- Geoff Huston
- Melchior Aelmans
- Geoff Huston
- Susan Forney
A look at the current efforts to improve aspects of privacy in the DNS and an assessment of their effectiveness. The presentation os not overly optimistic about the prospects for widespread adoption, becuase, as the presentation points out, the economy of DNS name resolution is not all that susceptible to innovation. This is perhaps the biggest barrier to adoption of any of the privacy proposals.
There have been many recent concerns about TCP MD5. Its use of a simple keyed hash for authentication is problematic because there have been escalating attacks on the algorithm itself. TCP MD5 also lacks both key-management and algorithm agility.
In this talk I want to present an often talked about but till now never implemented solution to this issue; The TCP Authentication Option(TCP-AO). Nokia, Cisco and Juniper now have production code available so it is time to start replacing MD5 with TCP-AO to secure BGP and other (long-lived) TCP connections.
A look at the previous year in BGP, looking at the change in the size of the routing table and its dynamic behaviours. The presentation predicts the future growth of the network in the coming years based on this data. It is intended to be a short update.
This talk explains how Hurricane Electric deployed RPKI ROA validation in its network and reports on the current state of RPKI, the trends in ROA creation, and how RPKI does and does not protect the Internet.
- Sherafzal Yousifzai
The presentation provides an update about the National Internet Exchange of Afghanistan, traffic levels, as well as the peering landscape and interconnection futures in Afghanistan.
- Tashi Phuntsho
- Bayani (Bani) Benjamin Lara
- Hervey Allen
- Sebastian Büttrich
- Jordi Palet
- Phil Regnauld
- Champika Wijayatunga
Why do we keep seeing news headlines about major networks not being reachable because traffic got rerouted to somewhere else? BGP mishaps are very common and frighteningly very easy. Examples are malicious route hijacking, mis-origination (fat fingers), and bad filters (route leaks). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily. This tutorial will look at current route filtering tools/techniques, how RPKI is just a piece in the puzzle, and what we should do to secure the internet routing.
This tutorial is for delegates who manage their IP resources (tech/corp contacts). Delegates are required to come with MFA/OTP already enabled for their account and with the necessary permission from their Corp contacts, to not just demo creating ROAs, but also to sign their prefixes for use in their operations.
This tutorial will introduce both technical and non-technical aspects, based in real experiences in hundreds of networks, for the deployment of IPv6 in your own ISP network (covering both, wireline and cellular).
This tutorial will take 8 sessions, 1 hour each, in 4 days (2 sessions per day).
The first goal is that decision makers and engineers have an overall view (mainly in the 2 first sessions), of key points such as:
- What happened with IPv4 and what is IPv6
- Why you need IPv6 in your network?
- What is the rest of the world doing?
- Do you’ve workarounds?
- How can I do it in my own network?
- What are the required upgrades?< li>
- What are the costs?
The tutorial will be carried out in such way that the engineers also can understand key points related to:
- Deployment of IPv6 in the core IP backbon (session 3)
- Deployment of IPv6 in wireline access network(xDSL, Cable, FTTx) (session 4)
- Deployment of IPv6-only and IPv4aaS (IPv4-as-a-Service) (session 5 & 6)
- Deployment of IPv6 in cellular networks (session 7)
- Deployment of IPv6 in Data Centers (content hosting) (session 8)
Note that the exact match of contents and sessions may depend on the Q&A sessions.