SwiNOG #34, 30. october 2018, Berne

In November 2017, the Federal Council announced that the new Post and Telecommunications Surveillance Act (BÜPF) would enter into force on March 1st, 2018. One year later, PTSS will present the first experience with the new legislation and outline the relevant legal and technical aspects for Swiss service providers.

SWITCH has implemented a method (RFC 7344, 8078) to allow DNS operators to automatically update DNSSEC keys at the registry as opposed to manual updates through a registrar interface. This presentation will provide details about the implementation and a demonstration of securing a zone with one command.

As PeeringDB is an ongoing project and this will be a short update…

Transmission speed of 400G is becoming a reality, with new challenges for optical and electrical components in high speed systems emerging as well.
PAM4 modulation is one key component for 400G transmission with transceivers, this talk will be a show and tell into PAM4. With this knowledge, the design decisions behind the new formfactors OSFP, QSFP-DD, SFP56-DD and µQSFP are easier to understand.
This talk will help you to:
* Design / build new kind of applications or connections with your networking gear in the field
* Avoid pitfalls when designing your racks
* Be aware how power consumption and new plugs will be part of the new world of 400G transceivers.

OpenBGPD was started in 2003 and became quickly popular in many smaller networks and also as route-server at many IXPs. Over the years the requirements for running BGP — especially route servers at exchange points — has changed but OpenBGPD did not keep up with some of them. Thanks to the RIPE NCC Community Projects Fund and donations by various IXPs a lot of improvements are done. This presentation is an update what was achieved until now and what will come. One of the show cases is how OpenBGPD can be used together with a routeserver — a config generator — to build secure route-servers for IXPs.

Broadcast/MAC learning, ARP/NDP inspection, sponge: Is there another paradigm? Let’s hack a Switch, and build a community!

DE-CIX award winning automated ODF

A view on the work required to build reliable opensource routing code. The talk gives some overview on the FRRouting project and then dives into the details on what it requires for to produce a reliable opensource routing stack and how the code is tested.

CH IX Internet Exchange a new IXP in Switzerland

Some news with operational implications…

A fun take at the brave new world of the Internet of Things…

We built a data center in Glarus Süd, Switzerland in the heart of the Alps. It is fully open source and relies on IPv6 which we strongly believe in, because we think that IPv6 will become more important in the near future and will eventually replace IPv4 in the long run.

• How to build a whole new data center from scratch, with IPv6 as default
• Problems and challenges we have encountered
• Different stages of the development process
• Current and future challenges of Data Center Light and IPv6

We are moving from 300 Gbps range attacks to 1Tbps+ attacks by using a botnet with IoT devices.
A10 Presents 5 necessary steps to be prepared for colossal DDoS attacks.
The A10 DDoS-One Protection ist a 360 degrees solution to cover the complete lifecycle of a next generation DDoS protection.