BEGIN:VCALENDAR VERSION:2.0 PRODID:-//NANOG 73 Event Calendar//nanog.org// BEGIN:VEVENT SUMMARY:NANOG Hackathon DTSTART;VALUE=DATE-TIME:20180624T143000Z DTEND;VALUE=DATE-TIME:20180625T010000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1743 CONTACT:Chris Woodfield DESCRIPTION:\n\nSunday Hackathon Event. LOCATION:Mineral D-G END:VEVENT BEGIN:VEVENT SUMMARY:Sunday Meeting Registration DTSTART;VALUE=DATE-TIME:20180624T220000Z DTEND;VALUE=DATE-TIME:20180625T000000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1708 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Sunday Evening Social Event DTSTART;VALUE=DATE-TIME:20180625T003000Z DTEND;VALUE=DATE-TIME:20180625T043000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1730 CONTACT:Darrieux Harvey DESCRIPTION:\n\nTime: 6:30pm - 10:30pm\n\nLocation: Cervantes Concert Hall \n\nAddress: 2635 Welton St. Denver\, CO 80205\n\n **NANOG Badge required for entry** LOCATION:Cervantes Concert Hall END:VEVENT BEGIN:VEVENT SUMMARY:Hackathon Reception DTSTART;VALUE=DATE-TIME:20180625T010000Z DTEND;VALUE=DATE-TIME:20180625T020000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1745 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Mineral D-G END:VEVENT BEGIN:VEVENT SUMMARY:Monday Meeting Registration DTSTART;VALUE=DATE-TIME:20180625T133000Z DTEND;VALUE=DATE-TIME:20180625T230000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1709 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Monday Breakfast DTSTART;VALUE=DATE-TIME:20180625T133000Z DTEND;VALUE=DATE-TIME:20180625T154500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1719 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol Ballroom 1-4 END:VEVENT BEGIN:VEVENT SUMMARY:Monday Espresso Bar DTSTART;VALUE=DATE-TIME:20180625T143000Z DTEND;VALUE=DATE-TIME:20180625T223000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1712 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Conference Opening DTSTART;VALUE=DATE-TIME:20180625T160000Z DTEND;VALUE=DATE-TIME:20180625T163000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1715 CONTACT:Ryan Woolley CONTACT:Ryan Donnelly CONTACT:Bob Leitner CONTACT:Paul E. Szurek DESCRIPTION:Speaker: Ryan Donnelly\, NANOG Board Chair\nSpeaker: Paul E. S zurek\, Coresite\nSpeaker: Bob Leitner\, Verizon\nSpeaker: Ryan Woolley\, Netflix\n\n LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Keynote: “Operations first\, feature second” Philosophy DTSTART;VALUE=DATE-TIME:20180625T163000Z DTEND;VALUE=DATE-TIME:20180625T170000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1661 CONTACT:Najam Ahmad DESCRIPTION:Speaker: Najam Ahmad\, Facebook\n\nRecently there was a blog p ost on Linkedin talking about the skills required to be a successful netwo rk engineer in the future. While the skills listed were all relevant and m ade sense\, there was a key element missing – an operational mindset. To be successful at building and managing large scale infrastructure there h as to be an operations first mindset to developing technology. It’s not simply about “automating” things or having a dev-ops team. This talk u ses Facebook’s disaster recovery efforts as a case study to describe thi s mindset and approaches to deploying infrastructure that survives disaste rs without significant human intervention. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:The Full Edward: Meet our new Executive Director: Edward McNair DTSTART;VALUE=DATE-TIME:20180625T170000Z DTEND;VALUE=DATE-TIME:20180625T174500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1662 CONTACT:David Temkin CONTACT:Edward McNair DESCRIPTION:Moderator: David Temkin\, Netflix\nSpeaker: Edward McNair\, NA NOG\n\nIt will be my pleasure to introduce our new ED\, Edward McNair\, to the community. I will start with a 1:1 interview of Edward to help the au dience get to know him and then move to audience Q&A.\n LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Monday Lunch DTSTART;VALUE=DATE-TIME:20180625T180000Z DTEND;VALUE=DATE-TIME:20180625T193000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1717 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol Ballroom 1-4 END:VEVENT BEGIN:VEVENT SUMMARY:Newcomers Lunch (Invite Only) DTSTART;VALUE=DATE-TIME:20180625T180000Z DTEND;VALUE=DATE-TIME:20180625T193000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1725 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol 5-7 END:VEVENT BEGIN:VEVENT SUMMARY:T-Mobile's journey to IPv6 Only networking DTSTART;VALUE=DATE-TIME:20180625T193000Z DTEND;VALUE=DATE-TIME:20180625T200000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1645 CONTACT:Stephan Lagerholm DESCRIPTION:Speaker: Stephan Lagerholm\n\nOver the last 10 years\, T-Mobil e have had a strategy of removing our dependency of IPv4. In the spring of 2017 we finally flipped the switch and turned off IPv4 for over 10 millio n handsets. As of March 2018 we only have a single digit % of our users re lying on IPv4. \n\nWe have in other words reached the utopia of making our customer experience independent of IP transport protocol. To achieve this we are using DNS64 and related technologies. Stephan will share some of T -Mobile’s experience with DNS64 and give some advice on how to find and handle broken applications and websites.\n\nTalk outline: \n• Background T-Mobile’s journey towards IPv6 only \n• Background\, RFC6147\, RFC68 77 and RFC7050 \n• Selection algorithm and happy eyeballs (RFC6555\, RFC 8305) \n• Common failure scenarios for IPv6 only hosts \n• RFC complia nce and how popular DNS64 resolvers react to various common DNS misconfigu rations \n• Conclusion and learnings LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Preventing (Network) Time Travel with Chronos DTSTART;VALUE=DATE-TIME:20180625T200000Z DTEND;VALUE=DATE-TIME:20180625T203000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1656 CONTACT:Michael Schapira CONTACT:Neta Rozen Schiff CONTACT:Danny Dolev CONTACT:Omer Deutsch DESCRIPTION:Speaker: Omer Deutsch\nSpeaker: Danny Dolev\nSpeaker: Neta Roz en Schiff\, Hebrew University of Jerulsalem\nSpeaker: Michael Schapira\n\n The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet. Unfortunately\, NTP is highly vulnerable to “time shi fting attacks”\, in which the attacker’s goal is to shift forward/back ward the local time at an NTP client. NTP’s security vulnerabilities hav e severe implications for time-sensitive applications and for security mec hanisms\, including TLS certificates\, DNS and DNSSEC\, RPKI\, Kerberos\, BitCoin\, and beyond. While technically NTP supports cryptographic authent ication\, it is very rarely used in practice and\, worse yet\, timeshiftin g attacks on NTP are possible even if all NTP communications are encrypted and authenticated.\nWe present Chronos\, a new NTP client that achieves g ood synchronization even in the presence of powerful attackers who are in direct control of a large number of NTP servers. Importantly\, Chronos is backwards compatible with legacy NTP and involves no changes whatsoever to NTP servers. Chronos leverages ideas from distributed computing literatur e on clock synchronization in the presence of adversarial (Byzantine) beha vior. A Chronos client iteratively “crowdsources” time queries across multiple NTP servers and applies a provably secure algorithm for eliminati ng “suspicious” responses and averaging over the remaining responses. Chronos is carefully engineered to minimize communication overhead so as t o avoid overloading NTP servers.\nWe evaluate Chronos’ security and netw ork efficiency guarantees via a combination of theoretical analyses and ex periments with a prototype implementation. Our results indicate that to su cceed in shifting time at a Chronos client by over 100ms from the UTC\, ev en a powerful man-in-the-middle attacker requires over 20 years of effort in expectation. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Public Speaking Forum DTSTART;VALUE=DATE-TIME:20180625T200000Z DTEND;VALUE=DATE-TIME:20180625T210000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1672 CONTACT:Christina Chu DESCRIPTION:Speaker: Christina Chu\, NTT America\n\nPublic Speaking Forum provides a positive and supportive environment in a small group for partic ipants to improve self-confidence and skills in public speaking through pr actice and peer feedback. In the pilot\, we will offer fifteen seats in a group with eight 3-min speaking slots. Space is limited. Sign up is requir ed. First come first served. If you sign up for a speaking slot\, please p repare for a 3 mins speech with a topic of your choice. You can sign up f or a speaking slot at https://www.nanog.org/meetings/nanog73/psf LOCATION:Capitol 5 END:VEVENT BEGIN:VEVENT SUMMARY:Memcached amplification: lessons learned DTSTART;VALUE=DATE-TIME:20180625T203000Z DTEND;VALUE=DATE-TIME:20180625T210000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1641 CONTACT:Artyom Gavrichenkov DESCRIPTION:Speaker: Artyom Gavrichenkov\, Qrator Labs CZ\n\nIn November 2 017\, researchers have found a new class of amplification DDoS attacks: th e memcached amplification. Soon after the discovery\, at the beginning of March 2018 those attacks were already in the wild\, with a bandwidth close to 1\,7 Gbps.\n\nWhat we're going to discuss is an analysis of the threat structure\, causes and consequences\, and what we're able to do to preven t such issues from happening next time. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:SNMP is dead DTSTART;VALUE=DATE-TIME:20180625T210000Z DTEND;VALUE=DATE-TIME:20180625T213000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1677 CONTACT:Rob Shakir CONTACT:Carl Lebsack DESCRIPTION:Speaker: Carl Lebsack\, Google\nSpeaker: Rob Shakir\, Google\n \nModern networks have significantly outpaced the monitoring capabilities of SNMP and command-line scraping.  Over the last three years we at Googl e have been working with members of the networking industry via the OpenCo nfig.net effort to redefine network monitoring.  We have now deployed Str eaming Telemetry in production to monitor devices from multiple vendors. We will talk about the experience and highlight the open source components we are providing to the community to accelerate industry-wide adoption. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Monday PM Break DTSTART;VALUE=DATE-TIME:20180625T213000Z DTEND;VALUE=DATE-TIME:20180625T220000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1722 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Segment Routing: the stuff marketing doesn’t talk about DTSTART;VALUE=DATE-TIME:20180625T220000Z DTEND;VALUE=DATE-TIME:20180625T223000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1624 CONTACT:steve ulrich DESCRIPTION:Speaker: steve ulrich\, arista networks\n\nOver the past few y ears\, Segment Routing has received a considerable amount of attention for enabling a range of novel new network capabilities. While Segment Routin g holds considerable promise in terms of network simplification and enabli ng new modes of operation there are a number of architectural and deployme nt considerations which have received little attention in the excitement t o discuss what can be. This presentation is a brief discussion of some of the practical considerations in enabling Segment Routing in production ne tworks and some of the challenges to be addressed and potential solutions. Topics include RSVP-SR coexistence and migration\, label space/stack mana gement\, new traffic engineering and diagnostic considerations. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Peering Coordination Forum DTSTART;VALUE=DATE-TIME:20180625T230000Z DTEND;VALUE=DATE-TIME:20180626T003000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1728 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol Ballroom 1-4 END:VEVENT BEGIN:VEVENT SUMMARY:Monday Evening Social Event DTSTART;VALUE=DATE-TIME:20180626T010000Z DTEND;VALUE=DATE-TIME:20180626T040000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1731 CONTACT:Darrieux Harvey DESCRIPTION:\n\nTime: 7:00pm - 10:00pm\n\nLocation: Blue Moon Brewery\n\nA ddress: 3750 Chestnut Pl. Denver\, CO 80216 \n\nTransportation will be pro vided\n\n **NANOG Badge required for entry** LOCATION:Blue Moon Brewery END:VEVENT BEGIN:VEVENT SUMMARY:Tuesday Meeting Registration DTSTART;VALUE=DATE-TIME:20180626T133000Z DTEND;VALUE=DATE-TIME:20180626T230000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1710 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Tuesday Breakfast DTSTART;VALUE=DATE-TIME:20180626T133000Z DTEND;VALUE=DATE-TIME:20180626T154500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1720 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol Ballroom 1-4 END:VEVENT BEGIN:VEVENT SUMMARY:Tuesday Espresso Bar DTSTART;VALUE=DATE-TIME:20180626T143000Z DTEND;VALUE=DATE-TIME:20180626T223000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1713 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Members Breakfast (Invite Only) DTSTART;VALUE=DATE-TIME:20180626T150000Z DTEND;VALUE=DATE-TIME:20180626T154500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1726 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol 5-7 END:VEVENT BEGIN:VEVENT SUMMARY:A reflection of Time Spent at NANOG DTSTART;VALUE=DATE-TIME:20180626T160000Z DTEND;VALUE=DATE-TIME:20180626T161500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1676 CONTACT:Betty Burke DESCRIPTION:Speaker: Betty Burke\, NANOG\n\nA reflection of NANOG and time as Executive Director LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:The Single Source of Truth for Network Automation DTSTART;VALUE=DATE-TIME:20180626T161500Z DTEND;VALUE=DATE-TIME:20180626T170000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1644 CONTACT:Andy Davidson DESCRIPTION:Speaker: Andy Davidson\, Asteroid\n\nHow a single source of tr uth\, expressed as an elegant data model\, can operate an Internet busines s' process and network automation.\n\nMany automation presentations to dat e have considered programming skills/languages a network engineer starting an automation project needs. They concentrate on vendor automation featur es. The audience learns the Arista/Juniper integration options. Little pre sented to date explains how an engineer can integrate software relevant bu siness processes or product design.\n\nIf a network concentrates only on t he automation platform facing their network\, though the instruction set t o manage the network is automated\, can the company be said to be automate d without integration into the products and rest of the business?\n\nWhen a company extends the scope of the automation project into the product set \, sales process\, monitoring there are many efficiencies realized:\n\nFre edom to provide services by nontechnical teams\nThe speed of deployment of customer services (reduce time to bill!)\nThe accuracy of monitoring syst ems\nMore customer self-service options\nRich API that customers can deplo y into their software\nSLA and outage validation\n\nThe presentation shows lessons learned to network companies (ISPs\, IXPs\, content) looking to e mbark upon an automation project:\n\nWhy and how to build a data model tha t can describe your customers\, products\, and network\, teams\nWhat norma lization is\, and why/how to use it\nWhy and how to abstract different lay ers of technical systems to\nallow vendor changes/flexibility\nHow and why to use the data model to build systems configurations and\nmonitoring tem plates\nHow and why to abstract between functional elements (like "ports") and\nall matters relating to the service on those technical elements\nHow and why to expose parts of it to customers to provide an extra layer of t ransparency and benefit to your end users\nHow to integrate with data whic h is in third-party databases\nThe mistakes I made and had to refactor out after launch LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:RIFT (Routing In Fat Trees) for Hyperscale Datacenters DTSTART;VALUE=DATE-TIME:20180626T170000Z DTEND;VALUE=DATE-TIME:20180626T173000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1694 CONTACT:Alankar Sharma DESCRIPTION:Speaker: Alankar Sharma\, Comcast\n\nRIFT (Routing In Fat-Tree s) is being designed as next-gen routing protocol optimized for leaf/spine architectures\, taking advantage of somewhat deterministic network topolo gies (CLOS) common to hyperscale datacenters. Large datacenters have known challenges with IGP\, pushing the engineers towards BGP\, which requires enough tweaks and cumbersome configurations\, vouching the need for altern ate solutions.\nRIFT also adds autonomous routing\, empowering the routers to identify their relative roles and start routing traffic autonomously.\ n\nRIFT has been gaining attention at IETF. There is a formal RIFT working group formed in the past IETF meeting (London). Juniper\, Comcast and Cis co have been contributing heavily towards the specifications.\nLink to the IRTF draft- https://tools.ietf.org/html/draft-ietf-rift-rift-01\n\n\n LOCATION:Centennial DEFGH END:VEVENT BEGIN:VEVENT SUMMARY:Segment Routing for DCI DTSTART;VALUE=DATE-TIME:20180626T173000Z DTEND;VALUE=DATE-TIME:20180626T180000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1659 CONTACT:Pete Moyer CONTACT:Muhammad Durrani DESCRIPTION:Speaker: Muhammad Durrani\nSpeaker: Pete Moyer\n\nAbstract:\nT his talk will cover two talk tracks into a single presentation. First\, a technology overview of applicable Segment Routing (SR) components for an I XP network will be covered. Second\, a discussion of how this technology i s being leveraged in the Equinix Unified Packet Fabric architecture. The f irst part is not intended to be a complete SR technology overview\; it is intended to cover the SR aspects that are applicable to the Equinix use ca se.\n\nAdditional Notes: \nPete Moyer\, Nokia Consulting Engineer will cov er the first part of the talk and Muhammad Durrani\, Equinix Chief Network Architect will cover the second part.\n LOCATION:Centennial DEFGH END:VEVENT BEGIN:VEVENT SUMMARY:Tuesday Lunch DTSTART;VALUE=DATE-TIME:20180626T180000Z DTEND;VALUE=DATE-TIME:20180626T193000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1718 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol Ballroom 1-4 END:VEVENT BEGIN:VEVENT SUMMARY:Women In Technology Lunch DTSTART;VALUE=DATE-TIME:20180626T180000Z DTEND;VALUE=DATE-TIME:20180626T193000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1727 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol 5-7 END:VEVENT BEGIN:VEVENT SUMMARY:Routing Is At Risk. Let's Secure It Together. DTSTART;VALUE=DATE-TIME:20180626T193000Z DTEND;VALUE=DATE-TIME:20180626T200000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1674 CONTACT:Andrei Robachevsky DESCRIPTION:Speaker: Andrei Robachevsky\, Internet Society\n\nStolen crypt ocurrency\, hijacked traffic blocking access to whole countries\, derailin g vital Web resources for thousands of people. Routing used to fly under t he radar. As long as incidents weren't too bad\, no one asked too many que stions\, and routing security never made it to the top of the to-do list. But these days\, routing incidents are regularly making the news\, executi ves are getting nervous\, and engineers are under pressure to make sure th eir network isn't next. \n\nThe problem is\, you cannot secure your own ne twork entirely by yourself. But you can help secure the global routing sys tem as a whole.\n \nWe have a collective responsibility to ensure a secure routing infrastructure. Mutually Agreed Norms for Routing Security – MA NRS – is a global initiative of network operators and IXPs to reduce the most common routing threats. MANRS offers an opportunity for a globally a dopted\, systemic approach to routing security. \n\nThis talk will presen t detailed statistics about what's happening in the global routing system\ , and offer ways to leverage the MANRS security baseline and demonstrate c ommitment to the security and sustainability of the Internet. It will cove r recent developments\, such as launching the new MANRS IXP Programme\, ai med at scaling up the adoption of security practices. LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Flowspec for BGP Route Servers at IXPs DTSTART;VALUE=DATE-TIME:20180626T200000Z DTEND;VALUE=DATE-TIME:20180626T203000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1690 CONTACT:Benedikt Rudolph DESCRIPTION:Speaker: Benedikt Rudolph\, DE-CIX\n\nBIRD is a widely deploye d software for BGP route servers at IXPs. The release of version 2.0.2 in March added support for BGP Flow Specification (RFC 5575). While constantl y adding new features\, the single-threaded architecture of the routing da emon imposes limits on computationally-intensive tasks. This raises questi ons about scalability and resource consumption\, especially for deployment s with hundreds of peers and hundred-thousands of prefixes\, common at IXP s.\n\nIn this talk we present a first performance evaluation of BIRD 2.0.2 and test the new Flowspec feature in a close to reality\, large-scale IXP deployment. To set the context\, we investigate a scenario where Flowspec is used to exchange information about DDoS traffic blackholed on the IXPs switching platform. Ideally this feature would not interfere with routine operation of the route server. To be effective\, BGP announcements of bla ckhole routes need to be disseminated quickly. Therefore we look at the fo rwarding performance of Flowspec messages in BIRD under various operating conditions. Especially important to us is resource consumption (memory and CPU) as well as practical deployment considerations.\nIn addition to the evaluation of BIRD 2.0.2 we provide reference measurements with the widely deployed and stable BIRD 1.6.4 release without Flowspec support. LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Architecting Robust BGP Routing Policies DTSTART;VALUE=DATE-TIME:20180626T203000Z DTEND;VALUE=DATE-TIME:20180626T210000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1707 CONTACT:Job Snijders DESCRIPTION:Speaker: Job Snijders\, NTT Communications\n\nWhat actually ma kes good routing policies "good"? At NANOG we've mostly focused on teachin g each other how to implement one or another BGP feature in our networks\, but there has been very little dialogue on how to design robust policies. \nIn this presentation I'll offer a conceptual model to look at routing po licy\, offer terminology to help discuss routing policy\, and analyse rout ing policy design patterns. LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Lightning Talk: BGP Transport Security - Do You Care? DTSTART;VALUE=DATE-TIME:20180626T210000Z DTEND;VALUE=DATE-TIME:20180626T211000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1751 CONTACT:Ignas Bagdonas DESCRIPTION:Speaker: Ignas Bagdonas\, Equinix\n\nHow many of you use MD5 f or BGP sessions? And for what purpose? Isn’t MD5 authentication really j ust a longer form of peer identifier – to avoid accidentally establishin g a session with a wrong peer? Does MD5 help in preventing route leaks and hijacks? Does your network allow access to internal BGP speaking nodes fr om outside of the perimeter? How do you distribute MD5 secrets to your pee rs? How do you change MD5 secrets without tearing down the BGP session?\n\ nTCP Authentication Option has been around for a while. Is anyone aware of TCP-AO? Do any major vendors implement it? Does anyone care? Why not to r un BGP over TLS? Or BGP over IPsec? Or BGP over QUIC? Or why not invent a new secure transport for BGP? Sure\, that sounds to be a lot of fun\, let ’s do that.\n\nControl plane security has been a special kind of securit y for a long time. Indeed there are speciality aspects to it as of the lay ers above relying significantly on the proper operation of the control pla ne\, and often transports used for control planes are not too common ones. \n\nIETF has been working on control plane security for a noticeable perio d of time\, there was a dedicated KARP working group and protocol-specific working groups had their individual initiatives on security aspects. Howe ver the world still uses MD5 for BGP. KARP WG got shutdown after a long st ruggle to produce anything. Is this the question of education\, or the lac k of it to be precise? Is the problem of peer authentication solved in som e other way? Is there a problem at all? Do we need to spend time on spread ing the word on what control plane security is and why it is important? Is there a problem at all – given sufficient network operational hygiene a nd proper network design\, do we need control plane security as a separate entity as such? Is there a need for having inbuilt transport security mec hanisms into BGP protocol itself? LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Lightning Talk: Legal Barriers to Securing the Routing Architectur e DTSTART;VALUE=DATE-TIME:20180626T211000Z DTEND;VALUE=DATE-TIME:20180626T212000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1750 CONTACT:David Wishnick DESCRIPTION:Speaker: David Wishnick\, University of Pennsylvania\n\nThis s hort presentation is meant to solicit NANOG community feedback on one aspe ct of Internet routing: the adoption of the Resource Public Key Infrastruc ture framework to increase the security of routing announcements. RPKI pro mises to reduce the widespread costs that mistaken and malicious routing a nnouncements impose on network operators and their customers. Yet adoption rates are low—especially in North America. Why has RPKI adoption been m ore widespread in Europe and Latin America than in North America? Are ther e legal barriers to adoption that might be surmounted?\n \nI am part of a team from the University of Pennsylvania Law School that is conducting int erviews across the routing community to better understand the barriers to RPKI adoption. Ultimately\, we will produce a report aimed to stimulate di scussion and action. Before doing so\, we are interested in hearing from a nyone in the NANOG community who has experience with RPKI\, procurement of similar services\, or simply is interested in the subject.\n \nOur work i s funded by NSF Award #1748362\, Legal Barriers to Securing the Routing Ar chitecture. LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Lightning Talk: Submarine Cable Status Map DTSTART;VALUE=DATE-TIME:20180626T212000Z DTEND;VALUE=DATE-TIME:20180626T213000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1749 CONTACT:Mehmet Akcin DESCRIPTION:Speaker: Mehmet Akcin\, Kapany Networks Inc.\n\nWe are all awa re of the amazing www.submarinecablemap.com which we use many times planni ng our network and various other reasons. I am putting together with my ow n financial and personal efforts a map which shows the operational status of the map. https://map.kapany.net is available for people to visit and se e this information.\n\nWe are looking for developers to help with granting access to map or source data for NOCs\, Carriers to update the status the mselves and various other reporting people in the industry requested such as Total capacity per segment\, etc. LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Tuesday PM Break DTSTART;VALUE=DATE-TIME:20180626T213000Z DTEND;VALUE=DATE-TIME:20180626T220000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1723 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:EVPN for Everyone Else - Evolved Campus Core DTSTART;VALUE=DATE-TIME:20180626T220000Z DTEND;VALUE=DATE-TIME:20180626T223000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1684 CONTACT:Vincent Celindro DESCRIPTION:Speaker: Vincent Celindro\, Dell Technologies\n\nToday when yo u hear someone talk about EVPN/VXLAN it's more than likely in the context of a DataCenter. This session will address another use case and a novel wa y of leveraging EVPN/VXLAN. \n\nEverybody has a campus network. Enterprise s\, Service Providers as well as Data Centers\, be it servicing a handful of employees at a remote datacenter\, maybe thousand plus corporate users in a single building or split across multiple buildings/regions. Consider not only users but the various IOT connected device as well (VoIP\, Buildi ng Automation …) – what are the challenges\, what are the concerns tha t campus networks have faced since the very beginning. The underlying camp us network architecture has not changed since the early 2000s. You will le arn the similarities between the Datacenter and the campus\, how to levera ge the benefits of EVPN/VXLAN to address some of the leading campus challe nges all while improving security. \n\n LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Packet-Level Network Analytics without Compromises DTSTART;VALUE=DATE-TIME:20180626T223000Z DTEND;VALUE=DATE-TIME:20180626T230000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1686 CONTACT:Oliver Michel DESCRIPTION:Speaker: Oliver Michel\, University of Colorado Boulder\n\nNet work analytics has been a key component of network management for decades. As we look to integrate more intelligence\, whether for increased securit y or to better handle the emergence of new applications like IoT\, we need more information from the network and better tools to process the informa tion. Traditionally\, network monitoring and analytics systems rely on ag gregation (e.g.\, flow records) or sampling to cope with high packet rates . This has the downside that\, in doing so\, we lose data granularity and accuracy\, and in general limit the possible network analytics we can perf orm. Recent proposals leveraging software-defined networking or programmab le hardware provide more fine-grained\, per-packet monitoring but still ar e based on the fundamental principle of data reduction in the network\, be fore analytics. Even today\, modern network analytics system are still inc apable of efficiently processing the deluge of information available with fine grained information. In this talk\, we present our work to drasticall y increase software performance for analytics\, and to leverage modern pro grammable switches to generate per-packet information at Terabit line rate s. \n \nWe will present our system which is a complete network monitoring solution that provides insight into every single packet at data center sc ale traffic rates. Our system consists of a hardware-software co-design le veraging programmable forwarding engines for telemetry and modern parallel programming techniques for analytics. Our system is able to collect and a nalyze packet records at terabit speeds for 10s of millions of packets per second per application. These applications can easily be parallelized and scale almost linearly with CPU core count. Analytics applications can be written in standard C++ code and can dynamically scale at runtime. LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:"Multicloud" - the next generation cloud infrastructure DTSTART;VALUE=DATE-TIME:20180626T230000Z DTEND;VALUE=DATE-TIME:20180626T234500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1648 CONTACT:Deepti Chandra CONTACT:Jacopo Pianigiani DESCRIPTION:Speaker: Jacopo Pianigiani\nSpeaker: Deepti Chandra\n\nSo\, w hat are data center networks really built for? Short answer "applications" . Whether it is a public cloud provider\, private enterprise\, FSI or telc o cloud - the nature of applications across each data center type impose a different set of demands on the underlying network infrastructure. A next generation architecture is one that is versatile yet modular enough to ad dress these different application needs\, whether these are HPC and Big Da ta\, legacy or real-time content. A common architecture goal is for a unif ied and consolidated network design that can leverage standardized technol ogy attributes and can integrate a versatile workload environment be it hi gh performance bare metal servers to a microservices enabled container env ironment. This tutorial is aimed at an in-depth structured understanding o f data center business and technical requirements and how EVPN-VXLAN const ructs serve as a swiss-knife approach to achieve the same. Practical case study examples that translate theoretical concepts into building blocks fo r designing and automating multi-tenant data center deployments. Explore h ow a unified technology solution can help build a network that grows with increasing east-west traffic\, seamlessly connects with the backbone for n orth-south communication while leveraging familiar protocol concepts to ac hieve security insertion. We will also go over operator issues with traffi c optimization\, multicast and BUM traffic handling and other common pitfa lls. A final step would be to define requirements for a cohesive solution using a centralized controller that enables a data center network operator to leverage the same degree of agility and visibility for both the physic al network and the application infrastructure to truly build a software-de fined data center. \n LOCATION:Centennial ABC END:VEVENT BEGIN:VEVENT SUMMARY:Beer n Gear DTSTART;VALUE=DATE-TIME:20180627T000000Z DTEND;VALUE=DATE-TIME:20180627T020000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1729 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Tuesday Evening Social Event DTSTART;VALUE=DATE-TIME:20180627T020000Z DTEND;VALUE=DATE-TIME:20180627T050000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1732 CONTACT:Darrieux Harvey DESCRIPTION:\n\nTime: 8:00pm - 11:00pm\n\nLocation: Cowboy Lounge\n\nAddre ss: 1941 Market St. Denver\, CO 80202\n\n**Picture ID required for entry** AND **NANOG Badge required for entry** LOCATION:Cowboy Lounge END:VEVENT BEGIN:VEVENT SUMMARY:Wednesday Meeting Registration DTSTART;VALUE=DATE-TIME:20180627T133000Z DTEND;VALUE=DATE-TIME:20180627T230000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1711 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Wednesday Breakfast DTSTART;VALUE=DATE-TIME:20180627T133000Z DTEND;VALUE=DATE-TIME:20180627T154500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1721 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Capitol Ballroom 1-4 END:VEVENT BEGIN:VEVENT SUMMARY:Wednesday Espresso Bar DTSTART;VALUE=DATE-TIME:20180627T143000Z DTEND;VALUE=DATE-TIME:20180627T223000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1714 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Foyer END:VEVENT BEGIN:VEVENT SUMMARY:Choose your own adventure: Networking professionals roads to succe ss. DTSTART;VALUE=DATE-TIME:20180627T160000Z DTEND;VALUE=DATE-TIME:20180627T164500Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1700 CONTACT:Sylvie LaPerriere CONTACT:Matt Ringel CONTACT:Martin Hannigan CONTACT:Michaela Clifford CONTACT:Danilo Mayorga CONTACT:Eve Griliches CONTACT:Chris Woodfield DESCRIPTION:Moderator: Michaela Clifford\, Netflix\nSpeaker: Eve Griliches \, Product Marketing\, Cisco Systems\nSpeaker: Martin Hannigan\, Twitch\nS peaker: Sylvie LaPerriere\, Google Inc.\nSpeaker: Danilo Mayorga\nSpeaker: Matt Ringel\, Akamai Technologies\nSpeaker: Chris Woodfield\n\nEvery path to success is different and the diverse community of networking professio nals NANOG is an excellent example of that. We have the opportunity to hel p and inspire people who are new to networking and unsure of what to do ne xt\, or even established professionals who are want to make a change. \n\n This panel is comprised of diverse members of the networking community. Ea ch panelist will discuss their individual path that lead them to their cur rent career. As well as provide advice based on what they've learned durin g this time. With a short Q and A with the audience at the end. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Scaling the Facebook backbone through Zero Touch Provisioning (ZTP ) DTSTART;VALUE=DATE-TIME:20180627T164500Z DTEND;VALUE=DATE-TIME:20180627T173000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1660 CONTACT:David Swafford CONTACT:Brandon Bennett DESCRIPTION:Speaker: Brandon Bennett\, Facebook\nSpeaker: David Swafford\, Facebook\n\nZero Touch Provisioning is a method of configuring network de vices through DHCP from a factory-blank state. In response to a DHCP-DISCO VER\, a device is given either a configuration file or a configuration scr ipt to execute on the network device. For the scripted option\, how the sc ript executes and what it's capable of varies by each vendor (so far) and by network role.\n\nAfter configuring itself\, the device will typically r eboot and voila\, FIN! But\, no\, in real life we have other things to do before releasing a device to production. We also have had interesting pr oblems of not being able to generate configuration prior to physically ins talling a device - so if you don't have configuration pre-generated\, how do you respond to a DHCP request with a configuration file?\n\nThis proble m led us to develop a workflow automation system wrapped around ZTP whereb y ZTP is a step in the early portion of a workflow but not necessarily the beginning. By wrapping other automation steps before\, during\, and after \, we were able to bring end-to-end automation to the provisioning space w hile greatly reducing errors and failures.\n\nIn this talk\, I am going to focus on how we provision our backbone devices using ZTP\, dive deep into the workflow automation built to rid ourselves of endless MOPs (procedura l documents executed by human technicians)\, briefly show the changes we m ade on our DHCP stack (ISC's open-source DHCP server) to parse and respond to our various vendors with a per-device specific Python agent\, and dive into our use of a Python agent running on-box. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Hackathon Recap DTSTART;VALUE=DATE-TIME:20180627T173000Z DTEND;VALUE=DATE-TIME:20180627T180000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1733 CONTACT:Chris Woodfield DESCRIPTION:Speaker: Chris Woodfield\, Salesforce\n\nWe'll use a 30 minute slot for our sponsor to do a presentation of the Sunday Hackathon\, and i ntroduce the winning teams. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Wednesday Lunch (On Your Own) DTSTART;VALUE=DATE-TIME:20180627T180000Z DTEND;VALUE=DATE-TIME:20180627T193000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1739 CONTACT:Darrieux Harvey DESCRIPTION:\n\n END:VEVENT BEGIN:VEVENT SUMMARY:The State of Traffic Engineering - an ISP's Perspective DTSTART;VALUE=DATE-TIME:20180627T193000Z DTEND;VALUE=DATE-TIME:20180627T200000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1646 CONTACT:Andrew Gray DESCRIPTION:Speaker: Andrew Gray\, Charter Communications\n\nThis talk wil l go over the current state of the major Traffic Engineering solutions (st arting with basic static routing and working through IGP as MED\, AIGP\, R SVP-TE\, additional RSVP tweaks\, SR-TE\, SRv6\, and various PCE solutions ) following our internal project to determine which way to go for the next couple years. Large scale ISPs have different requirements than either e nterprise or large-scale web service providers\, and those requirements st eer us differently. Pros and cons from that perspective for each method w ill be reviewed\, and a readout on both the current state as we see it\, a long with where we see the future going and some thoughts about the proble ms that still need solving. This talk is set at a white paper level\, and is not aimed to go deep into the technical details about each of the opti ons (as that would take a substantial time slot)\, but some technical item s will be called out if they were a major issue. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:DDoS evolution and enhancing DDoS protection with BGP flowspec DTSTART;VALUE=DATE-TIME:20180627T200000Z DTEND;VALUE=DATE-TIME:20180627T203000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1655 CONTACT:Taylor Harris DESCRIPTION:Speaker: Taylor Harris\n\nProvide a brief review of DDoS and D DoS evolution over the last few years. Describe new attack vectors\, such as memcache and Carpet Bombing. Explain how flowspec can help prevent DD oS traffic at the edge\, and provide a demonstration of a home brew softwa re defined method of mitigating DDoS traffic using exa-bgp and flowspec. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:SDN Controllers in the WAN: protocols and applications DTSTART;VALUE=DATE-TIME:20180627T203000Z DTEND;VALUE=DATE-TIME:20180627T210000Z DTSTAMP;VALUE=DATE-TIME:20191029T154945Z UID:1643 CONTACT:Julian Lucek DESCRIPTION:Speaker: Julian Lucek\, Juniper Networks\n\nSome operators hav e recently been deploying SDN Controllers in the WAN for the first time. T his presentation discusses the protocols needed to underpin a quasi-real-t ime SDN Controller for the WAN\, and the major applications of such contro llers. The flow of the presentation is as follows:\n\nA/ How an SDN Contro ller gains visibility of the network\, using the following ingredients \n\ n(i) BGP-LS for topology discovery\, including attributes of physical link s such as bandwidth and metrics. This will include a discussion of how a c ontroller gains visibility across multiple AS’s\, in the case of multipl e-AS networks\,\n(ii) Streaming telemetry for link and LSP statistics and link latency data \n(iii) Status of traffic-engineered LSPs via PCEP\n\nB/ How an SDN Controller instantiates or modifies RSVP (via PCEP) or Segment -Routed (via PCEP) traffic-engineered LSPs across the network\n\nC/ Bulk T raffic Management use-case. This is especially useful for operators carryi ng large volumes of internet traffic and who need a way of automatically a voiding traffic hotspots. This is achieved by having the controller monito r link utilization and LSP utilization by consuming streaming telemetry fr om network nodes\, so that it can work out which LSP(s) it needs to rerout e in order to ease the congestion on hot links.\n\nD/ Creating LSPs to und erpin particular service requirements\, for example \n\n(i) diversely rout ed pairs of point-to-point LSPs to underpin path-diverse pseudowires\, as a next-gen replacement for SONET private circuit services \n(ii) LSPs that follow the current minimum latency path\, for delay-sensitive traffic \n( iii) pairs of diversely routed Point-to-Multipoint (P2MP) LSPs for Profess ional Broadcast TV and Financial Market Data feeds.\n LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Vaping - A healthy alternative to SmokePing DTSTART;VALUE=DATE-TIME:20180627T210000Z DTEND;VALUE=DATE-TIME:20180627T213000Z DTSTAMP;VALUE=DATE-TIME:20191029T154946Z UID:1696 CONTACT:Matt Griswold DESCRIPTION:Speaker: Matt Griswold\, United IX\, 20C\n\nI will talk about a tool we made and open sourced to replace smokeping. How well it scales\, how it allows for distributed probes\, and how after testing \, we discov ered ssh is faster than SNMP.\n\nWe just finished realtime MTR graphing\, and I would like to demo that and show how easy it is to make plugins.\n\n On the web side\, the foundation is a legit daemon for web service\, which will solve a lot of people's problems\, so I'd like to talk about that a bit as well. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Lightning Talk: Securing Physical Access to Systems\, Networks and Data DTSTART;VALUE=DATE-TIME:20180627T213000Z DTEND;VALUE=DATE-TIME:20180627T214000Z DTSTAMP;VALUE=DATE-TIME:20191029T154946Z UID:1752 CONTACT:Alan Hannan DESCRIPTION:Speaker: Alan Hannan\n\nInformation Security is a complicated and well discussed topic. InfoSec is vitally important and one weak link can break the chain. Less popular these days is discussion on physical se curity of circuits\, systems\, networks\, and data. This talk outlines 5 areas where you can make your systems and sites more secure. 1. Cage/Cabi net Access and Monitoring\; 2. Circuit Encryption\, 3. Encryption Kay Mana gement\, 4. Encryption at Rest\, 5. Vendor Access LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Lightning Talk: Automated DDOS Protection for our National Service -Provider Backbone (that lets our engineers sleep at night) DTSTART;VALUE=DATE-TIME:20180627T214000Z DTEND;VALUE=DATE-TIME:20180627T215000Z DTSTAMP;VALUE=DATE-TIME:20191029T154946Z UID:1753 CONTACT:Jeremy Palmer DESCRIPTION:Speaker: Jeremy Palmer\n\nAt Flexential (formerly Peak10 + Via west) we created an automated DDOS detection/mitigation solution that prot ects all company and customer IP assets across all of our datacenters and ASes. The system is able to automatically detect inbound or outbound DDOS attacks\, reroute attack traffic to our DDOS scrubbing vendor\, determine the specific customer that is under attack\, and notify the customer via o ur ticketing system. This solution has resulted in a large reduction of DD OS-related escalations\, and allows our engineers to sleep at night (most of the time). We'll discuss the overall solution including challenges and lessons learned\, and give examples of the system in action. LOCATION:Centennial Ballroom END:VEVENT BEGIN:VEVENT SUMMARY:Conference Close DTSTART;VALUE=DATE-TIME:20180627T215000Z DTEND;VALUE=DATE-TIME:20180627T222000Z DTSTAMP;VALUE=DATE-TIME:20191029T154946Z UID:1716 CONTACT:Darrieux Harvey DESCRIPTION:\n\n LOCATION:Centennial Ballroom END:VEVENT END:VCALENDAR