SwiNOG #37, 2. december 2021, Berne

Agenda @ SwiNOG #37

Time	Duration	Topic	Presenter	Company
08:15	60min	Registration, Coffee & Gipfeli
09:15	10min	Welcome, Agenda	Simon Ryf	SwiNOG
09:25	30min	Evolution of DPDK Controlplanes Pim van Pelt is known for SixXS, a global IPv6 tunnelbroker which ran from 2001-2017. In this journey, he found that kernel routing at scale (many interfaces, many prefixes or many packets/sec) were better handled in userspace than server kernels (either FreeBSD or Linux). Today, Pim operates IPng Networks, a small network using software-based routers which will give silicon-based routers a run for their money. In this talk, we will explore Intel's DataPlane Development Kit (https://dpdk.org), open source dataplane solutions such as VPP (https://fd.io), DANOS (https://danosproject.org), DPDK based loadtesting (https://trex-tgn.cisco.com) and discuss performance benchmarking results from the field.	Pim van Pelt	IPng Networks
09:55	35min	Evaluating a DNS Servers value in a DDoS attack DNS reflection attacks are a favorite protocol for botmasters to pummel a victim's network. The attackers usually benefit from poorly configured DNS servers: A small request of 60-80 byte can elicit a response of 4000 byte or more. This talk introduces the tool DNS hammer, which can analyze a DNS servers value to an attacker. The presentation also covers methods to limit the DNS servers value without impact on the production network.	Eduard Blenkers	Kantonale Verwaltung Aargau
10:30	30min	Coffee Break
11:00	20min	IPFIX Export at IXPs – Benefits and Tools As traffic engineering and discovering beneficial peering partners is of growing importance for today's network operations, insights in traffic statistics become an increasingly valuable resource for right decision making. Also, coping with DDoS attacks might require better understanding of the traffic that crosses the infrastructure. The IPFIX Export at IXPs helps to deliver these pieces of information. This talk presents the implementation of a non-disruptive multi-tenancy software for exporting customer's IXP flow data. Also, the Internet Protocol Flow Information Export (IPFIX) protocol is being introduced. Open-Source tools for customers to use this service are also presented. This service is productive at some DE-CIX IXPs and available free-to-use for all its customers. We hope to motivate other IXPs to also provide a similar service.	Thomas King	DE-CIX Management GmbH
11:20	30min	The design and implementation of a BGP speaker Over the last year AS210036 has been developing a BGP speaker implementation for research and development of BGP technologies. The aims of this project include greater programmability of the control plane, decoupling BGP from routing devices, and providing an API to enable development of new BGP features easily. In this talk we will present the software design, go into some of the architectural decisions, and explore some potential future research directions that this work can enable.	Rayhaan Jaufeerally
11:50	10min	SwissIX Update Traditional SwissIX Update	Manuel Schweizer	SwissIX Internet Exchange
12:00	90min	Lunch
13:30	20min	How we inadvertently made the fastest Internet access How we did it, what were and still are the challenges, why did we do it.	Pascal Gloor	Init7
13:50	35min	Network Analytics with BMP, IPFIX and YANG Push BMP (BGP Monitoring Protocol) is actively being developed at IETF. Thomas will give you an update on the latest developments, how BMP can be used to correlate with IPFIX collected forwarding-plane metrics and used for routing and peering visualization. Further dig into how Network Telemetry data collection at Swisscom is scaled and integrated into Big Data by leveraging eBPF and anycast load balancing.	Thomas Graf & Marco Tollini	Swisscom
14:25	25min	HACK YOURSELF – Find it before they do! Why it is worth hacking your own IT security infrastructure on a regular basis? This presentation will show how hackers proceed during an IT attack (CyberKillChain), which validation options exist for the IT security infrastructure and how to proactively monitor the efficiency of this cyber security infrastructure.	Christian Hirsch	Emitec Datacom
14:50	35min	Afternoon Break
15:25	30min	Discover the power of the Segment Routing encapsulation The talk contains an overview of the Segment Routing technology. It gives an introduction to Segment Routing with the MPLS (SR-MPLS) as well as IPv6 (SRv6) data plane. Besides, it shows the advantages, applications, and a further outlook on the technology.	Severin Dellsperger	INS - Institute for Networked Solutions
15:55	15min	Quad9 recursive DNS services Quad9 is a non-profit Zurich-based organization that offers recursive DNS services which include malware filtering and high privacy guarantees. This talk will cover some of the mission and features of Quad9, and also will touch on some of the technical delivery components of how the service is deployed	Michael Hausding	SWITCH
16:10	10min	CommunityRack.org & Community-IX – Update Lightning talk update on CommunityRack and Community-IX	Andrew Vieyra	CommunityRack.org
16:20	10min	How (NOT) to do a presentation 415 Unsupported Media Type	Pascal Gloor
16:50	240min	Social Event

Corona Rules

Please be aware that the 3G (vaccinated, cured, tested) rules are applied for the event. With the latest update (see below) all attendees have to wear masks.
For further information about the situation in Switzerland click here.

Update 26. November 2021: Unfortunately the Canton of Berne stated, that beside the certificate obligation there is now a requirement to wear masks (except speakers). Details here.