|
Wednesday Meeting Registration
|
| Date/Time |
7:30 AM to 5:00 PM
|
| Location |
Centennial Foyer |
|
back to meeting agenda.
|
|
Wednesday Breakfast
|
| Date/Time |
7:30 AM to 9:45 AM
|
| Location |
Capitol Ballroom 1-4 |
|
back to meeting agenda.
|
|
Wednesday Espresso Bar
|
| Date/Time |
8:30 AM to 4:30 PM
|
| Location |
Centennial Foyer |
|
back to meeting agenda.
|
|
Choose your own adventure: Networking professionals roads to success.
|
| Date/Time |
10:00 AM to 10:45 AM
|
| Location |
Centennial Ballroom |
| Presenters |
- Moderator
- Michaela Clifford, Netflix
- Speaker
- Eve Griliches, Product Marketing, Cisco Systems
- Martin Hannigan, Twitch
- Sylvie LaPerriere, Google Inc.
- Danilo Mayorga
- Matt Ringel, Akamai Technologies
- Chris Woodfield
|
| Abstract |
Every path to success is different and the diverse community of networking professionals NANOG is an excellent example of that. We have the opportunity to help and inspire people who are new to networking and unsure of what to do next, or even established professionals who are want to make a change.
This panel is comprised of diverse members of the networking community. Each panelist will discuss their individual path that lead them to their current career. As well as provide advice based on what they've learned during this time. With a short Q and A with the audience at the end. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Scaling the Facebook backbone through Zero Touch Provisioning (ZTP)
|
| Date/Time |
10:45 AM to 11:30 AM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Brandon Bennett, Facebook
- David Swafford, Facebook
- David Swafford is a Network Engineer on Facebook's Production Engineering team. Having coming to FB a few years back as traditional network engineer, he quickly shifted focus to the software side after realizing that there simply wasn't enough time in the day to do things the traditional way. That shift has paid off well for FB as the entire network team shifted in the same manner and now we focus on much more interesting problems together.
When nerding out the most, he loves to look deep into the things that make networking and large systems tick. Topics like routing protocols, TCP, and Linux fall into his favorite bedroom reading.
Outside of all this, he loves to to cook any and everything under the theme of Italian-American following in the footsteps of his favorite chef Scott Conant. He also loves being active with his dog Cocoa.
Best reached using [email protected], you can also find him regularly at the SF Python Meet-ups (www.meetup.com/sfpython/). Any and all levels are welcome!
|
| Abstract |
Zero Touch Provisioning is a method of configuring network devices through DHCP from a factory-blank state. In response to a DHCP-DISCOVER, a device is given either a configuration file or a configuration script to execute on the network device. For the scripted option, how the script executes and what it's capable of varies by each vendor (so far) and by network role.
After configuring itself, the device will typically reboot and voila, FIN! But, no, in real life we have other things to do before releasing a device to production. We also have had interesting problems of not being able to generate configuration prior to physically installing a device - so if you don't have configuration pre-generated, how do you respond to a DHCP request with a configuration file?
This problem led us to develop a workflow automation system wrapped around ZTP whereby ZTP is a step in the early portion of a workflow but not necessarily the beginning. By wrapping other automation steps before, during, and after, we were able to bring end-to-end automation to the provisioning space while greatly reducing errors and failures.
In this talk, I am going to focus on how we provision our backbone devices using ZTP, dive deep into the workflow automation built to rid ourselves of endless MOPs (procedural documents executed by human technicians), briefly show the changes we made on our DHCP stack (ISC's open-source DHCP server) to parse and respond to our various vendors with a per-device specific Python agent, and dive into our use of a Python agent running on-box. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Hackathon Recap
|
| Date/Time |
11:30 AM to 12:00 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Chris Woodfield, Salesforce
- Chris Woodfield is a Principal Engineer at Salesforce, where he focuses on Network Software. Prior to Twitter, he had roles at Twitter, Yahoo! and Internap. He is a member of the NANOG Program Committee and the ARIN Advisory Council.
|
| Abstract |
We'll use a 30 minute slot for our sponsor to do a presentation of the Sunday Hackathon, and introduce the winning teams. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Wednesday Lunch (On Your Own)
|
| Date/Time |
12:00 PM to 1:30 PM
|
|
back to meeting agenda.
|
|
The State of Traffic Engineering - an ISP's Perspective
|
| Date/Time |
1:30 PM to 2:00 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Andrew Gray, Charter Communications
- Andrew has been in the Cable/MSO space since 2011, with another 12 years of network engineering experience prior to that. He joined Charter in 2017, and presently is one of the lead engineers for the Charter Communications Advanced Engineering team responsible for backbone engineering and overall architecture. His present focuses are network standardization and automation, with interests in many other facets of network design.
|
| Abstract |
This talk will go over the current state of the major Traffic Engineering solutions (starting with basic static routing and working through IGP as MED, AIGP, RSVP-TE, additional RSVP tweaks, SR-TE, SRv6, and various PCE solutions) following our internal project to determine which way to go for the next couple years. Large scale ISPs have different requirements than either enterprise or large-scale web service providers, and those requirements steer us differently. Pros and cons from that perspective for each method will be reviewed, and a readout on both the current state as we see it, along with where we see the future going and some thoughts about the problems that still need solving. This talk is set at a white paper level, and is not aimed to go deep into the technical details about each of the options (as that would take a substantial time slot), but some technical items will be called out if they were a major issue. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
DDoS evolution and enhancing DDoS protection with BGP flowspec
|
| Date/Time |
2:00 PM to 2:30 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Taylor Harris
- Since 2010 Taylor has worked with security technologies in the cable industry. He began his career with the Brighthouse Networks Business Solutions Services team as an operations engineer supporting enterprise customers with a focus on security and managed services. In 2013 he transitioned to a role in the Brighthouse sustaining engineering group where he would deploy and support the DDoS detection and mitigation infrastructure among many other responsibilities involving support of infrastructure and commercial customers. With the merger of Charter and Time Warner Cable he moved into the Advanced Engineering Security Architecture group where his role has expanded to a much broader landscape of network security while still focusing heavily on DDoS mitigation architectures, network consolidation, and solving new security challenges for very large networks.
|
| Abstract |
Provide a brief review of DDoS and DDoS evolution over the last few years. Describe new attack vectors, such as memcache and Carpet Bombing. Explain how flowspec can help prevent DDoS traffic at the edge, and provide a demonstration of a home brew software defined method of mitigating DDoS traffic using exa-bgp and flowspec. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
SDN Controllers in the WAN: protocols and applications
|
| Date/Time |
2:30 PM to 3:00 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Julian Lucek, Juniper Networks
- Julian Lucek is a Distinguished Systems Engineer at Juniper Networks, where he has been working with many operators on the design and evolution of their networks. Before joining Juniper Networks in 1999, he worked at BT for several years, at first in the Photonics Research Department and later in the data transport and routing area. During this time he gained a PhD in ultrahigh-speed optical transmission and processing from Cambridge University. He is the holder of several patents in the area of communications technology. He is co-author of the book "MPLS-Enabled Applications: Emerging Developments and New Technologies", by Ina Minei and Julian Lucek.
|
| Abstract |
Some operators have recently been deploying SDN Controllers in the WAN for the first time. This presentation discusses the protocols needed to underpin a quasi-real-time SDN Controller for the WAN, and the major applications of such controllers. The flow of the presentation is as follows:
A/ How an SDN Controller gains visibility of the network, using the following ingredients
(i) BGP-LS for topology discovery, including attributes of physical links such as bandwidth and metrics. This will include a discussion of how a controller gains visibility across multiple AS’s, in the case of multiple-AS networks,
(ii) Streaming telemetry for link and LSP statistics and link latency data
(iii) Status of traffic-engineered LSPs via PCEP
B/ How an SDN Controller instantiates or modifies RSVP (via PCEP) or Segment-Routed (via PCEP) traffic-engineered LSPs across the network
C/ Bulk Traffic Management use-case. This is especially useful for operators carrying large volumes of internet traffic and who need a way of automatically avoiding traffic hotspots. This is achieved by having the controller monitor link utilization and LSP utilization by consuming streaming telemetry from network nodes, so that it can work out which LSP(s) it needs to reroute in order to ease the congestion on hot links.
D/ Creating LSPs to underpin particular service requirements, for example
(i) diversely routed pairs of point-to-point LSPs to underpin path-diverse pseudowires, as a next-gen replacement for SONET private circuit services
(ii) LSPs that follow the current minimum latency path, for delay-sensitive traffic
(iii) pairs of diversely routed Point-to-Multipoint (P2MP) LSPs for Professional Broadcast TV and Financial Market Data feeds.
|
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Vaping - A healthy alternative to SmokePing
|
| Date/Time |
3:00 PM to 3:30 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Matt Griswold, United IX, 20C
- Matt Griswold is co-founder of United IX, an Internet exchange in Chicago. He has been instrumental in launching several technology companies since 1999, playing key roles in development, networking and system administration. Mr. Griswold is passionate about coding and peering and has volunteered for Euro-IX, NANOG, Open-IX and PeeringDB.
|
| Abstract |
I will talk about a tool we made and open sourced to replace smokeping. How well it scales, how it allows for distributed probes, and how after testing , we discovered ssh is faster than SNMP.
We just finished realtime MTR graphing, and I would like to demo that and show how easy it is to make plugins.
On the web side, the foundation is a legit daemon for web service, which will solve a lot of people's problems, so I'd like to talk about that a bit as well. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Lightning Talk: Securing Physical Access to Systems, Networks and Data
|
| Date/Time |
3:30 PM to 3:40 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Alan Hannan
|
| Abstract |
Information Security is a complicated and well discussed topic. InfoSec is vitally important and one weak link can break the chain. Less popular these days is discussion on physical security of circuits, systems, networks, and data. This talk outlines 5 areas where you can make your systems and sites more secure. 1. Cage/Cabinet Access and Monitoring; 2. Circuit Encryption, 3. Encryption Kay Management, 4. Encryption at Rest, 5. Vendor Access |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Lightning Talk: Automated DDOS Protection for our National Service-Provider Backbone (that lets our engineers sleep at night)
|
| Date/Time |
3:40 PM to 3:50 PM
|
| Location |
Centennial Ballroom |
| Presenters |
- Speaker
- Jeremy Palmer
|
| Abstract |
At Flexential (formerly Peak10 + Viawest) we created an automated DDOS detection/mitigation solution that protects all company and customer IP assets across all of our datacenters and ASes. The system is able to automatically detect inbound or outbound DDOS attacks, reroute attack traffic to our DDOS scrubbing vendor, determine the specific customer that is under attack, and notify the customer via our ticketing system. This solution has resulted in a large reduction of DDOS-related escalations, and allows our engineers to sleep at night (most of the time). We'll discuss the overall solution including challenges and lessons learned, and give examples of the system in action. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Conference Close
|
| Date/Time |
3:50 PM to 4:20 PM
|
| Location |
Centennial Ballroom |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|