- Luca Sani
- Winston Seah
- Geoff Huston
- Warren Finch
- Jonathan Brewer
- Mircea Ulinic
- Geoff Huston
Since the late 1990s, projects like RIPE NCC RIS and Route Views are collecting BGP data to monitor the inter-domain Internet evolution.During the last years the amount of data collected has increased greatly, mostly due to the introduction of new route collectors (e.g.PCH, Isolario), new BGP feeders, new BGP extensions (e.g. Multiprotocol RFC4760, ADDPATH RFC7911) and, of course, due to the natural growth of the Internet.
Most of the MRT-BGP data reader were designed when the amount of data available was smaller, and as a consequence are not able to perform efficiently with current datasets. Moreover several of them do not support most of the BGP extensions introduced in time usually because they are not properly maintained and updated.
In this presentation it is proposed to the APRICOT community BGP scanner, a new open source MRT-BGP data reader and C library implemented at IIT-CNR, which is exploited in the Isolario project. To the best of our knowledge, BGP scanner outperforms all the MRT-BGP data reader freely available online, in terms of speed and memory consumption.
It is well known that there are network traffic flows which consumeconsiderably more network resources than others, and such a flow isknown as a heavy-hitter (HH). The appropriate detection and managementof HHs are critical for maintaining network performance, presentingcritical network challenges. Yet, HH detection has been reduced to theuse of a threshold, i.e., if the flow exceeds a previously set thresholdvalue, the detector determines that the flow is an HH. To the best ofour knowledge, there is no uniform definition of the threshold value. Inthis study, we take advantage of the tools provided by machine learning(ML) for data analysis, that can categorise the flows into trafficclusters, where each cluster has different flow characteristics. Thispresentation outlines the methodology, a visualization of the relevantattribute statistics that aid in recognising cluster types and outlinehow the scheme can be implemented in a real network. We conclude with adiscussion of ongoing and future work.
We are very aware of the extent to which our online profile is being collated, analysed and monetised. The DNS can be a major source ofactivity profiling. The DNS architecture is open, chatty, and promiscuous, which seems very anomalous in this day and age. However, the DNS picture is changing and steps are being made to improve the privacy-protecting properties of name resolution. This presentation surveys the current efforts to improve the privacy of the DNS.
An overview of QR codes, what makes up a QR code, and some Proof Of Concept on ways that it can be used, maliciously or otherwise.
The presentation discusses the use of QR Codes and where it could be used maliciously. Including a review of Kali Linux and the Social Engineering Toolkit to send phishing emails. Then demonstration of the QRLJacking toolkit to hijack a whatsApp login.
Then finally looking at the technical specifications of QR codes and how to reverse engineer a QR Code.
LoRa is one of a handful of new Internet of Things radio protocolsdesigned for low power, wide area networks. It trades speed forrobustness, and its small messages can penetrate both literal & urbanjungles. LoRaWAN is an open set of protocols using LoRa to create an IoTnetwork with multiple layers of encryption and mobility. This talk willprovide a technical introduction to the protocols aimed at networkoperators.
Cloudflare runs a large anycast network, with over 150 deployments worldwide. Deployments of this size come with their own unique set of difficulties and challenges. One of the bigger challenges is a global change to the anycast routing. Minor mistakes or delays might have an enormous impact, as traffic can shift globally, overwhelming a single location with requests that really shouldn't be there. In the past, the network team at Cloudflare made the decision to add prepends to our prefix announcements.
At the time, this was a reasonable decision, that actually made the anycast network work as expected. These prepends had their use then, but are no longer a required piece of configuration, and haven't been for a long time. As some of you will realise, changing this piece of configuration could lead to massive problems while the change is being rolled out like overloading single locations, or overloading individual transit pipes.
Every computer has a local clock that tells the time. But how accurate is this clock? The presentation takes a quick look at time and the Network Time protocol and then describes an exercise in measuring time accuracy across the Internet and makes some conclusions as to how well time is synchronised across the Internet.
- Peter Gitau
- Bijal Sanghani
Internet Exchange Point Route Server filtering actual experience and lessons learned.
Over the last year Euro-IX has been leading the IXPDB project. This isthe only automated database where IXPs control and can publish theircomplete member list. The database is now live and we are working onbuilding tools around that to help IXPs and Networks find informationabout each other.
Today we have 79 IXP exporting this data to the IXPDB, I hope to createawareness to encourage and motivate more IXPs to go down this route sowe can have some reliable data for the community.
This talk will include:
- Quick History of the project
- The IX-F JSON Member List
- Euro-IX tools now available
- A roadmap of new tools coming in 2019
- What the community can do to help.
I also hope to get feedback from the attendees on new ideas and tools they'd like to see.
- Mircea Ulinic
- Jordi Palet Martinez
- Alan Whinery
- Philip Paeps
One of the major challenges in networking is the diversity of data representation, often vendor specific. Vendors APIs are inconsistent and incomplete, some mainstream platforms are closed and custom software is not allowed on your device.
By combining Salt proxy minions with third-party libraries such as NAPALM, which presents the data in a vendor-agnostic shape, we are able to leverage the DevOps methodologies in networking.
NAPALM support is now integrated in the official Salt releases, beginning with Carbon and improved in Nitrogen. Beyond cross-vendor configuration management, reaction to internal and external network events becomes easy and there are no orchestration boundaries.
In this tutorial, we will learn how we can leverage Salt for event-driven automation, reacting with configuration changes, alerts, or different types of notifications (email, SMS, web hooks, etc.) in response to network state changes. While Salt is flexible enough to be extended for any business logic and ingest the events from any resource, in this session we will focus on exploiting the syslog messages received from the network devices via a third-party, open source daemon, napalm-logs which provides the platform abstractisation for the syslog messages.
This tutorial will introduce the different IPv6-only transition technologies that apply to both, broadband and cellular networks, comparing them and discussing the required steps to deploy IPv6-only with IPv4-as-a-service (IPv4aaS) in an ISP/enterprise network.
The transition mechanisms will include:
- Tunnelling (6RD, DS-Lite, lw4o6, MAP-E)
- Translation (MAP-T, 464XLAT, NAT64)
The main effort will be devoted to how to IPv4aaS and in the hands-on, to setup NAT64, DNS64 and 464XLAT and the implications for DNSSEC and possible solution approaches, based on the IETF work:
90 minutes will be used for the tutorial part and in the 2nd 90 minutes to allow the participants do their own labs.
Although many visible IPv6 deployment metrics show small-percentage prevalence of IPv6 connectivity, the proportion of popular resources that are available to IPv6 clients on a well-connected dual stack network can exceed 50%. Popular content spheres, such as Google, YouTube NetFlix, Yahoo, Wikipedia, and various CDN offer content over IPv6, and for many users, those providers comprise a large percentage of requested content. If we are at the point of getting IPv4 and IPv6 in similar proportions, the question arises as to whether an organization can make the jump to running an IPv6-only network, and delivering IPv4 as a service. Our experience has shown that a well tuned IPv6-Only network can be indistinguishable from a dual-stack or IPv4-only network. This tutorial provides details into how to build DNS64//NAT64/464XLAT networks, reports on experiences from universities that have already deployed and spent time with such networks, and first-hand experiences of an IPv6-Only wireless network in the tutorial.
This tutorial was presented at Internet2 Technology Exchanges in 2017 and 2018.
ZFS is known as 'the last word in filesystems'. This tutorial will get your hands dirty with installing, configuring and managing reliable and scalable storage systems with ZFS on FreeBSD. We will cover pool-based storage, optimising storage systems for performance and redundancy and practise zero-downtime recovery from common storage events such as failing disks or running out of space. Participants should bring a laptop with either VirtualBox or VMware installed.
- Aftab Siddiqui
With ever growing routing related incidents happening on daily basisthere is a need to have an open and candid discussion among the networkoperators community to find the possible way forward. To address this Iwould like to propose a Routing Security BoF, where operators can sharetheir approach in securing their own infrastructure and keeping theinternet routing table clean as well.
Also, this will provide a platform to discuss how operators are lookingat RPKI and what are the roadblocks and will try to find out if anyonehas implemented ROV.