v1.0 DENOG 2015-10-29 2015-10-25 2 00:15 2015-10-29T13:00:00+01:00 DENOG 13:00 lecture 0:45 Slides DENOG Orga 2015-10-29T13:45:00+01:00 DENOG 13:45 lecture 0:30 Automation is about optimizing and standardizing your current network workflows to meet increasing demand and provide context to network changes. Why Programmability – A combination of the emergence of Software Defined Networking, coupled with Service Providers requirement to innovate at their own pace, has driven the need for vendors to provide tools and capabilities to extend the network platforms. Peter Sievers, Juniper Networks Slides 2015-10-29T14:15:00+01:00 DENOG 14:15 lecture 0:30 Current status of Peering, Interconnection, Regulation, CDN Netneutralitiy. How you can help to minimize buffering and make your end-customer happy. Update of Init7 vs. the Big Ones. Why we do it. Status of the interconnection case pending at the Swiss regulator. Fredy Künzler, Init7 Slides 2015-10-29T14:45:00+01:00 DENOG 14:45 lecture 0:15 Slides - A10 Slides - Axians 2015-10-29T16:00:00+01:00 DENOG 16:00 lecture 0:30 In this presentations we'll talk about the latest Ethernet developments that are bringing a variety of new technology to the market for different applications with speeds ranging from 2.5 GE to 400 GE. We'll take a look at the new 2.5 GE, 5 GE and 25 GE speeds, 2nd generation 40 GE and 100 GE, 400 GE and what's possible in the future. Greg Hankins, Alacatel Lucent Slides 2015-10-29T16:30:00+01:00 DENOG 16:30 lecture 0:30 Overview and demo of the new 2.0 API - How to mirror all PDB data locally and integrate it with your own application - Examples and use cases for building automation from said data Arnold Nipper Slides 2015-10-29T17:00:00+01:00 DENOG 17:00 lecture 0:30 The layer 2 design paradigmas do not longer scale with webscale data centers, so this talk will give a short introduction why that is and explain the blue print of IP-Fabrics, the design used at facebook, google and other players in that field. Tom Eichhorn, SysEleven GmbH Slides 2015-10-29T17:30:00+01:00 DENOG 17:30 lecture 0:30 Die Abschaffung des Routerzwangs hin zu einer freien Endgerätewahl ist ein wichtiger Schritt auf dem Weg zu einer freiheitlichen Informationsgesellschaft. In den letzten Jahren hat sich ein Bündnis aus deutschen Endgeräteherstellern zusammengefunden, um die logische Konsequenz aus der Liberalisierung des Telekommunikationsmarktes in die deutsche Gesetzgebung einfließen zu lassen. Dabei geht es aber nicht nur um die Endverbraucher, sondern auch um die Stärkung der Innovationsfähigkeit der deutschen IT-Branche. Simon Kissel, Viprinet Slides 2015-10-30T09:00:00+01:00 DENOG 09:00 lecture 0:30 Slides - Alcatel Lucent Slides - ecix Slides - nominum Slides - Tremmel 2015-10-30T09:30:00+01:00 DENOG 09:30 lecture 0:30 Wolfgang Tremmel, DE-CIX Slides 2015-10-30T10:00:00+01:00 DENOG 10:00 lecture 0:30 LC plugs are not the only ones now that we have QSFP+. Should you use MPO or MTP. What about ST, LC, SC, E2000 or the new LC Uniboot plugs ? What are the compromises and benefits of each solution. Did you know that polarity in optical MPO matters ? And why can the polish of a plug cause headache during on-site installation. Thomas will give an overview of the connectors and fibre options in the datacentre now we have 40G und 100G as a standard. Especially for these parallel transmission applications you should consider to rethink your wiring if you don't want to get stuck in troubleshooting your links. Finally some practical examples of broken optical components after and during field installation ­ real cases which happen every day even in 2015 were fiber optic is commodity. And one more thing! Thomas Weible, Flexoptix Slides 2015-10-30T11:00:00+01:00 DENOG 11:00 lecture 0:30 In the context of national research networks we rolled out an europe-wide logical infrastructure to support the rapid implementation of multi-domain VPNs, called MDVPN. The framework we used for this is "Carrier-support-carrier for hierarchical VPNs", as documented in RFC4364 Option c. While this is not a brand new technology, according to vendor statements, nobody seems to have implemented this on a larger scale. An overview will be given on the technology and architecture and use cases be discussed. Special focus will be put on security concerns raised by the community. Since vendors don't support filters that prevent potential intrusion into local VPNs, a netflow-based detector was developed that is able to detect such attacks. In addition an openflow based solution for filtering is under development in cooperation with a switch vendor. As of today ca. 500 PEs take part in the MDVPN domain allowing VPN services such as L2 P2P, VPLS, EVPN, L3 VPNs. In the coming year, a small office-router will be developed that allows rapid connection to the MDVPN cloud Thomas Schmid, DFN Slides 2015-10-30T11:30:00+01:00 DENOG 11:30 lecture 0:30 Nowadays, most of the DDoS attacks making the news are targeted against Authoritative DNS servers. While those attacks are the easiest to realise, as Authoritative DNS servers are public, it is important not to lose track of Cache/Recursive servers (As few PCs or laptops within the LAN can take it down very easily if they are infested by botnets). This presentation will focus on the Recursive/Cache part of DNS Security, and will take as example a specific attack that EfficientIP has named "Sloth Domain Attack", to illustrate how vulnerable a Recursive/Cache server is, and how easy it is to bring it down. We will also discuss some ideas and the necessity to take a new approach when dealing with DNS attacks on Cache/Recursive servers. Nicolas Cartron, EfficientIP Slides 2015-10-30T12:00:00+01:00 DENOG 12:00 lecture 0:30 Driven by the relentless news about cyber threats, security breaches and data loss, law makers and regulators are increasingly engaged in implementing new legal frameworks and defining new obligations for data security. Prominent within recent legal developments has been a focus on network encryption. Our presentation provides an introduction to network encryption technology – including encryption algorithms, key management and authentication – and introduces the concept of post quantum security. We clarify the most prominent myths of network encryption and evaluate the applicability of encryption technology on different network layers. Ulrich Schlegel, ADVA Optical Networking Slides 2015-10-30T12:30:00+01:00 DENOG 12:30 lecture 0:30 Patrick Ben Koetter, sys4 AG Slides 2015-10-30T13:00:00+01:00 DENOG 13:00 lecture 0:30 Many organizations have high hopes with regard to DHCPv6 as it might allow them to deploy IPv6 based on an operations model they usually have long-time experience with. There's one (not so) minor problem though: DHCPv6 is a very different beast from its IPv4 equivalent. This talk covers the main DHCPv6 specifics from a design and security perspective and discusses what is needed to deploy it in a reliable and secure way. Christopher Werny, ERNW GmbH Slides 2015-10-30T13:30:00+01:00 DENOG 13:30 lecture 0:15 DENOG Orga Slides