NANOG Program Committee: Wednesday, October 4, 2017

back to meeting agenda.

Wednesday Extended Breakfast
Date/Time	7:30 AM to 9:45 AM
Location	Regency Ballroom 1
back to meeting agenda.
Wednesday Meeting Registration
Date/Time	7:30 AM to 5:00 PM
Location	Market Street Foyer
back to meeting agenda.
Wednesday Espresso Bar
Date/Time	8:30 AM to 4:00 PM
Location	Market Street Foyer
Sponsors	Serro
back to meeting agenda.
How to use Machine Learning for Testing and Implementing Optical Networks
Date/Time	10:00 AM to 10:45 AM
Location	Imperial Ballroom
Presenters	Speaker Stevan E Plote, Nokia Steve Plote, is Optics Consulting Engineer at Nokia. He is currently responsible for the support of all Nokia sales teams in the Americas as well as Channel Partners. Focusing on Network designs for the delivery of real time, next generation services for Video transport, Carrier Ethernet, Consumer Content Distribution, and Cloud Computing. He has personal responsibility for the network engineering and support for the WEB2.0 and Content Service Providers in North America. Mr. Plote has more than 30 years of experience in Data Center Interconnect, Telecommunications and LAN switching and transmission solutions. Prior to joining Nokia, he was Solutions Business Development and CSP Systems Engineering at BTI Systems and prior to that was Solutions Sales Director at Tellabs. He has many professional memberships and committee involvements including NANOG PC, OFC, MEF, IEEE, OSA, IEC and IETF. Jesse Simsarian, Nokia Bell Labs Jesse Simsarian is a Member of Technical Staff at Nokia Bell Labs in New Jersey. Since joining Bell Labs in 2000, he has been researching optical networks and switching, including software-defined transport networks, fast-switching coherent optical receivers, and scalable optical packet routers. From 1998 to 2000 he had a National Research Council Fellowship at the National Institute of Standards and Technology in Gaithersburg, MD. He received the Masters and Ph.D. degrees in physics from SUNY Stony Brook in 1995 and 1998, respectively, and is a Senior Member of the OSA and IEEE. He has authored or co-authored 80 publications and holds several patents. Peter Winzer
Abstract	Optical transport networks are evolving to have unprecedented flexibility with advances such as finely tunable bitrate transponders, allowing dynamically-adaptive operation near the fiber Shannon capacity limit at near zero system margin. How Network Operators and Content Providers can take advantage of this without having a staff of optical experts to drive network performance optimization is by using machine learning. Furthermore, the development of network operating systems (OS) enables network programmability and support for multi-vendor network elements. Network operating systems lay the foundations for advanced machine learning algorithms that operate on an abstracted network representation presented by the network OS. Refinement of the network model parameters improves the machine learning results and its representation of the actual network. In this talk we will discuss how network sensing, machine learning, and actions taken by the network OS can lead to a more optimized network that can efficiently support traditional and cloud network services. We will also point to challenges that will have to be overcome to make such networks commercially viable.
Presentation Files	How to use Machine Learning for Testing and Implementing Optical Networks - Plote
Video Files	How to use Machine Learning for Testing and Implementing Optical Networks
back to meeting agenda.
Model Driven APIs for the Network infrastructure Layer
Date/Time	10:45 AM to 11:30 AM
Location	Imperial Ballroom
Presenters	Speaker Akshat Sharma, Cisco Systems Inc. Akshat Sharma is a Technical Marketing Engineer in the Web Solutions space at Cisco .His day job includes a core focus on Network operating system architecture and Devops tooling in the Web and Service Provider domain. With 8 years of experience across a variety of sectors including DevOps, Automation, SDN, data center deployments, and even Multicast deployments across Service providers, he now spends his time tinkering with open source tools to make networking a lot more fun!
Abstract	Over the past decade, there has been an increasing amount of interest in the industry (Service APIs (NPF), I2RS (IETF) etc.) to create a standardized API at the network infrastructure layer. This layer may include components such as the RIB, Label Switch Database, BFD etc. and presents an opportunity to enable SDN controllers and network protocol augmentations to leverage lower layers of the vendor stack and achieve greater control and flexibility in the management and operationalization of networks. In this session we showcase a high performance, model-driven implementation of such an API over GRPC and discuss its implications through use cases in Service provider and Data center deployments.
Presentation Files	Model Driven APIs for the Network infrastructure Layer - Sharma
Video Files	Model Driven APIs for the Network infrastructure Layer
back to meeting agenda.
Mapping of Address and Port using Translation (MAP-T): Deployment at Charter Communications
Date/Time	11:30 AM to 12:00 PM
Location	Imperial Ballroom
Presenters	Speaker Jordan Gottlieb, Charter Communications Jordan Gottlieb is a Chief Architect in the Network Engineering and Architecture group at Charter Communications. He is based out of Denver, CO and has been with Charter since 2011. His diverse industry background includes startups and established companies with engineering roles in healthcare, financial service, and service provider organizations.
Abstract	The current scarcity of IPv4 Internet addresses is a concern for service providers and other large organizations that provide broadband Internet access. The preferred mitigating technology, IPv6, is not anticipated to reach sufficient levels of adoption before the availability or cost of IPv4 addresses becomes a challenge for these organizations. While an IPv4 address sharing scheme is clearly needed, it should not replace or detract from efforts to adopt and deploy IPv6. Mapping of Address and Port using Translation (MAP-T) is a technology that provides IPv4 address sharing capabilities that use and can co-exist alongside native IPv6 facilities. This presentation provides an introduction to MAP-T geared towards service providers and other large network operators.
Presentation Files	Mapping of Address and Port using Translation (MAP-T): Deployment at Charter Communications - Gottlieb
Video Files	Mapping of Address and Port using Translation (MAP-T): Deployment at Charter Communications
back to meeting agenda.
Wednesday Lunch (On Your Own)
Date/Time	12:00 PM to 1:15 PM
back to meeting agenda.
Announcement of Board Election & Bylaw Results
Date/Time	1:30 PM to 1:40 PM
Location	Imperial Ballroom
Video Files	Announcement of Board Election & Bylaw Results
back to meeting agenda.
Segment Routing IPv6 – The Network as A Computer and deployment use-cases with Comcast
Date/Time	1:40 PM to 2:40 PM
Location	Imperial Ballroom
Presenters	Speaker Gaurav Dawra, Cisco Systems Gaurav Dawra is with Cisco System and has career leading innovation, productization, marketing and deployment activities. As core participant of the Segment Routing Technology, he holds multiple patents and has contributed and authored IETF documents in network communications. Gaurav has been actively involved in defining the Segment Routing technology and its focus on Enterprise, SP and DC customers.
Abstract	Segment Routing (SR) is an architecture based on the source routing paradigm that seeks the right balance between distributed (network-wide) intelligence and centralized (controller-based) programmability. Commercial deployments of SR using the MPLS forwarding plane have been very successful. The focus of this presentation will be on IPv6 Segment Routing (SRv6). SRv6 enhances the properties of network simplification, strict SLA enforcement, automation and scaling (stateless fabric) pioneered by SR-MPLS. SRv6 extends the implementation of network programming by allowing “any” instruction to be bound to a segment; for example: forwarding and user-defined instructions. SRv6 use-cases expand into Network Function Virtualization (NFV), Service Chaining, Spray, 5G mobile etc. Comcast operators will discuss their Segment Routing use-cases such as Spray which helps transition their service provider network to something smarter with increased IPv6 capabilities, IPv4 transition mechanisms, and enhanced service delivery. Comcast will also discuss other lead operators use-cases such as VPN overlay, NFV, Service Chaining and 5G mobile and how they are utilizing the Segment Routing (SRv6) technology. In addition, the support of SRv6 in open source projects (Linux Mainline and Vector Packet Processing (VPP) platform) provides Comcast, other network operators and researchers with powerful tools for the validation and deployment of the technology. SRv6 brings untapped potential and innovation to the network layer that translates into impactful opportunities.
Presentation Files	Segment Routing IPv6 – The Network as A Computer and deployment use-cases with Comcast - Dawra
Video Files	Segment Routing IPv6 – The Network as A Computer and deployment use-cases with Comcast
back to meeting agenda.
The critical role of Maximum SID Depth (MSD) hardware limitations in Segment Routing ecosystem and how to work around those
Date/Time	2:40 PM to 3:00 PM
Location	Imperial Ballroom
Presenters	Speaker Jeff Tantsura, IAB/IETF, Apstra Jeff Tantsura has been in the networking space for 20+ years and has authored/contributed to many RFC’s and patents. He is the chair of IETF Routing Working Group, chartered to work on new Network Architectures and Technologies, including Fast Convergence, protocol independent YANG models and Next Gen Data Center Routing Protocols. His work has mostly been focused on: BGP, IGP’s, PCE, Segment Routing and data modeling. Jeff also serves on the Internet Architecture Board (IAB). His focus has been: 5G, low latency, IoT, MEC and Next Gen DC Networking. Work in IETF: http://www.arkko.com/tools/allstats/jefftantsura.html LinkedIn: https://www.linkedin.com/in/jeff-tantsura-bb229b2
Abstract	The presentation talks about the problem space and possible workarounds: MSD – Maximum SID Depth Generic concept defining number of SID’s, HW/SW are capable of imposing on a given node – Applicable to both, SR-MPLS (labels) and SRv6 (SRH’s) data planes Focus of this presentation is SR-MPLS data plane SID stack compression -Efficient path computation algorithms -Compressed SID stack that meets MSD limitations SID stack expansion -Instantiate a new SID stack at the node, within ingress’s MSD limits IETF work: draft-ietf-isis-segment-routing-msd draft-ietf-ospf-segment-routing-msd draft-tantsura-idr-bgp-ls-segment-routing-msd
Presentation Files	The critical role of Maximum SID Depth (MSD) hardware limitations in Segment Routing ecosystem and how to work around those - Tantsura
Video Files	The critical role of Maximum SID Depth (MSD) hardware limitations in Segment Routing ecosystem and how to work around those
back to meeting agenda.
Wednesday Break
Date/Time	3:00 PM to 3:30 PM
Location	Market Street Foyer
Sponsors	Blue Chip Tek Ekinops Peak 10/ViaWest
back to meeting agenda.
Lightning Talk: The Root Canary Project: Measuring the (postponed) rollover of the Root KSK
Date/Time	3:30 PM to 3:40 PM
Location	Imperial Ballroom
Presenters	Speaker Moritz Mueller
Abstract	In this lightning talk I want to introduce the Root Canary Project that monitors the rollover of the Root KSK from many different vantage points. It should act as an early warning system if things go wrong during one of the phases of the rollover process. I first want to talk briefly about a couple of preliminary results. Then I want to invite network operators to participate at the project as well by providing insight into the behavior of their recursive resolvers during the rollover. You can find more information at rootcanary.org
Presentation Files	Lightning Talk: The Root Canary Project: Measuring the (postponed) rollover of the Root KSK - Mueller
Video Files	Lightning Talk: The Root Canary Project: Measuring the (postponed) rollover of the Root KSK
back to meeting agenda.
Lightning Talk: Managing network devices like servers
Date/Time	3:40 PM to 3:50 PM
Location	Imperial Ballroom
Presenters	Speaker Mircea Ulinic, CloudFlare, Inc. Mircea Ulinic is a network engineer for Cloudflare, spending most of his time writing code for network automation. He often talks and presents at industry events about the tools he's working on and how automation really helps to maintain reliable, stable, and self-resilient networks. Mircea's also a major contributor to the NAPALM and Salt projects, being awarded the SaltStack contributor of the year in 2017. Prior to Cloudflare, he was involved in research and later worked for EPFL in Switzerland and a European service provider based in France. In addition to networking, he has a strong passion for radio communications (especially mobile networks), mathematics, and physics. He can be found on LinkedIn, Twitter as @mirceaulinic, and at his website https://mirceaulinic.net/.
Abstract	Beginning with the release Nitrogen (2017.7), Salt provides support to manage network gear that allows execution of custom software. Examples of such platforms include white box devices, e.g., Arista, Cumulus, etc., or others that moved the operating system in the container, e.g., Cisco IOS-XR, Cisco NX-OS, etc. Installing the Salt Minion directly on the device comes with a series of advantages, inherited directly from the server automation - one of the most important being scalability: there are well known deployments of tens of thousands of devices managed like that. For Arista EOS, there's even a dedicated SWIX extension that provides all the necessary packages in order to install the Salt Minion on the switch: https://docs.saltstack.com/en/latest/topics/installation/eos.html
Presentation Files	Lightning Talk: Managing network devices like servers - Ulinic
Video Files	Lightning Talk: Managing network devices like servers
back to meeting agenda.
Lightning Talk: OpenConfig - progress toward vendor-neutral network management
Date/Time	3:50 PM to 4:00 PM
Location	Imperial Ballroom
Presenters	Speaker Anees Shaikh, Google Anees Shaikh is with the Network Architecture team at Google where he works on operational aspects related to SDN, cloud networking, network visibility, and configuration and management in Googles production networks. Prior to joining Google, he was the Chief SDN Architect in IBM System Networking where he was responsible for IBM's software-defined networking product architecture and technical strategy, including leading IBMs open source networking engagements. For over a decade, Anees was a Research Staff Member and Manager at the IBM T.J. Watson Research Center.
Abstract	In this lightning talk, we provide an update on progress toward the vision of the automated, multi-vendor network management stack. We will focus on a set of freely available technologies from the OpenConfig operator group consisting of data models, code generation tools, telemetry software, and management protocols. Our presentation will give examples of production use of these tools and highlight what is coming next.
Presentation Files	Lightning Talk: OpenConfig - progress toward vendor-neutral network management - Shaikh
Video Files	Lightning Talk: OpenConfig - progress toward vendor-neutral network management
back to meeting agenda.
Fast Egress Protection
Date/Time	4:00 PM to 4:30 PM
Location	Imperial Ballroom
Presenters	Speaker Krzysztof Grzegorz Szarkowicz, Juniper Networks Krzysztof Grzegorz Szarkowicz (JNCIE, CCIE) has over 20 years of experience in the networking industry, gained during early years of his career with Hewlett Packard Labs, Telia Research, Ericsson, and Cisco Systems. Then, in 2007, Krzysztof joined Juniper Networks Professional Services team and later became Senior Consultant. He has worked on multiple different projects - mainly in Europe and the Middle East - with many Telecoms and ISP, including some of global reach such as Deutsche Telekom, Telefonica, Telenor, Telstra, Orange, Vodafone or Saudi Telecom. He is the co-author of O'Reilly book titled "MPLS in the SDN Era". Currently Krzysztof holds the position of Solution Architect in Routing Product Team in Juniper Networks.
Abstract	Fast recovery from network failures has been always in the focus of network architects and designers. It is especially important, as many new application (voice/signaling in cellular networks, financial application, applications controlling industrial processes, just to name some examples) are very greedy for minimal traffic loss during network failures and subsequent traffic recovery. While many good techniques have been developed over years to handle failures of transit nodes or links in a good fashion (e.g. LFA, rLFA, TI-LFA, RSVP 1:1 protection, RSVP facility protection), handling failures of egress PE has been always a challenging task. One option to address this challenge is the BGP PIC Edge, where ingress PE pre-installs in its FIB next-hops to multiple egress PEs providing reachability for given prefix. While this technique provides failover times independent from the number of BGP prefixes, it’s robustness heavily depends, how quickly ingress PE can detect failure of egress PE. This can be relatively fast in small networks (IGP domain is small, so global IGP convergence is quick). However, as the networks grow (IGP domains become big), eventually up to the point, where network size mandates partitioning the network to multiple IGP domains or autonomous systems, fast discovery of egress PE failure becomes a challenge. This presentation provides a case study for an alternative approach to address this problem, where instead of BGP PIC Edge technique, architecture referenced as ‘egress PE protection’ (called sometimes ‘egress mirroring’, too) has been deployed in one of the networks of an Tier 1 provider.
Presentation Files	Fast Egress Protection - Szarkowicz
Video Files	Fast Egress Protection
back to meeting agenda.
Command Execution in Heterogeneous Network at Facebook scale
Date/Time	4:30 PM to 5:00 PM
Location	Imperial Ballroom
Presenters	Speaker Surinder Singh, Facebook Inc.
Abstract	Facebook's global network has tens of thousands of network devices from a variety of vendors. We need to run commands on these devices for monitoring, provisioning and deployment. Running commands on devices from different vendors poses unique technical challenges. To address these challenges, we created a FBNet Command Runner (FCR) thrift service for running commands on devices. The service takes care of vendor specific details of network devices and allows user to focus on business logic. This service now runs commands on tens of thousands of network devices in our network. We have now open sourced the FCR service. Others can now extend this service to adapt it to their network. In this tutorial, we will spend about 10 minutes to walk through an overview of this service and how it ties into network management at Facebook. After that we will do a live tutorial. In this tutorial, we will build a Command Runner service based on FBNet Command Runner. For this tutorial we will be using Python as the programming language. * We will use linux containers to emulate a set of generic network devices * Using small modification, we will adapt the FCR to work with these emulated device * We will be using FCR thrift APIs to run commands on devices using our FCR service. * In process, we will create a small cli tool to interactively run commands using the FCR. * Run multiple instances to scale with the size of network
Presentation Files	Command Execution in Heterogeneous Network at Facebook scale - Singh
Video Files	Command Execution in Heterogeneous Network at Facebook scale
back to meeting agenda.
A DGA Odyssey: Passive DNS Driven DGA Analysis
Date/Time	5:00 PM to 5:30 PM
Location	Imperial Ballroom
Presenters	Speaker Yiming Gong Qitian Su Qitian Su is a data security analyst at netlab, Qihoo 360. He is interested in big data analyze after building different data pipes for the department. He taught himself reverse engineering for a better analyze coverage against DGA. Before entering Qihoo, he worked on Linux drivers for years, gained an in-depth understanding for computer hardware and Linux kernel. Zaifeng Zhang
Abstract	Domain Generation Algorithm (DGA) techniques have been commonly used by bot-masters to evade detection, which dynamically produce quantities of seemingly random domain names but only a few of them are selected as command and control (C&C) domains. Such technique makes the detection more difficult. To block these DGA domains, we need to find them early and identify them effectively. In this talk, we will share our DGA tracking experience based on passiveDNS and malware sandbox database. Starting from billions of PDNS records, we first extract highly suspicious DGA domains with a clustering algorithm. Then to identify the generation algorithms and seeds behind these domains, we use malware sandbox data to locate the malware samples. In the end, we have identify 36 families. Their corresponding DGA domain feeds can be freely accessed from http://data.netlab.360.com/dga. Our talk are divided into four parts: 1. The DGA families we detected 36 DGA botnet families under track will be show in this part, as well as their activity stat in China. 2. From the PDNS records to suspicious DGA domains It is a great challenge to identify millions of suspicious active DGA domains from billions of passiveDNS data. To address this problem, we utilize our Long Tail Cluster Algorithms (LTCA) to help to extract highly suspicious DGA domains. We will introduce the details of data cleaning and aggregation in this part. 3. From suspicious DGA domains to malware samples Once we discover highly suspicious DGA domains, we need to locate the corresponding malware samples to further identify the corresponding generation algorithms and the seed. We use malware sandbox to bridge this gap. In this part, we will introduce our techniques, like time window difference, and others. 4. Practical blocking experience Due to the complexity of DNS, this DGA blacklist may still suffer from both false positive and false negative in practice. Here we will introduce some practical cases we encountered and how we solve them.
Presentation Files	A DGA Odyssey: Passive DNS Driven DGA Analysis - Gong
Video Files	A DGA Odyssey: Passive DNS Driven DGA Analysis
back to meeting agenda.
Overview of ICANN Identifier Technologies Health Indicator (ITHI) Project
Date/Time	5:30 PM to 6:00 PM
Location	Imperial Ballroom
Presenters	Speaker Alain Durand, ICANN
Abstract	This talk could be either in the General Session or the DNS track. We would like to a submit a presentation on the ITHI project at ICANN. See details at http://www.icann.org/ithi This presentation will focus on the name side of the project, the RIRs through the NRO are focusing on the number side. We will present the project and its deliverable, then we will focus on a number of topics, ranging from complaints toward the accuracy of the DNS whois database, DNS abuse monitoring and an analysis of the usage of DNS parameters as seen at the root.
Presentation Files	Overview of ICANN Identifier Technologies Health Indicator (ITHI) Project - Durand
Video Files	Overview of ICANN Identifier Technologies Health Indicator (ITHI) Project
back to meeting agenda.
Conference Close
Date/Time	6:00 PM to 6:15 PM
Location	Imperial Ballroom
Presenters	Speaker Betty Burke, NANOG Currently serving as the NANOG Executive Director, responsible for all aspects of NANOG, reporting to the Board of Directors. Previous 37 years of experience serving in technology, business, and management within the Michigan Information Technology Services, University of Michigan, and Merit Network. Proven leadership and experience in development of strategic and operational plans, creation and implementation of marketing campaign for conference center and high tech facilities including a data center, conference and office building, library and campus fiber assets. Proven operational success through project management, along with leadership through community and team building.
Presentation Files	Conference Close - Burke
Video Files	Conference Close
back to meeting agenda.