Minutes & Presentations
14-15 November, 2006
Tuesday 14 November
Fahad AlShirawi, Managing Director 2Connect, stated that it was a great pleasure for 2Connect to host the first RIPE NCC Regional Meeting in Bahrain and that he hoped there would be more Regional Meetings in the future. He welcomed the attendees and thanked colleagues and regulators from around the region for attending.
Paul Rendek, RIPE NCC Head of Member Services & Communication, welcomed the attendees and thanked the sponsors.
1. Title: Introduction to RIPE & RIPE NCC
Speaker: Axel Pawlik, RIPE NCC
Abstract: RIPE stands for 'Reseaux IP Europeens', or European IP Networks. Started in 1989, RIPE is a forum where Internet Service Providers (ISPs) and others interested in the advancement of the Internet meet to discuss and work on problems common to all. In this session, we will present a short history of RIPE, describe how RIPE is organised, and discuss some of the current work in progress.
2. Title: RIPE NCC Services - An Overview
Speaker: Axel Pawlik, RIPE NCC
Abstract: This presentation will give an overview of RIPE NCC activities including membership services, coordination activities and information services. The RIPE NCC is an independent and not-for-profit membership organisation that supports over 4,000 members in more than 65 countries. This presentation describes how the activities and services of the RIPE NCC are defined, discussed, evaluated and performed in an open manner.
Comment: Bahar Esmat, ICANN, mentioned that the RIPE NCC is holding Roundtable Meetings for Governments and Regulators and asked Axel to explain more about what kind of topics these people are interested in, in regard to ICANN address space.
Axel stated that address space is not 'ICANN address space'. He explained that global policies are developed by the global Internet community and that ICANN and IANA then act according to these.
He continued that, during the World Summit on Information Society (WSIS), the RIPE NCC realised that governments and regulators do not really understand how the Regional Internet Registry (RIR) system works. Meetings targeted specifically for the needs of governments and regulators were developed. He noted that the meetings are not minuted and nothing is recorded. This enables attendees to ask questions off the record, which is important for those working in governments. At these meetings, presentations explaining what RIPE is and how the RIPE NCC operates and the RIR system work are given. Question and answer sessions are also held.
Axel explained that there is an impression that all route servers were located in the United States and therefore, the US controls and runs the Internet. He continuted that the Roundtable Meetings help the RIPE NCC to inform governments and explain that this is a misconception.
He concluded that the RIPE NCC is happy to provide speakers for meetings or workshops for governments and regulators in this region.
Comment: An attendee asked if there were statistics on IPv4 allocation and when could he start getting IPv6 allocations.
Axel responded that Filiz, the RIPE NCC's Policy Development Officer, will present the statistics shortly. He stated that IPv6 is available already.
3. Title: Technical Services Update
Speaker: Andrei Robachevsky, RIPE NCC
Abstract: The RIPE NCC offers a rich portfolio of technical services for the benefit of the Internet community. This portfolio consists of RIPE Database services, DNS services (such as reverse DNS and K-root) and information services. In this talk, there will be a brief overview of these services, which are often available to RIPE NCC members at no additional cost.
Comment: An attendee asked if there is published criteria about having your route placed, relocated or replicated somewhere. He said that people have asked how to get in touch with one of the route server operators to see whether a replica or a mirrored version of the root can be hosted.
Andrei responded that information can be found at k.root-servers.org. He said that there is no published criteria but there is a set of principles on which the anycast network is based. He stated that the RIPE NCC is not planning to expand the network in the near future, as the first phase of deployment has already been completed. He stated that applications will be considered on a case-by-case basis.
Andrei also explained that research has been conducted into how anycast has changed the world and these results were published in the RIPE Document, ripe-393. The main criteria is how efficient an instance is and the volume of traffic and number of peerings. Andrei concluded that, although the host pays for equipment and connectivity, there are still costs involved for the RIPE NCC in terms of maintenance and operations so it's never free.
Comment: An attendee asked about having an automatic prefix announcement with the RIPE NCC and the minimum requirements for this.
Andrei stated that, to peer with the RIPE NCC's RIS server, there are no minimum requirements. He continued that the attendee should send a request to ris _at_ ripe _dot_ net and a peering session will be set up if they are present at one of the 14 listed Internet exchanges.
Comment: An attendee asked which route objects will go to, for example, AS1 and which will go to AS2.
Andrei responded that RPSL definitions and the way that different toolkits work need to be examined to answer this question. He continued that he was not sure that the differentiation could be made just using route objects. The differentiation should be stated in the import/export policy statements. By providing filters there, some of the route objects registered in the database can be filtered out. Andrei continued that he would look, together with the attendee, at the RPSL to see how it's done. He added that this question can also be put to the IRR Toolset mailing list (rrtoolset _at_ ripe _dot_ net) so the developers and maintainers of the IRR Toolset can respond.
Comment: An attendee stated that, to be really clear, it is the filters or the BGP configuration in the routers that do the work. Everything registered in the RIPE Database is a representation of what actually exists in the router. This representation is used by other people to figure out what they are expecting to see. You probably wouldn't be configuring your own router from the RIPE Database but writing database changes to them from your internal router provisioning system.
Comment: An attendee asked what the difference between the root name servers is.
Andrei responded that there is a difference in the names and that there is a difference in how each operator runs the root server. He said that the more diverse the system is, the less vulnerable it is to attacks. All route servers serve the same set of data.
Comment: An attendee asked why there are three updates per day and not more or less.
Andrei answered that there are three sychronisation points enabling queries all the time. He said that all updates are recorded but only a snapshot is provided. Andrei concluded that having three updates is the most efficient way of querying. There could be more updates but then more data would be needed.
4. Title: Statistical and Policy Update
Speaker: Filiz Yilmaz, RIPE NCC
Abstract: This presentation will give a brief update on resource and service statistics, before moving on to an update of active and recent policy discussions in the RIPE community. It will conclude with an update showing active and recent policy discussions in all five Regional Internet Registry regions.
Comment: An attendee asked if the RIPE NCC categorises the Local Internet Registries (LIRs) into different sizes and if they are all given a /21 assignment window.
Filiz responded that LIRs are assigned to a category on a financial basis: Extra Small, Small, Medium, Large and Extra Large. The proposal refers to all LIRs.
Comment: An attendee asked that, if he wanted an IPv6 allocation, does the RIPE NCC take into account the existing IPv4/12 allocation?
Filiz responded that IPv4 allocations are expected to be transferred to IPv6 allocations. This is a point under consideration. She said that the IPv6 policy that is under discussion does not explicity state this, but it does say that it should be considered.
Comment: An attendee asked if the IPv4 Maximum Allocation Period proposal has been finalised.
Filiz explained that the proposal is still in the discussion phase. She encouraged the attendees to comment on the proposal and that there were two weeks left in the discussion phase.
5. Title: Certification Report
Speaker: Axel Pawlik, RIPE NCC
Abstract: Axel will give an overview of what certification of IP number resources is, and why the RIPE NCC is working towards it. There will be an overview of what work has been completed so far, and what still needs to be done.
There were no questions.
6. Model for De-Regulating Telecoms (Saudi Arabia)
Speaker: Fahad AlShirawi, 2Connect
Abstract: The presentation gives an overview of the history, requirements and timetable for the de-regulation.
There were no questions.
7.Title: Wi-Fi Mesh
Speaker: Henry Gascell, Air2Air
Abstract: This presentation gives demonstrations of the Wi-Fi mesh networks in the region.
Comment: An attendee asked what the differences between first, second and third generation Wi-Fi meshes are and what happened to the suppliers.
Henry responded that there are one or two suppliers at the moment but most are running 'dumb systems'. He explained that dumb systems are terminals accessed by using programs such as 'putty' or 'ssh', just as you would access a router. He said that the individual managers of these systems have to make decisions about how these systems work. He stated that Air2Air's system uses a 64 MEG, Linux-based operating system in each individual unit. The programming makes the decisions. Henry stated that the first generation meshes just didn't work and the second generation systems were fine for small systems up to about ten boxes. He continued that Air2Air can currently run up to 200 units off one gateway, covering 200 units multiplied by two kilometers.
8. Title: BGP Best Practices
Speaker: Philip Smith, CISCO
Abstract: The presentation covers BGP Best Practice techniques, including secure BGP templates, aggregation, and announcing and receiving prefixes. It also reviews some of the newer features available for service providers.
Comment: An attendee asked for more information on IPv6 implemetation on BGP.
Philip explained that, where routing is concerned, IPv6 is same as IPv4. He said that while some IPv6 advocates do not like this, it's true. On the router, IPv6 is simply another address family. BGP is multi-protocol. When BGP is configured on the router, the protocol to be used needs to be selected. If you are going to use IPv6, simply add an IPv6 address family and do all the configuration that you did before. The only difference is the number. He said that he believed that many ISPs don't realise that using IPv6 is virtually the same as using IPv4 and that it's simple to use.
Comment: An attendee mentioned that there are currently around 700 IPv6 routes on the global IPv6 routing table. Deaggregatgion is not yet a big problem because there are still a lot of /32s. With only 700 routes, there are not a lot of questions. He stated that now there are some /48s, mostly the so-called critical Internet infrastructures and, occasionally there are some /56s and /35s. The attendee said that IPv6 is not magic and that it's just 96 more bits of IPv4 address space.
Comment: An attendee mentioned that, at every RIPE Meeting, discussions on how bad the routing tables are and inefficient deaggregation occur. He asked what the practicalities are that prevent ISPs from cleaning up the routing table. Could the Regional Internet Registries (RIRs) work together to clean the mess?
Philip responded that some people do say that the RIRs should regulate the routing table but the RIRs do not want to become the Internet police. The Internet is an operator-driven thing. He continued that the Internet community usually works out solutions when something becomes a real problem and that this happened with the implementation of flat damping because a few ISPs were causing problems. When class B address space was running out, the move from classful to classless was also a community driven thing.
Philip explained that the problem with the routing table size is that the vendors have kept ahead of the curve, producing more and more high-end routers. He said that, at the moment, the Internet still works and the large corporations are not experiencing problems. But, when the global providers and big corporations start to have problems and they can no longer keep their networks running, there will be some action. He continued that some ISPs have taken action and have put filters at the edge of their networks. He concluded that, because the Internet still works, no one is really doing anything about this. He noted that we are now at the stage where people are paying more attention and that the operator groups can help the most.
Comment: An attendee mentioned that it seemed that people generally don't know this, especially in Asia and the newer Internet countries. He mentioned that, when these people are told that they are listed as one of the bad ISPs or ASNs, they usually fix it or ask for help to solve the problem. He continued that there are ISPs who are very prominent on this blacklist and it seems that they build their network in pieces because of policies and regulations and are unable to integrate the network properly. He said the rest of world sees them as a single company. Some can use it as a marketing tool so say they have more prefixes than others. He concluded that meetings like this do help to expose the problems further.
Philip responded that the RIPE Routing Working Group has been completing an aggregation recommendation document over the last few weeks. He continued that the idea behind the document is to show LIRs that this is what the industry expects when it comes to aggregation. He continued that regulation is not being advocated but good practice is.
Comment: An attendee asked if there is any work to localise traffic in the region, noting that, at the moment, everything goes to an upstream provider in the US or Europe and then comes back.
Philip explained that this question leads to the discussion that will be held tomorrow. In any part of the world, the Internet exchange point is generally the major activity to localise traffic. The exchange point is very important at local level but that local could be a city or a region. Philip said that it's something that Cisco is involved in and it's very important.
Paul Rendek, RIPE NCC, explained that, Philip has given a free, week-long routing workshop in Europe, with the RIPE NCC's support. He asked the attendees to volunteer to host a routing workshop in this region. He explained that Cisco will donate the time, equipment and resources and the RIPE NCC will help with the organisation. He said that an announcement will be sent to the local middle-east mailing list to ask for a host. He encouraged the attendees to take advantage of this workshop.
9. Title: SANOG and How it is managed
Speaker: Gaurab Upadhaya, ANOG, PCH
Abstract: This presentation talks about the origin and history of the South Asian Network Operators Group (SANOG). SANOG is a regional meeting for operators and the Internet community in South Asian region and is organised twice a year. The talk will cover how SANOG is run and managed. It is expected that this will help in formation of a similar forum for the Middle East and West Asian region.
There were no questions.
10. Open Microphone Session
Speakers: Fahad AlShirawi, (2Connect) and Gaurab Upadhaya, (SANOG, PCH)
Gaurab explained that the discussion should center around ideas for a network operators group in this region.
Fahad explained that he believed the region needed its own network operators group (NOG). He continued that the operators in Bahrain are in support of this and will implement a NOG but that the other countries in the region need to be involved too. He called for all attendees to give their input.
Gaurab mentioned that there had been discussion about this already on the Middle East mailing list. He continued that it's important that local ISPs take the lead and volunteer for this. As the issues relate to operators in this region, it's important that we have people from this region. He mentioned that there will be support from other organisations, including the RIPE NCC.
Fahad stated that 2Connect will sponsor the first 'NOG' meeting.
Paul reminded the attendees to use the middle-east mailing list. He added that the RIPE NCC would help gather speakers from outside the region and could help with the organisation of the meeting. He asked the attendees what kind of topics they would like to hear about.
An attendee mentioned that the following topics should be discussed: the regional peering between operators and the development of more content in the Arabic language.
11. ICANN Update
Speaker: Bahar Esmat, ICANN
No presentation materials were used.
He explained that he is the Middle East liaison for ICANN and explained what ICANN is and how it functions. He continued that his key tasks are to work closely with the Internet community/End Users in the region, get key people in the region more actively involved. He said that it is very important that discussions are held on a national level.
He stated that it is important that the community participates together for national activities, such as peering between ISPs, in order to have effective regional peering.
He continued that the internationalised domain names project is a good example of cooperation and participation. For the past four years in the Middle East, a project to get Arabic domian names tested and implemented has been running.
Bahar concluded that ICANN needs to know public and private concerns and urged the attendees to contact him so that their needs could be addressed.
Wednesday 15 November
12. Title: Overview on Emirates Internet Exchange (EMIX)
Speaker: Omar AlMansoori, Etisilat
Abstract: This presentation explains how peering works and gives a brief overview of Etisilat's network.
Comment: An attendee asked if Etisilat sells transit peering as it is so heavily connected and how the cost model works in terms of justifying the cost.
Omar responded that Etisilat sells transit service to some countries. He said that, previously, the right package was not offered and what was offered was overpriced. Recently the connections were evaluated and the price reduced. He continued that Etisilat had many connections, mostly from regional customers such as Iran and Pakistan. They compared the prices of what Etisilat gave them compared to what a cable provider gave. He concluded that prices had to be reduced and that Etisilat is now very competitive in this area.
Comment: An attendee asked if there is an equal peering model or does Etisilat pay for all these links to Europe and North America.
Omar explained that most countries share the bandwidth or share the cost of the peering. Some customers are now setting up a policy where, if their customer uses more bandwidth than them, the customer is now charged for this.
Comment: An attendee asked if any kind of hosting services, in addition to peering, are offered.
Omar replied that two data centres are used for co-locating some customers and that many governments and organisations bring their whole networks to the data centres. The data centres are fully utilised. He continued that Etisilat is expanding and creating three more data centres. He concluded that the benefit is that you are connected to a place with many organisations and there are customers not only from the Gulf, some with over 100 systems.
13. Introduction of Carrier-Neutral Interconnection Facilities and Internet Peering to the Gulf Region
Speaker: Tariq Husain, Gateway Gulf
Abstract: This presentation gives an overview of the existing and planned infrastructure in the region.
Comment: An attendee asked if Gateway Gulf intends to pull fibre anywhere else.
Tariq explained that the government of Bahrain is planning to open up the pulling of fibre and that a lot of changes will be seen within a very short period of time. There will be changes to the TRA policies, or the by-laws.
Comment: An attendee asked how security is addressed.
Tariq explained that the same practices as an exchange in Europe or the US are followed.
14. Title: Design and Construction of Local and Regional Exchange Facilities
Speaker: Gaurab Raj Upadhaya (SANOG, PCH)
Abstract: This tutorial addresses the questions and issues associated with the formation of local and regional Internet traffic exchange facilities. When and where are they needed? What are their physical and infrastructure requirements? What business model is most appropriate, and how can you finance the costs? What services should an exchange point provide to its users, and what policies can be established to ward off trouble?
Comment: An attendee commented that Gaurab had suggested that it's good for people to host locally wherever possible and had used Africa as example. Sites that are hosted locally in Africa and accessed from elsewhere are always slow. He continued that he understand why people choose to host in the US because the pipes are so big but this isn't good for the local economy or traffic in general. Developing countries need bigger pipes but they can't afford it.
Gaurab agreed that it's very expensive to buy international circuits and bandwidth but stated that it's much cheaper to set up local links so that the locals, for whom the servers are meant, get faster access. The issue is not that a few people in the US are experiencing slow access. He continued that more bandwidth to London won't reduce the delay or slowness of the servers accessing content that is thousands of miles away compared to when it is locally hosted at a local exchange point. This is the only way you can bring it to a local level.
Comment: An attendee asked Gaurab if he was suggesting that people do dual hosting and dual routing so locals can receive it quickly and others pick it up in the US/UK so that both sets of users get the content fast.
Gaurab said yes and mentioned that this already happens.
Comment: An attendee mentioned that this impacts locals in the GCC. He said that ISPs lose financially because, if they don't peer, they have to pay transit to providers. But if they can get a local Internet exchange and peer in the Middle East or within GCC, they can save money. He continued that, in regard to latency, the reduction of the number of hubs a packet has to travel through is critical and is more of a benefit than the financial side because it directly influences the End User.
He continued that, in the current political and international environment, ISPs have a big responsibility for a customer's privacy. If a customer's traffic is sent to the US/UK, these countries are given the ability to monitor that traffic. By keeping the traffic local, your customer's privacy can be protected.
Gaurab added that many governments have rules stating that, if traffic goes through their country, they can look at it.
Malik Anwan, Carnegie Mellon University Qatar, showed the attendees some trace roots using local traffic and there was some discussion surrounding this.
Philip mentioned that it's important not to get too confused between the exchange point and regional peering. He said that a lot of the trace routes that were shown were examples of people dumping packets onto their upstream provider and not caring what happens to them.
He continued that African providers don't connect to each other and have not managed to develop an Internet economy. Once the first Internet exchange was established in the UK, the Internet economy took off. He urged the attendees to look at where money is going saying that, if it's leaving your country/region, you need to figure out how to keep the money within your country to generate your Internet economy. He continued that, of course people can look into packets but then they should be encrypted. He said that not many organisations have the time to inspect packets.
Philip noted that people in Africa and the Pacific region don't use the Internet that much because it's too slow. Some ISPs have set up data centers elsewhere. The US is popular because it's cheap. Philip continued that locally generated revenue is heading overseas and it's never going to return. Delivering content locally makes sense. He said that getting to within 20 milliseconds of latency in this region is what everyone should be working towards.
Comment: An attendee stated that he represents a big commercial company in Saudi Arabia with interests in many other countries. He said that the top ISP in Saudi regularly drops connectivity because the two lines are down. He asked what the RIPE NCC is going to do to improve things for Saudi Arabia.
Axel Pawlik, RIPE NCC, replied that, unfortunately, the RIPE NCC can't do anything about this. He explained that the RIPE NCC deals with the management and distribution of IP addresses and that the attendee's request must be resolved with the providers and the other operators in this region.
Comment: An attendee stated that he represents ARISPA (Arab Regional ISP Association) and that the main objective of ARISPA is peering in this region. He explained that there are two main issues: the infrastructure and the ISP's knowledge. He said that awareness of the benefits needs to be increased. The major ISPs are members of ARISPA and know the benefits. He stated that regulators need to help to speed up this project. He concluded that, when the Arab peering project has been completed, a lot of services, such as hosting and VOIP, can be delivered and the region's economy would benefit.
Comment: An attendee stated that Internet services in Saudi have been deregulated and explained that there are two international gateways. He said that, in the near future, End Users should not experience so many outages.
Comment: An attendee mentioned that it's better to connect to two different providers with two different networks to improve connectivity.
Comment: An attendee stated that the connection from the main provider in Saudi often fails. He said that a lot of money must already be paid for the two international links, so why pay even more for a third?
Comment: An attendee answered that, when connected to his company's network, the customer is completely isolated from STC (the main provider in Saudi). He continued that his company peers with India and Egypt.
Comment: An attendee stated that the best solution is to connect to ISPs that have these kind of connections. He clarified that he was not saying this to sell his services.
Comment: An attendee mentioned that CITC, Saudi's regulator, is investigating the provision of a national exchange in Saudi. He said that, once this is in place, there will be national connectivity if the traffic is national, limiting the outages.
Philip Smith, Cisco, added that a lot of ISPs tend to have a single upstream connection. He said that many ISPs want routers and software that are 100% reliable but nothing can ever be 100% reliable. He said that ISPs design networks with redundancy in mind, using dual routers in the core and at each point of presence. There is two of everything in the entire network. He added that the same is true for external links.
Philip continued that anything that gives redundancy in a network is a big win. He explained that in the BGP tutorials that he gives, one of the things that puts people off looking at redundancy is that they think BGP is complicated. He said attendees should ignore all the stuff that vendors put in their manuals and use the public domain tutorials. He urged the attendees to think carefully about redundancy all the way through their networks.
Philip volunteered to to give BGP tutorials as part of a network operators group meeting to show how easy it is. He explained that even the US community, whom everyone thinks is technologically advanced, invites him to give basic tutorial