Program for EOF @ RIPE-48
- Date: Wed, 7 Apr 2004 11:55:23 +0200
- Mail-followup-to: European Operators Forum eof-list@localhost,RIPE Mailing List ripe-list@localhost
** The EOF will start only after Lunch.
** There will be *no* morning sessions on Monday!
for possible updates.
Monday, May 3rd 2004
1400 - 1530 Tutorial: Practical Strategies for IP Traffic Engineering
and Enhancing Core network Availability
Presenters: John Evans (Cisco), Arman Maghbouleh (Cariden)
1530 - 1600 C o f f e e
1600 - 1730 Tutorial Part 2
Tuesday, May 4th 2004
0900 - 1030 Applications of Bidirectional Forwarding Detection (BFD)
Presenter: Rahul Aggarwal (Juniper)
Nemecis: A tool to analyze the IRR registries
Presenter: Georgos Siganos (UC Riverside)
To be Announced
1030 - 1100 C o f f e e
1100 - 1230 Address Space Hijacking
How Operators Can Protect Themselves & Their Customers
Presenters: Leslie Nobile (ARIN), Leo Vegoda (RIPE NCC)
Rob Thomas (Team Cymru/Cisco) (Tentative)
"Practical Strategies for IP Traffic Engineering
and Enhancing Core network Availability"
John Evans (Cisco)
Arman Maghbouleh (Cariden)
MPLS traffic engineering (TE) is often considered as synonymous with
making more efficient use of network bandwidth and/or improving network
availability via the capabilities of TE Fast Re-route (FRR).
This session considers the theory behind traffic engineering in general,
together with the benefits, limitations, and deployment considerations
of MPLS TE in the context of IP traffic engineering and engineering core
network availability. Consideration is also given to alternative
technologies such as IGP metric based traffic engineering and IGP fast
convergence, and to how quatitive decisions can be made on the relative
benefits of the different approaches.
"Applications of Bidirectional Forwarding Detection (BFD)"
Rahul Aggarwal (Juniper)
This presentation describes various applications of BFD in service
provider networks. BFD is emerging as a widely applicable forwarding
detection tool. It can be used to reduce failure detection times,
improve convergence and aid operations. Several service providers are
looking at deploying it. BFD makes it possible to support SLAs of
applications such as voice over IP, by allowing end to end sub-second
failure detection. It is an ubiquitous OAM tool and can be used for IGP
adjacencies, static IP routes, E-BGP peers, MPLS LSPs and IP/GRE
The talk will start with an overview of BFD to establish the context of
the presentation. The application of BFD in the access network will be
stressed as a means to achieve edge availability. Particularly BFD
between a router and a host will be discussed as a means to fill the
last mile failure detection void. Usage of BFD for IGP fast convergence
will be described, where its particularly useful on ethernet links.
The relevance of BFD for static IP routes and E-BGP peers will be described.
This is relevant between a router and hosts eg. web servers and VoIP
media gateways. BFD over ethernet will be introduced for fault
detection between a router and a switch. BFD can also be used as an OAM
tool on IP/GRE tunnels and for MPLS LSPs. The relevant mechanisms for
this will be discussed. Voice over IP will be used as a case study to
describe how BFD can be used to achieve end to end sub-second failure
- Bidirectional Forwarding Detection, D. Katz, D.
- BFD for MPLS LSPs: Rahul Aggarwal and Kireeti Kompella
- BFD for IPv4 and IPv6 (Single Hop), D. Katz, D.
"Nemecis: A tool to analyze the IRR registries"
Georgos Siganos (University of California Riverside)
In this talk, we will present a brief analysis on the IRR and the
quality of information they contain. The IRR effort provides a
voluntary detailed repository of BGP policy information that has not
reached its full potential for three reasons: a) ISPs have limited
incentives to maintain their policy, b) extracting useful information is
far from trivial, and c) the accuracy of the data is uncertain. Using
our tool Nemecis we try to address the last two issues. First, we can
check the registered policies for correctness and then for freshness
against BGP routing tables. We found that even though RIPE is the most
accurate registry, only 34% (for June 22 2003) of the ASes pass all our
tests. Our tool consists of two parts: first we have an easy to query
relational database, where the policies are stored in tables and not as
simple text. Second, we have a web based front end so that ISPs can
easily check the result of our analysis.
A demo of the tool exists at the following location:
"Address Space and AS Number Hijacking
How Operators Can Protect Themselves & Their Customers "
Leslie Nobile (ARIN)
Leo Vegoda (RIPE NCC)
Rob Thomas (Team Cymru/Cisco) (Tentative)
1. Definition and scope of the hijacking problem:
Over the last year to 18 months we have seen the rise of address
space hijacking. Addresses are re-registered from their legitimate
users to third parties without proper authority. The networks are
often used to send spam and host pornography.
All four RIRs have "ask and ye shall receive" like policies.
However, the groups hijacking address space rarely want to use them
because their activities are unpopular. The address space they use
is quickly placed on blacklists by network administrators.
Consequently, the need a regular supply of fresh address space.
3. Historical perspective:
An explanation of the "Cheers" legacy. The world has changed since
the early days of the Internet. The networking community has grown
and people no longer know everyone's name or nic-hdl. Instead, they
rely on the registration information published in the RIR databases
and various Routing Registries. However, one legacy of the early
days is the 'bitty' security on many early registrations.
4. Examples of recent hijackings (in the RIPE NCC region)
We might describe some tuypical examples from 2004.
We can show the kind of modus operandi used by hijackers.
5. Actions taken by the RIRs to combat this problem
We'll describe changes in ARIN and RIPE NCC procedures. We'll also
describe new roles people can contact and registration hints they
can watch for e.g. whois -ipn RR-RIPE
Network operators need to be aware of recent changes in database
security mechanisms, such as the deprecation of NONE in the APNIC
and RIPE databases, the introduction of the more secure MD5-PW and
the introduction of X.509 as an auth scheme for the RIPE database.
They also need to know about the introduction of "Org" objects in
the RIPE database and how these "Org" objects can be used when
accepting new customers and their routes.
6. Actions that the operator community could take to protect
themselves and their customers' registrations and networks
A look at how the miscreants make use of the addresses and AS
Numbers they hijack in the registry databases.