The NANOG 87 meeting took place a few days ago. Excluding the hackathon, it was approximately five hours of content each day for three days. Slide decks for all the talks are on the meeting page and the videos have already been put into the TeamNANOG YouTube NANOG 87 play list. This is a very brief, likely imperfect summary of a few of talks from the meeting. I don’t review all talks, because I simply couldn’t attend them all for one reason or another. There is also of course more to tell about the so-called “hallway track”, which is where a lot more interesting things happen that I do not detail here. You may also wish to take a look at Enno Rey’s NANOG87 blog post.
Day 1
The Future is Now: Delivering the Next Generation Brilliant Network
Elad Nafshi
A keynote by Comcast’s Chief Network Operator kicked off the meeting.
The speaker presented a Comcast-specific view of the broadband advances
being built and deployed. A handful of attendees recoiled at this
presentation as being too much marketing, but if it wasn’t for the
playing of an actual commercial partway through, I’m not sure anyone
would have cared. By the end, the speaker delved into deployment and
monitoring issues, expanded on further with an interesting exchange in
Q&A with Jared Mauch.
The Operational Impacts of Supporting a Disaggregated, Distributed, Cloud-based Network Architecture
Aliraza Bhimani
The next talk, also happened to be from a Comcast employee. The main
argument here was to replace big chassis router hardware and expensive
proprietary line cards with distributed, “pizza box” off-the-shelf
hardware that is cheaper and more flexible. In my view, this is just an
extension of the ideas popularized by SDN and OpenFlow. The speaker
suggested that his white paper, reference [33] in the slide deck, was the
place to read about his ideas in more detail.
Uncommon Paths to Beginning Network Automation
Jordan Villarreal
This talk was a sort of call-to-arms, encouraging netops on the road to
performing network automation in their environment. The talk was devoid
of any specific tools or techniques, but rather laid out some high-level
advice, such as how to begin and whether to outsource or not.
Cloud Network Engineering: A Closer Look
Kam Agahian
This talk outlined the definition of a burgeoning class of network
engineer, a cloud network engineer. The speaker outlined where this
role is typically found and skill sets required. Many of the skills
will be common to traditional network engineer roles, but there is the
addition of cloud-specific tooling and the lack of certain
hardware-specific skills (e.g., data center operations).
Simplified Troubleshooting through API Scripting
Cat Gurinksy
I thought Cat gave one of the better tech talks of the day. She walked
through some basics of network tooling using the APIs available in
network gear. Her examples were in Python and she presented some real
world, practical examples. She also provided some insight into the
differences in automating through screen scraping and the API, and focus
she places on interface details with her tools. I later suggested she
should give a Python for Netops tutorial and she seemed receptive to the
idea. If she does, I think that would be very popular and if this talk
was any indication, quite good.
Imposter Syndrome in Networking - Overcoming Imposter Syndrome to Further Your Network Automation Journey
Matt Vitale
A layer 8 talk, where the speaker reflects on personal struggles many
tech employees face in their own career. The phrase used here is
“imposter syndrome”, but it would be synonymous with self-loathing, low
self-esteem, and other feelings of inadequacy. The speaker identified
common negative thinking and ways to react to it so as not to get
trapped into one’s own negativity.
gRIBI - gRPC Service for RIB Injection
Nandan Saha, Steve Ulrich
I was interested in learning more about this talk after seeing the
submission (I’m on the program committee). The basic idea here is that
gRIBI is an gRPC-based mechanism to alter forwarding tables in routers.
I was curious who would use this and why. As I somewhat suspected, one
of the main uses was for automated certain types of security mechanisms
like a black hole or route diversion for scrubbing. I’m not sure all
networks would need this, since traditional BGP-based RTBH mechanisms
might work fine, but maybe this adds some additional functionality and
control that makes certain tasks like this in more complex environments
easier.
Day 2
A Security Practitioner’s Guide to Internet Measurement
Michael Bailey
Michael Bailey recently moved to Georgia Tech from the University of
Illinois Urbana/Champaign to take on the role of Professor and School
Chair of a new interdisciplinary, permanent School of Cybersecurity and
Privacy. He gave a well received keynote to open the day. Full
disclosure, I’ve known Michael for many years and on behalf of the PC I
solicited and promoted him as a keynote for this meeting. Michael
sprinkled his talk with examples and lessons throughout his career and
over the past 20 years, with many examples of work presented at earlier
NANOGs. He highlighted a number of challenges that are faced in
measuring and understanding the Internet from a security perspective.
Assessing the Aftermath: Evaluating the effects of a global DDoS-for-hire service takedown on the DDoS threat landscape
Richard Clayton, John Kristoff
Richard Clayton and yours truly jointly gave an overview of a December
15, 2022 booter/stresser DDoS-for-hire takedown event. The event, led
by the FBI, seized control over 49 domain names and arrested six
individuals involved in the DDoS-for-hire operations. Richard presented
an overview of the DDoS-for-hire services, the takedown itself, and the
immediate impact following their demise. Overall DDoS attacks from
these services fell by roughly 50%. I then preceded to examine what
impact, if any, the takedown had from the perspective of NETSCOUT’s DDoS
attack monitoring capability. Our viewpoint differs and therefore
identifying the effect is a little more difficult, especially given the
time of year at which the takedown occurred, but we surmise we can see
some probable correlation between the takedown and a change in attacks.
Lightning Talk: Global Developments in the Internet Number Registry System - February 2023
John Curran
The relative importance of this short lightning talk cannot be
understated. John Curran presented a quite sobering update on the legal
situation involving AFRINIC. The last time he gave this update, things
looked more hopeful, but I felt things were potentially less rosy now
and given that there are active challenges in APNIC leadership
happening, the threats to the stability of the RIR system seems real and
worrying. I wish this issue would get more attention in at least the
tech press than it appears to be getting. In a nutshell, AFRINIC is
currently “ungovernable” given the lack of a governing board.
Operations are getting done, but they are at real risk given the
uncertainty of legal outcomes.
Lightning Talk: Keep Ukraine Connected - one year anniversary
Ester Paal
Another sobering talk, this time on the state of the Ukraine Internet
and a Global NOG Alliance campaign to help provide support through
equipment and funding for the Ukraine Internet.
Lightning Talk: Netops on Mastodon
John Kristoff
Yours truly, in attempts to pitch Mastodon, provided some nudges to help
get more netops onto Mastodon. I provided a short list of relevant
server instances that may be well suited for netops, a word cloud of
some well known netops I follow, and a link to an online
form that is helping to build a
“bootstrapping” list of net and sec ops/research people that are on
Mastodon, making it easier to find one another. I thought I’d get a few
naysayers, but all chat and follow up I got was positive, suggesting that
it is becoming the preferred social media platform for the community
already.
Day 3
World Cup 2022 - Analysis of the impact on the Internet traffic and utilization
AgustÃn Speziale
This talk, mostly pictures, highlighted various major events related to
the World Cup, including network activity. We got to see, from a
certain vantage point, the popularity of each round and the
corresponding amount of traffic compared to trends in the weeks prior
and following. The speaker was eager to make sure the NANOG community
was ready for 2026, when most of the games will be hosted in the NANOG
community’s back yard.
BGP Zombies - Ghost routes as seen by BGP monitoring platforms
Lefteris Manassakis
A phenomenon found in many Internet router tables is the presence of
so-called BGP zombies. These are routes that are present in the RIB,
but should not be. They are often a result of unexpected link or
peering changes, and where an update is not propagated as a result.
Lefteris also spent a significant amount of time talking about the
monitoring infrastructure he has developed to observe anomalies such as
this. The one missing bit is what do you do when you find a zombie?
Should netops try to remove them and if so how? These remain open
questions.
Enabling Passive Measurement of Zoom Performance in Production Networks
Oliver Michel
I was very impressed with this talk and the work behind it. It
consisted of essentially two parts. One was the reverse engineering of
Zoom traffic to extract traffic stream features to be used for grouping
and measuring traffic. Another was in the actual measurement conducted
to give very precise metrics of Zoom meeting performance. I could
envision this type of work leading to network-based performance monitors
that helps netops identify and address performance problems in
live-stream multimedia.
Lightning Talk: My First Professional Conference
Moira Johnson
A moving lightning talk by 18-year old Moira Johnson was one of the
highlights of Wednesday. This young woman shared her experience in
coming to NANOG and what it was like to be there. She received lots of
encouragement and some tearful voices of support for others by the time
she was done.
Lightning Talk: Improving the Inference of Sibling Autonomous Systems
Zhiyi Chen
Anyone who has tried to work with and automate the processing legacy
WHOIS database data has probably come across many examples of
inconsistency. This talk talked about inconsistency from the
perspective of autonomous systems that occur because of multiple
registrations, mergers, and acquisitions. An interesting problem,
although probably niche mostly for researchers that are run into when
trying to do large data analysis of Internet network measurement.