Registration and Breakfast

Welcome

• Lasse Jarlskov (DKNOG)

Sustainable network automation: From minimum viable product to mature valued platform (DKNOG14 Main Track)

• Allan Eising (Telia Company)

At DKNOG12 I talked about lessons learned in the implementation of a new network automation platform for a service provider network with thousands of existing business to business services. It's now been in operation for almost two and a half years. Since then, the platform has grown, bugs have appeared and been squashed, and new functionality has been steadily added. This talk will focus on the lessons and experiences gained. In this talk I will present some of the key learnings, both good and bad, and try to sum up these experiences for you to take away into your own automation projects. About the speaker Allan Eising works for Telia Company as an architect and lead developer in the network automation team. He has worked with service provider networking for close to two decades and still dreams of a day where network automation will take care of all the tedious work so network engineers can focus on solving interesting problems instead of copy/pasting into terminal windows.

Your Automation Journey: From Scripting to Intent (DKNOG14 Main Track)

• James Henderson (Data Ductus Inc.)

An exploration of network automation, specifically crafted for experienced network engineers. This session will guide you through different automation types, from scripting for task automation to the advanced strategies of intent-based networking. We'll clarify the vital role of a 'Source of Truth' in network automation, discuss the integration of workflow engines into broader network strategies, and distinguish between templates and services in practical scenarios. Designed to offer clear, actionable insights, this talk aims to enable your assessment of network automation techniques.

RPKI: Enhancing Security with Robust Deployment (DKNOG14 Main Track)

• Gerardo Viviers (RIPE NCC)

A recent RPKI incident emphasised the crucial role of a robust RPKI infrastructure, rigorous testing, and well-defined outage procedures. Despite a temporary disruption, the prompt response and the underlying RPKI infrastructure's resilience averted significant Internet disturbances. To minimise RPKI outages and enhance Internet security, organisations should adopt practices such as regular testing, automated monitoring, and staff education.

SCION: Secure Path-Aware Internet Routing (DKNOG14 Main Track)

• Kevin Meynell (SCION Association)

SCION is a secure path-aware Internet architecture, designed to achieve high resilience to routing attacks and path selection for Internet users and operators with safety critical traffic such as in the financial, healthcare and power sectors. RPKI/ROV is useful for origin validation but does not validate paths, ASPA is still an experimental technology, whilst BGPSEC has yet to be widely deployed and needs explicit router support along a path to achieve the full benefits. SCION has commercial and open-source implementations and is in production use by the financial services industry in Switzerland and internationally - including the SU, Korea and Singapore - as well as the SCION Research & Education Network (SCIERA). This talk will discuss the SCION design and architecture, its trust model, and how it can be deployed. It will also discuss the IETF/IRTF work, and the community efforts supported by the SCION Association to encourage further deployment and development.

BNG Blaster - Open Source Network Tester (DKNOG14 Main Track)

• Christian Giese

Originally developed as an access protocol tester, the BNG Blaster has undergone a significant evolution, transforming into a comprehensive network testing tool that now encompasses both access and routing functionalities. Its scope has expanded beyond the assessment of access protocols and now encompasses a broader spectrum, involving the evaluation of network functionalities at large. Contrary to its nomenclature, the BNG Blaster isn’t restricted only to BNG (Broadband Network Gateway) testing. It simulates a massive number of PPPoE and IPoE (DHCP) subscribers, encompassing IPTV and L2TP (LNS). Additionally, it supports all common routing protocols such as IS-IS, OSPF, LDP and BGP. This allows for comprehensive testing of both BNG and non-BNG routers, enabling end-to-end evaluations. The included traffic generator serves various functions. It can be used to verify forwarding, conduct QoS tests, and measure convergence times. With the capacity to handle millions of separate tracked flows, it allows for thorough verification of every forwarding state within a complete internet routing table. Furthermore, it enables the transmission of traffic to each specific QoS queue present in service edge routers with detailed per-flow statistics like receive rate, loss or latency. The BNG Blaster is used by leading network operators like Deutsche Telekom AG with their famous Access 4.0 project, network hard- and software vendors like RtBrick and many more. https://rtbrick.github.io/bngblaster/#

DNS Monitoring with Prometheus and dns_exporter (DKNOG14 Main Track)

• Thomas Tykling Rasmussen

This talk is about DNS monitoring with Prometheus and dns_exporter, a multi-target Prometheus exporter with an exclusive focus on DNS monitoring. It is built on the excellent libraries dnspython and the Prometheus Python client library. dns_exporter can be used to monitor availability and performance of DNS servers, and to validate the responses they return. It can monitor recursive and authoritative servers regardless of the software they run. You can use it to make sure your (or your providers) DNS servers are sending the replies you expect, and configure Prometheus and Alertmanager to notify you if something stops working. dns_exporter supports doing DNS queries over plain port 53 UDP and TCP, as well as DoT, DoH, and DoQ.

Using NetFlow to fight DDoS at the source (DKNOG14 Main Track)

• Nina Bargisen (Kentik)

Is spoofed traffic coming through your network? Are you absolutely sure? Service providers have an obligation to identify and remediate spoofed traffic coming through their networks. This talk discusses how a NetFlow analysis platform and be used to identify and remediate the spoofed traffic that drives DDoS attacks.

coherent optical transceivers - current capabilities and future possibilities (DKNOG14 Main Track)

• Thomas Weible

With the speed of 400G coherent technology was introduced to pluggable optical transceivers (OIF 400ZR and OpenZR+). This technology is complex and powerful for your network, it even has influence on your network device operating system. This talk will provide first insight in Nokia's implementation as well as known or potential interoperability issues addressed by the OIForum. If your transport system, router or even switch already provides coherent pluggable transceivers check the available interface parameters. You can send me these CLI outputs / management software screenshots to thomas.weible@flexoptix.net. I will try to include it into the presentation. And finally new formfactors for 800G and 1,6T will be part of the game as well. Stay tuned....

The Fallacies of IP/Optical Convergence and a Case for Smart Coherent Pluggables (Short talks)

• Johan Bäck (Infinera)

The data rate and performance of small form factor optical transceivers have developed tremendously over the past couple of decades, and the latest generation pluggable DWDM transceivers deliver very good reach performance without sacrificing router faceplate density. However, there are some risk areas to consider when swapping transponders for pluggables. DWDM technology is getting closer to Shannon's limit, putting increased focus on other optical transport cost drivers, such as transmission fiber, optical amplifiers and design margins. Operational challenges also loom: how to maintain end-to-end management and avoiding organizational challenges associated with combining IP and optical teams. This talk will briefly cover the opportunities and challenges with going to IPoWDM architectures, and make a case for how to maintain architectural and organizational separation between layers 1 and 3 by leveraging smart pluggable optics.

issues and impacts in bgp peering configurations (DKNOG14 Main Track)

• Bernd Spiess (DE-CIX)

Showing often seen issues at peering configurations and speaking about their consequences and duties when operating a network and expecting traffic engineering behaving as per the plan.

Name that Datacenter! Quiz (Short talks)

• Lasse Jarlskov (DKNOG)

Quiz about datacenters in DK

Registration and Breakfast

Welcome Back

SRv6 uSID Introduction (DKNOG14 Main Track)

• Jakub Horn (Cisco)

Jakub Horn, Cisco Principal TME in MIG BU responsible for Segment Routing has the ability to join this year event and give an Update on SRv6 uSID.

NaWas non-profit community based anti-DDoS concept (DKNOG14 Main Track)

• Frank Dupker (NaWas by NBIP)

NaWas provides internet service providers such as hosting and cloud companies with unique protection against DDoS attacks. This type of attack poses a growing problem for the digital infrastructure. Members work together to keep the costs of DDoS mitigation low and maintain high availability and knowledge on this subject.

SP Edge Security Service Scale-out Architectures (DKNOG14 Main Track)

• Melchior Aelmans (Juniper Networks)

In this presentation we will look at how Service Providers can leverage existing and widely available network equipment including (virtual) routers and (virtual) firewalls to build scale out security services, for example CGNAT, clusters. As Service Providers are pushing more and more traffic from their (residential) customers towards the internet there is a need for higher bandwidth CGNAT. Physical, scale up, boxes cannot coop with this increased demand. Also current available x86 processors have become so powerful that in many cases it makes sense to offload security services to it instead of using hardware ASICS for this task. We will look at some of the shortcomings of current available solutions and will propose a few options for scale-out architectures. CGNAT is just one of the use cases, other use cases include IPsec services, packet inspection, etc.

How much RPKI do you want in your BGP ? (DKNOG14 Main Track)

• Massimiliano Stucchi (Internet Society)

RPKI is more and more widespread, and as more networks create their ROAs, the global routing becomes more and more secure. There is, however, an aspect of having more widespread use of RPKI, that has not yet been considered. Some networks have decided to perform Route Origin Validation (ROV) and then put the resulting information in BGP communities. This action, while done with the best intentions, helps pollute the globalr routing system with more updates than necessary, and is increasing the amount of BGP updates propagated over the Internet. In this talk I will present the issue, describe the implications, and show the measurements and the results that lead to the work being carried on about creating a draft BCP at the IETF for networks suggesting to avoid using communities to carry RPKI information.

Software Defined Networking (SDN) in Disaggregated, Open Optical Networks (DKNOG14 Main Track)

• Alley Hameedi (Smartoptics)

Software defined networking (SDN) has made it possible to move the control plane to the software allowing for converged management and control of the network elements (NE) by utilizing standard open interfaces for both the southbound (SBI) and the northbound (NBI) interfaces thereby paving the path for open and disaggregated optical networks. The disaggregation requires interoperability, is highly desired and is in-line with the industry trends where both partial and full disaggregation options exist. In the optical network, it is the optical SDN domain controller that allows for service provisioning, increasing capacity, FCAPS monitoring, operation, and management of the network elements within the open line system (OLS) via standard SBI APIs and protocols. At the same time, these operation and configuration capabilities are also made available to the hierarchical SDN controller via standard NBI APIs and protocols. In this talk, we’ll look at the overall technology, the associated advantages and disadvantages and the way forward.

The Quiz is back! (DKNOG14 Main Track)

• Massimiliano Stucchi (AS58280.net)
• Fearghas McKay

The DKNOG quiz will close off the meeting with an opportunity to win prizes by showing off how closely you were following the talks at DKNOG14...

Wrap Up/End of Program