|
Wednesday Meeting Registration
|
| Date/Time |
7:30 AM to 3:30 PM
|
| Location |
Regency Foyer |
|
back to meeting agenda.
|
|
Wednesday Breakfast
|
| Date/Time |
7:30 AM to 9:45 AM
|
| Location |
Regency A-B |
|
back to meeting agenda.
|
|
Wednesday Espresso Bar
|
| Date/Time |
8:30 AM to 3:30 PM
|
| Location |
Regency Foyer |
| Sponsors |
|
|
back to meeting agenda.
|
|
Whiteboarding 101
|
| Date/Time |
10:00 AM to 11:30 AM
recorded
|
| Location |
Plaza Ballroom |
| Presenters |
- Speaker
- Matt Ringel, Akamai Technologies
|
| Abstract |
The “whiteboard talk” represents one of the key ways that engineers can communicate ideas in a concise and educational way to colleagues. More than a classroom lecture or a slide presentation, a whiteboard talk is a combination of several disciplines including teaching, storytelling, the visual display of information, and improvisational acting.
In this tutorial, the attendees will learn how to organize a whiteboard discussion, how to avoid popular pitfalls, and how to make sure that their audience walks away with the knowledge that the attendee wants them to have. These topics include how to narrow down the scope of a topic (both in terms of the topic itself and the level of abstraction), how to build the knowledge model for the talk, how to define terms for different audiences, and how to handle difficult audience members. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Transforming Lab Automation with Layer-1 switching fabrics based on SDN and whitebox switches
|
| Date/Time |
10:00 AM to 10:30 AM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Alessandro Barbieri, Pluribus Networks
- In his current role at Pluribus Networks, an SDN company based in San Jose (CA), Alessandro is responsible for the evolution of the Pluribus SDN platform and services.
Alessandro started his career as a software engineer at Cisco in 1998. While at Cisco he contributed to High-Speed Ethernet IEEE standards and served on the board of Director of the Ethernet Alliance.
|
| Abstract |
Modern test environments increasingly rely on automation of compute and network resources. The Continuous Integration/Continuous Development paradigm puts even more pressure on lab administrators to deliver a fully automated lab environment, where multiple developers groups share expensive lab resources and can build on-demand network topologies without incurring in any downtime.
The Layer-1 switching infrastructure interconnecting all the lab resources is at the core of the transformation of the lab into a self-service, on-demand, automated infrastructure. Traditionally Layer-1 switching fabrics relied on packet broker switches, or optical cross-connects with either a very high per-port cost, or limited flexibility to accommodate the variety of port speeds and media types required by the DUT(s) in the lab.
This talk explores how merchant silicon based whitebox switches coupled with Openflow-style technologies and VxLAN transport can enable Lab managers to build a highly distributed, multi-site, programmable and cost effective Layer-1 fabric to support any device, anywhere with Layer-1 transparency. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
That KSK Roll
|
| Date/Time |
10:30 AM to 11:00 AM
recorded
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Geoff Huston, APNIC
- Geoff Huston works as the Chief Scientist at APNIC, the Regional Internet Registry for the Asia Pacific region. His research interests include addressing, routing, the domain name system, security and measurement.
|
| Abstract |
The Key Signing Key of the Root zone of the DNS will roll on October 11. This lightening talk briefly explains DNSSEC and the role of the KSK, and the way in which we can measure the possible impact of this planned roll, toghether with sone results of recent measurement
|
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
New data architectures for high performance netflow analytics
|
| Date/Time |
11:15 AM to 12:00 PM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Fangjin Yang
|
| Abstract |
Operational analytic databases are a new class of data systems that are emerging to store and analyze various types of operational data, including netflows. Popular systems in this area include Apache Druid (incubating in the Apache Software Foundation), Scuba (from Facebook), Pinot (from LinkedIn), and Clickhouse (from Yandex).
In this session, we will describe the motivation and architecture behind operational analytic databases, and how they are used at some of the world’s largest companies to analyze netflows. This new class of data system enables rapid and flexible data ingestion, efficient data storage of large volumes of dimensional data such as netflows, and extremely fast queries compared against traditional systems. We will use Druid as a case study to explain the performance benefits for netflows.
Speaker:
Fangjin Yang is a co-author of the open source Druid project and a co-founder of Imply, a Silicon Valley technology company. Fangjin previously held senior engineering positions at Metamarkets (now a part of Snapchat) and Cisco. He holds a BASc in Electrical Engineering and a MASc in Computer Engineering from the University of Waterloo, Canada. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Wednesday Lunch (On Your Own)
|
| Date/Time |
12:00 PM to 1:15 PM
|
|
back to meeting agenda.
|
|
Data Plane Monitoring in Segment Routing Networks
|
| Date/Time |
1:30 PM to 2:00 PM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Clayton Hassen
- Faisal Iqbal, Cisco Systems Inc.
|
| Abstract |
Traffic blackholes, path divergence, and network faults are a significant pain point for network operators, leading to revenue and goodwill loss. The common source of these inconsistencies includes software bugs, control & data plane out-of-sync, race conditions, download/programming errors, forwarding entry corruption in software or hardware etc. Existing local and end-to-end detection mechanisms for these faults are either incomplete or fail to scale for large networks.
Segment Routing Data Plane Monitoring (SR-DPM) is a solution for a device to test its data plane for any SR-MPLS traffic received from any incoming interface towards any ECMP. Using a combination of adjacency and prefix SIDs, it allows a node to verify the correct functioning of its complete (ingress + egress) data plane in a scalable fashion. The SR-DPM solution is interoperable by design and does not require any software upgrade of the neighboring nodes.
In this presentation, we outline SR-DPM solution with the focus on the Segment Routing networks with MPLS data plane. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Panoptes: A Network Telemetry Ecosystem - Part Duex
|
| Date/Time |
2:00 PM to 2:30 PM
recorded
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Ian Flint
- Ian Flint is a 25-year veteran of Silicon Valley, however his career started in the Navy, where he was a Surface Line Officer in operations Desert Shield and Desert Storm. After leaving the Navy, he moved to Menlo Park where he started his high-tech career. His first startup, Billpoint, was sold to eBay in 1999, where Ian remained until 2006 as the billing and payments architect. In 2006, he joined Bix.com, an online contest site which was acquired by Yahoo in 2007. At Yahoo, Ian has filled diverse roles ranging from SE Chief Architect to Yamas Architect to Senior Director of SE for Front Page and related properties. Yahoo was acquired by Oath in 2017, where Ian is currently runs network automation.
- Varun Varma, Yahoo
- Varun Varma is a Senior Principal Engineer currently leading the design and development of a global Network Telemetry Platform @Oath, Inc.. Over the course of his 20 year career, Varun has worked in a variety of management and technical roles in startups to web scale companies, helping build and operate everything from embedded network devices to ad technology at Internet scale.
|
| Abstract |
At NANOG 70, we presented Panoptes, the unified network telemetry system under development at Yahoo!, Inc. (now Oath, Inc.). Panoptes monitors dozens metrics on dozens of types of devices, over dozens of sites across thousands of devices which contain hundreds of thousands of interfaces - every sixty seconds.
One and a half years have passed since then and we now have a bigger, better version which we describe in this presentation.
Specifically, we have introduced an enrichment subsystem, in addition to the discovery and polling subsystems, which allows for complex transformations of metrics based on cached metadata, and also allows collection to be completely decoupled from other parts of the system. This enables new collection subsystems like streaming telemetry based on gNMI to be integrated into the system.
We have also built a large scale state aware topology mapping solution on top of the enrichment subsystem.
Most importantly, we will be announcing Panoptes’ release to open source, and showing how to get started with both deployment and development. We would like to present our vision for collaboration with users, researchers and vendors to integrate diverse technologies into the Panoptes platform.
|
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Lightning Talk: Precision Time Protocol puts new demands on converged campus network
|
| Date/Time |
2:30 PM to 2:40 PM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Brian Jemes
|
| Abstract |
Two year ago, production use of Precision Time Protocol (PTP) arrived on the University of Idaho campus in the form of new A/V equipment in classrooms. In particular, PTP is a critical element of Dante-enabled microphone and speaker systems. One year ago, classroom users began to report intermittent audio outages throughout the day. This talk will describe the problem, a workaround, and a solution that allowed us to support PTP-enabled applications, such as Dante, on a converged campus network. |
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Lightning Talk: Identifying DNS Open Resolvers in IPv6
|
| Date/Time |
2:40 PM to 2:50 PM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Alejandro Acosta
|
| Abstract |
Introduction
As all of you know, having DNS servers considered Open Resolvers is very negative, both for those who leave the service open, for the Internet and for online security. To read about Open Resolvers I recommend reading this link: https://www.certsi.es/blog/dns
Identifying a DNS Open Resolvers in IPv6 (open DNS servers)
Identifying Open Resolvers servers or open DNS servers in the world of IPv4 is easy, due to the short length of the IPv4 space (2 ** 32) it is relatively easy to run check every IP.
In the world of IPv6 it is virtually impossible to verify each IP address, I mean, to test IP by IP. If we try this test can last thousands of years
How is a DNS Open Resolver identified?
A recursive DNS server should only answer queries to its own clients (yes, there are few exceptions) and should reject any other. For example, the DNS servers of the ACME ISP should only respond to queries from their own clients, to no one else.
Our test consist in querying a domain name (such as www.lacnic.net) to a list of DNS servers, if the DNS server responds with a response then it is considered Open Resolver, if it returns a rejection (Query refused) or simply timed out it is not an Open Resolver.
How we find the list IPv6 resolvers?
Lacnic manages a server that can be called: Reverse Root Server, specifically the letter "D", that is, d.ip6-servers.arpa. Many queries looking information for reverse DNS goes throughout this server, in general this server ONLY receives queries from DNS servers. This is where they get IPv6 addresses from DNS queries. Since this server does not allow recursion every IP that queries this device can be considered a resolver.
What is going to be shown
In case this paper is accepted for presentation we are going to show results & statistics and how Lacnic notifies our members about this situation
|
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Lightning Talk: The Sunset of VXLAN
|
| Date/Time |
2:50 PM to 3:00 PM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Ignas Bagdonas, Equinix
- Ignas Bagdonas is a network engineer.
|
| Abstract |
VXLAN has been around for a decade, there are substantial numbers of deployments, and everything seems to be perfect. What might be wrong? It appears that many things are wrong with VXLAN, and it is not that easy to fit that. VXLAN was a successful accident – back at the time when it was designed (by a single vendor for a single product family), the intended use cases were narrow in scope and contained within a tight boundary, and it was a conscious engineering tradeoff. The rest is a history now – VXLAN got successfully used and abused for things not even envisioned at the time, and the limitations are now evident.
Three large and well known problem areas are present in VXLAN as an encapsulator:
1. No protocol identifier. VXLAN tunnel can carry single payload type only.
2. No indicator for non-client payload. This rules out majority of OAM mechanisms.
3. No extensibility. All fields in VXLAN header have defined values and no interoperable extensibility is possible.
IETF has addressed the problem space by designing a successor to VXLAN – Geneve. It provides mechanisms for practical extensibility, security aspects, better integration with OAM toolkits, and is starting to see traction in the industry. VXLAN has served well for a long, and time has come for it to be replaced.
The main goal of this lightning talk is to bring in awareness of fundamental limitations present in VXLAN, and provide information on alternative solutions available in the industry.
|
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Conference Close
|
| Date/Time |
3:00 PM to 3:30 PM
|
| Location |
Regency D-F |
| Presenters |
- Speaker
- Edward McNair, NANOG
|
| Presentation Files |
|
| Video Files |
|
|
back to meeting agenda.
|
|
Grab & Go Farewell
|
| Date/Time |
3:30 PM to 4:00 PM
|
| Location |
Regency Foyer |
|
back to meeting agenda.
|