Meeting Report | ENOG 13

Meeting Report

ENOG 13/RIPE NCC Regional Meeting took place from 23-24 May 2017 at the Hotel Park Inn Pulkovskaya in Saint-Petersburg, Russia. A total of 356 attendees from 24 countries participated in the event, 272 of them from Russia.

The meeting was hosted by the RIPE NCC and MSK-IX and was sponsored by Netnod, ISOC, TCI, DDoS-Guard and GlobalNet.

Tutorials run before the meeting

Before the meeting officially opened, tutorials were available to attendees. The first tutorial, run by the RIPE NCC, covered techniques and use cases concerning RIPE Atlas and RIPEstat. Two other tutorials were devoted to SDN topics: one by Dmitry Dementiev, Cisco, described Segment Routing and currently growing SDN-technology, while the second by Evgeny Zobnitsev, Factor Group, explained an NetConf/YANG approach in the OpenDaylight SDN solution. The last tutorial by Anton Baskov clarified the PGP Key Signing procedure.

Opening plenary

ENOG 13 was officially opened by RIPE NCC Managing Director Axel Pawlik, who welcomed participants and thanked the ENOG Programme Committee (PC) and the meeting sponsors. Elena Voronina, CEO of MSK-IX, invited contributions to the free paper journal “Internet Inside”, a project of MSK-IX. Sergey Myasoedov, ENOG PC Chair, reported the role of the PC and described some future changes in the ENOG meeting format, encouraging everyone to participate in ENOG 14 in Minsk.

The morning’s tutorials contributed to the overall tone of the event, as SDN and measurements became the main topics of the meeting’s discussions, alongside IP Transit, Peering, Security and DNS.

IP Transit

IP Transit on a global scale was discussed during the first plenary: APNIC Chief Scientist Geoff Huston’s presentation on the economics of telecommunications predicted the death of IP transit as content providers encroach on the sphere of network infrastructure. Alexander Azimov, Qrator Labs, presented an opposing thesis to Geoff, using BGP to argue that increasing globalisation of the Internet means failures of connectivity are common problems among all operators.

Internet exchange points (IXPs)

After the break, the focus moved to IXPs, with a sizeable panel that included the following contributors:

  • NIX.CZ (450Gbps in peak, 6 PoPs plus Partners)
  • Msk-IX (2.8Tbps in peak, 48 PoPs),
  • Global-IX (1.5Tbps in peak, Msk-SPb-Helsinki-Stockholm),
  • SVAO-IX (33Gbps in peak, South-East of Moscow, private peering, P2P optimization)
  • RED-IX, former KRS-IX (110Gbps in peak, Krasnoyarsk-Novosibirsk-Irkutsk, keeping their own content for peers only, video-traffic localizing)
  • Data-IX (2.7Tbps in peak, presence in Ukraine)
  • DEC-IX (>5.6Tbps in peak, two new PoPs, Madrid and Dallas, new network architecture)
  • France-IX (60% of the traffic in France, 30% shortest paths in France, Paris-Marseille)
  • Interlan.ro (>100Gbps in peak, J-root and K-root DNS)
  • LINX (>3.6Tbps in peak)
  • Netnod (1.1Tbps in peak)
  • ArmIX (2 PoPs, actively growing)
  • NL-IX (1.8Tbps in peak)
  • NIX.SK (18.5Gbps in peak, 3 PoPs)

Martin Semrad, NIX.CZ, pointed out that there seem to be 54 IXPs in the ENOG region, though many of them do not exist anymore. He encouraged everybody to update their data in PeeringDB regularly.

Internet measurements

The topic of measurements returned with Alexander Stepanov, InData Foundation, who described how InData maintains a repository of the routing information in Russia, researches the interconnectivity of Russian operators and identifies routing anomalies.

Alexander Isavnin, the Open Net, discussed Internet measurement hackathons organised by the Open Net association. Some projects born during these events include:

  • “Routing and data plane comparison at the border of Russia” revealed that the traces obtained from RIPE Atlas measurements in 95% cases did not correlate with the paths calculated on the base of available BGP data.
  • “Distribution of announcements of IP space” and “Verifying RIPE Atlas probe geolocation by analysis of RTT to neighbour probes” brought out the wide scale of issues with geolocation information both for IP-blocks and for Atlas probes.

Leonid Evdokimov (OONI, The Tor Project) introduced two measurement projects: OONI and blockcheck. Both projects monitor state mechanisms for Internet content filtration in different countries (Russia, Ukraine, Egypt etc.) and have provided evidence of malware distribution by those mechanisms.

SDN technology

SDN technology was covered in several presentations. Cengiz Alaettinoglu, Packet Design, described a scalable and reliable way to manage tunnels by combining the Segment Routing approach with YANG technique.

Alex Semenyaka, RIPE NCC, demonstrated extremely large deployments of IPv6 around the world and constructed a case for such deployment as a money-saving strategy.

DNS

DNS was a major topic of discussion at the meeting. Johan Ihren, Netnod, discussed the importance of DNS Anycast for enterprises, given new challenges from DDoS attacks to necessity in flexibility. He went on to predict the explosive growth of API-based “DNS Anycast As A Service”.

Dmitrii Kovalenko, MSK-IX, shared his practical experience of stress-testing the Anycast DNS-Cloud of MSK-IX, concluding that to provide the stability of DNS services it is necessary to have Anycast architecture, continuous monitoring and regular stress-tests.

Jim Reid, RTFM LLP, analysed the name collision problem for new TLDs, presenting statistics that detected widespread misconfiguration issues.

Richard Lamb, ICANN, covered DNSSEC Deployment and KSK rollover process, concluding that although DNSSEC is indispensable, there are some obstacles for its deployment.

Security of DNS was also considered during the ISP Security Roundtable, moderated by Artyom Gavrichenkov, Qrator Labs. The participants asserted that DNSSEC is the crucial part of the information security model, but they also suggested operators pay more attention to the protection of the infrastructure and act together to share the information about vulnerabilities and incidents.

The RIPE NCC

Axel Pawlik’s RIPE NCC Update presentation included confirmation of the changes in the frequency of future ENOG Meetings. In the open mic session following his presentation, Axel received feedback from the audience on several RIPE NCC services. There was also some discussion regarding the handling and complexity of transfer applications to authenticate documentation and avoid fraud. The RIPE NCC confirmed that, if suspicious transactions are detected, this is reported to local Dutch authorities as potential fraud.

There were questions on if and how the RIPE NCC monitors unallocated address space. The RIPE NCC replied this had been part of the process for the past 15 years, and that any returned address space is carefully checked and monitored.

The RIPE NCC also acknowledged that it takes approximately five months to reallocate address space following the termination of an LIR.

Following the RIPE NCC’s decision regarding future ENOG Meetings, the informal BoF, “We are a community!” featured a proposal from the local ENOG community on how to continue with two or more meetings a year either partially subsidised or fully independent of the RIPE NCC’s support was discussed.

It was followed with inconclusive debate and may be discussed further in the future. In a related discussion, Maxim Burtikov, RIPE NCC, explained the reasons behind the RIPE NCC’s decision. Opinions were shared on this decision. Some attendees believed there is no need for two meetings but a greater need exists for better quality of presentations and content.

The meeting presentations were given in English and Russian. On-site translation facilities were provided to attendees. The presentations, and links to the videos on YouTube, are available on the archives page.

The RIPE NCC also requested feedback from attendees on how it could improve further meetings.

The ENOG 14/RIPE NCC Regional Meeting will take place in Minsk, Belarus on 9-10 October 2017.