benefits of joining the NANOG Board.

Speakers
  • Speaker Chris Rogers - MorePeering
Speakers
  • Speaker Adair Thaxton

 

Morning Showcase, located in City Beautiful Foyer, is open Monday - Wednesday from 9:00am - 12:00pm.

Afternoon Showcase, located in City Beautiful Foyer, is open Monday - Tuesday from 1:30pm - 4:30pm.

Network Lounge, providing open seating space for attendee networking, located in City Beautiful Foyer.

Espresso Bar, is open Monday - Wednesday from 8:30 am to 4:30 pm, providing complimentary coffee drinks, located in City Beautiful Foyer.

Please note the agenda lists all official NANOG events. Any other gatherings that use the NANOG name are not affiliated.

Meeting Floor Plans

n91 Ballroom

Click to enlarge

n91-junior ballroom

Click to enlarge

>