I recently had the pleasure to join the 64th NANOG (North American Network Operators’ Group) meeting in San Francisco, which can be understood as one of the largest Internet engineering conferences at all. It takes place three times a year at different locations in North America.
What I personally like about NANOG is its strong collaborative and cooperative character. It is not about single persons and also not too much about spectacular projects but more about discussing technologies, ideas, challenges and numbers. Every talk has a comparatively large time slot reserved for discussion, which is often more than fully used. Discussion is typically actively focused and is more time-consuming (and even more relevant) than the talk itself. Which often is intended by the community. The climate of discussion is almost always impressively polite and constructive, even for controversially discussed topics.
General Observations:
I’ll roughly summarize my impressions. Please note, that (almost) all talk recordings are available online, as also are the slides.
If I got it right, NANOG64 was the biggest NANOG meeting ever: over 1200 participants. I already attended NANOG meetings before, these always had about 500-600 participants, even though they’ve been at popular locations too. The location (Westinn St. Francis, SF, CA) sometimes felt a little bit overcrowded. The Grand Ballroom was pretty filled up for the main sessions and they had to equip extra rooms, since the rooms intended for breakfast and lunch didn’t fit the number of participants. The social events have been very nice (at least those I attended) and as always took place at nice and authentic locations (for one location my SF city guide even recommended to avoid the particular district at night ;-)).
As usual, the event itself proceeded very smoothly. presentation equipment, audio, video – everything worked just fine. What was a little bit disappointing though, was the wireless network. The Internet connection was (obviously) (over-)engineered by craziness and thus never reached more then 10% load. However, the wireless was pretty slow. I talked with one of the org team guys and he told me, they used new equipment. That didn’t work out to well in particular for so many participants. Of course, the DHCP provided public IPv4 && IPv6 addresses. Sadly, DNS over IPv6 wasn’t possible.
On the first day, the control system of the so called “intelligent” elevators (those that tell you which elevator to take after you told a panel where you wanna go) rebooted while operating. As these elevators were the only intended ways to enter and leave the 32nd floor where the breakfast took place, it took quite a while before all people made it to the main conference room again. To be honest, the LCD inside the elevator suddenly showing a rebooting “Windows XP Embedded” splash screen, didn’t give me a cozy feeling. Of course a photo of it made it into the opening event, which had to start later due to that incident. Some further impressions can be found here.
Talks
I won’t cover all talks I attended but just those I found most interesting, since as I said, almost everything is available online.
Open Internet Order – a regulator’s read of the FCC’s recent Open Internet Order, and related regulatory proceedings.
This talk basically gave an update on what’s the current state of a project they refer as “Open Internet” and which is basically what we in Germany call “Netzneutralität”. FCC is the Federal Communications Commission (comparable with the German Bundesnetzagentur) and these guys put quite some effort in establishing something like net neutrality by creating a framework that establish three “bright lines” as they call it: No blocking, No throttling, No Paid Prioritization. As one might expect, the discussion was quite interesting as these rules may interfere with the
Internet as some providers think of it today. However, if I got it right, these rules took affect two weeks ago and of course are of particular interest for carriers and ISPs as they also affect transit traffic. These seemed like a big issue to me during the discussion. It was also heavily discussed that the FCCs definition of “Internet” doesn’t cover upper layers (apps, DNS and so on), meaning prioritization can still be done there. This topic will surely continue to occupy the community for quite a while.
SENSS: Security Service for the Internet
This talk basically described a new approach on mitigating large scale network attacks such as DDos and BGP prefix hijacking. It can be seen in one line with attempts like SBGP and so forth. It introduced and programmable interface to inter-AS operation. It’s in a prototype-state. Time will tell if vendors find it useful and implement it..
Research and Education Track: Water, not Land [A perspective on IPv4 runout]
Julie Percival approached IPv6 adoption with a game theoretical model from a social scientific point of view. She focused on public resource management and tried to classify the problem of IPv4 address runout within that domain. As one of their hypothesizes she stated that the model could affect the behavior of participating players, which in turn could be used to change the current model of IPv4 address management and policies for handling IPv6 address allocation.
Overall it was a very “academic” talk which I found very interesting. It won’t change the world but it felt very refreshing to observe the topic from a complete different angle and with different eyes. The following discussion turned out to be very interesting too. Obviously it didn’t take too long before a parallel with California’s current drought-problem was drawn which turned out to have a lot of similarities with the IPv4 address runout problem.
Security Track: Blackholing at IXPs
Daniel Kopp from DE-CIX presented their approach on allowing ISPs to blackhole prefixes for their own ASs (e.g. to mitigate DOS attacks) through an interface they implemented within the DE-CIX network. Actually it’s a rather simple approach and I was surprised that something like this didn’t existed so far.
It was good to see a following discussion about authorization and how to make sure the system isn’t abused. In particular representatives of US ISPs/carriers questioned the possibility to basically ban parts of the Internet for their customers without even asking for permission. In other words, they questioned the IPS natural mandate to decide “what’s good for the customers” (talking about “customers” as organizations with own ASs…).
Security Track: Modern Climate of DDoS
The basic message of this talk was that DDoS is still one of the (if not THE) major threats faced by carriers/IPS. Capacities raised up to 400Gbps for a single attack, and cities and public institutions like schools become more and more a target. BitCoin became the main currency in that “business” and while China is still the #1, Korea made it to 2nd place as DDoS source in the last year. While the total number of DDoS sources decreased, attacks became more sophisticated and thus last longer and are harder to mitigate.
For me it felt like the carrier world still doesn’t have an affective countermeasure to sophisticated DDoS attacks at all. However, I’m not entirely sure who to blame though.. 😉
The benefits of deploying IPv6 only
A talk full of numbers. Actually, I don’t see to much benefit in rephrasing all these numbers here. So I recommend to have a look at the slides or maybe even better watch the recording as it has a lot of interesting insights and numbers from Comcast, T-Mobile USA and Facebook in it. In particular Facebook drew some very interesting conclusions by comparing their IPv4 vs. IPv6 usage statistics. In addition, it gives a good feeling on how the IPv6 deployment proceeds out there (or at least in the U.S.).
Evolution of Ethernet Speeds – What’s New and What’s Next
last but not least a talk about hardware. Greg Hankins from Alcatel-Lucent presented current development on Ethernet standards. Even though standards for 400GE and more are in progress, industry (and related task forces) also focus on standards for 2,5GE and 5GE, which can be used with CAT5 cabling, as this is by far the most widespread and installed technology. In particular when it comes to in-house cabling. And it STILL is the most installed cable technology (58 billion meter in 2014).
The main motivation for higher bandwidths is the threatening rise of wireless bandwidth and distribution, which creates bottlenecks at the wireless backholes. All in all an interesting summary on the current state of cabling/Ethernet technology development.
That’s enough I’d say 😉 Have a nice (and maybe even sunny) weekend!
micele
Great post, Michael, covering NANOG64. Actually, the panel with Geoff, John, Gaurav and Paul was my favorite talk of the conference, and I used some of their insights to write my last post, focused on why IPv6 matters for Mobile Performance. You can check it out here: https://dataddict.wordpress.com/2015/10/12/ipv6-matters-mobileperf/
Any comment or suggestion is more than welcome. BTW, great work securing ERNW: https://www.ssllabs.com/ssltest/analyze.html?d=www.ernw.de&s=2003%3a60%3a4010%3a1090%3a0%3a0%3a0%3a11