SwiNOG #35

As an IPv6 first Data Center, we are looking at IPv6 from a
technological and marketing perspective. In this talk I will show our
findings in how users reacted towards IPv6 (only) offers, which
challenges we encountered on this path and which strategies aid in
building and selling IPv6 only services. IPv6 adoption is often compared
to the chicken or the egg problem. At the end of the talk I will present
you with 2 (strongly biased) solutions to it.

This presentation with demo shows the collaboration with Swisscom to advance Network Telemetry and Big Data technologies:
– Thomas Graf represents Swisscom Network Telemetry
– Paolo Lucente represent the open source data collection software pmacct
– Zongren Liu represents Swisscom Big Data
The presentation will be in general about the Network Telemetry Data Collection framework and its Big Data integration.

Swisscom explains, from a Service Provider viewpoint, the challenges in virtualization and why Swisscom believes this is a key topic to gain visibility in their networks and improve quality. This includes flow aggregation, BMP and Streaming Telemetry for forwarding-plane, control-plane and topology/device metrics. We will underline the importance of schema conversion and registration and the current challenges to align Big Data (data processing, storage and analytics) and Network Telemetry (data collection). We are going to demo flow aggregation and streaming telemetry.

Paolo Lucente is going to present the open source project pmacct. Its versatility to cover flow technologies such as IPFIX, BMP and last but not least streaming telemetry metrics where Paolo and Swissscom co-developing.

This presentation with demo shows the collaboration with Swisscom to advance Network Telemetry and Big Data technologies:
– Christian Kuster represents Huawei as Network and Big Data solution vendor
Huawei is going to present the new Swisscom Broadband network Sultan, what part Network Telemetry and Big Data plays there and how Huawei supports Swisscom with their innovations and close collaboration.

There are a wide range of technologies that have been developed to secure core Internet infrastructure, however not all of them have yet been widely deployed to reap their benefits. In this presentation we present a selection of these technologies, investigate what security properties they will provide given sufficient adoption, and look at the current deployment status. Specifically we focus on three core areas: interdomain routing, Public Key Infrastructure, and the Domain Name System. In interdomain routing we look at mechanisms to validate routing control protocol messages (Resource Public Key Infrastructure, and Border Gateway Protocol Security), in PKI we focus on the Certificate Authority ecosystem and Certificate Transparency, and for DNS security we look at DNSSEC, and DNS over HTTPS.

DNSSEC, the DNS Security Extensions was introduced more than 10 years ago.
The adoption of DNSSEC in Switzerland was slow for the last 10 years, but gained some momentum in the last 24 months.
What is the reason behind a growing number of DNSSEC signed domain names and more ASNs having validating resolvers in Switzerland? Will the recommendation of ICANN for DNSSEC after the recent attacks help with the implementation of DNSSEC in Switzerland? What can hosters and ISPs do to secure the basic DNS infrastructure in Switzerland.

DNS plays a crucial part in any network infrastructure. dnsdist, a DoS- and abuse-aware loadbalancer, can help you mitigate the risk of a downtime that occur during maintenance work, attacks and configuration errors.
We share our experience putting dnsdist in front of our nameservers and resolvers. With the help of the many built-in stats, we were able to improve the performance even further.

The talk will discuss deploying both an Authoritive and Recursive DNS infrastructure that is resilient against outages of network (DoS, misconfiguration), datacenter and people with the ultimate goal of very rarely having ops folks awake during the night.

We’ll discuss the combination of various open source projects in combination with the techniques that achieve this goal and how we have deployed the setups without anybody noticing.

Routers and switches need buffers to accommodate traffic bursts. But how big should those buffers be? The elders recommended RTT*bottleneck bandwidth[Villamizar1994], but more recent work suggests we can get away with much less. We will look at economic and performance trade-offs of small vs. big buffers in light of recent trends in forwarding hardware and transport protocol evolution.

I am a master student at ETH Zurich and writing my semester thesis in the distributed systems group of the computer science department (Prof. Friedemann Mattern), supervised by Dr. Vlad Coroama.

The goal of my thesis is to calculate the grey energy imported and exported in Switzerland, which is generated by the data traffic of the internet. Today it is already done for consumer products such as clothes or cars, but not for the internet. For the internet our approach is to map the total traffic and its energy consumption along the route. A more detailed view on the energy consumption and therefore the greenhouse gas production will be achieved by splitting the traffic by country and its sources for energy production.

It would be great to get the possiblity to present the topic of my semester thesis at the event. Since certain aspects are still unclear it would help alot to get inputs from industry experts. Would this be possible?

Back in 2011 we presented the “Android controlled vending machine“ at SwiNOG #22. This is my follow up some years later 🙂

You’ll see