Meeting Report – ENOG 16

Meeting Report

The ENOG 16/RIPE NCC Regional Meeting took place from 3-4 June 2019 in Tbilisi, Georgia. The meeting was hosted by the RIPE NCC and NEWTELCO.

ENOG 16 saw 282 attendees checked in from a total of 28 countries across the ENOG region and beyond. Although the best represented country was Russia, with 90 attendees in total, the local Internet community was also very well represented, with 74 attendees coming from Georgia. More than half of those registered to attend were newcomers – a record number for ENOG meetings.

Precisely a quarter of those who took part were RIPE NCC members, there to present and network with the wider community, but also to meet face-to-face with RIPE NCC staff. In total, seventeen members of staff from the RIPE NCC joined the meeting, along with Piotr Strzyżewski, member of the RIPE NCC Executive Board.

The meeting opened with a welcome speech from Nigel Titley, former Chairman of the RIPE NCC Executive Board, followed by a talk from the local host on Internet developments in Georgia, and a welcome from Alex Semenyaka (RIPE NCC) speaking on behalf of the ENOG Programme Committee (PC). Sergey Myasoedov, from the ENOG PC, stepped up to give a quick introduction to ENOG meetings, clarifying some of the terminology that might be unfamiliar to first timers, before Ihor Marhitych (RIPE NCC) introduced the RIPE Networking App, which allows attendees at all RIPE NCC organised events to search for, message, and schedule meetings with other meeting attendees.

A variety of talks followed on new approaches and solutions in network engineering. The first of these was an account of the technology behind Intent Based Networking (IBN), a form of design where networks are managed as a whole system as opposed to individual components, with success thereby measured in terms of the output of the system. Jeff Tantsura’s (Apstra) talk on the architectural goals of IBN and its potential for carrying out context-aware analytics in real time received a great deal of interest from the audience.

Link State Vector Routing (LSVR) is a novel routing solution that brings together BGP (as base protocol) with certain advantageous features of IGP to form a novel protocol. As a result, LSVR provides simplified SPF, improvements in convergence, and enables centralised route controller architectures. Outlining these and other benefits, Keyur Patel (Arrcus Inc.) made the case for switching to the new protocol, indicating that the costs of doing so would be incremental.

After giving an update on work being done at EURO-IX to build an IXP directory, measure IXP traffic, and compare IXPs and ASNs, Arnold Nipper (DE-CIX) gave a second presentation on developments in PeeringDB. The talk outlined what PeeringDB does and why it is useful in today’s Internet ecosystem, particularly for large providers who need to manage extremely large volumes of peering requests. Arnold also gave us an overview of the ENOG region from the perspective of PeeringDB, showing that four of the local countries don’t have IXPs, something that needs to change.

The last of the first day’s plenary sessions ended with an update from Axel Pawlik, Managing Director of the RIPE NCC. He explained the organisation’s priorities for the coming year, a year that will likely see the exhaustion of the RIPE NCC’s remaining IPv4 pool. Axel also addressed recent concerns following the closure of two Russian members for submitting untruthful information on behalf of their End Users. He noted that only 5 out of 69 members closed since 2014 had been closed for this reason and briefly touched on the kind of due diligence that members should be performing in these situations.

A BGP tutorial looking at traffic engineering based on Geotags followed, which took place just ahead of an ROA signing session. At the end of the first day of talks, attendees were whisked away to the social event at the Funicular Restaurant, overlooking the city of Tbilisi from high up on the Mtatsminda plateau.

Day two of ENOG 16 began on the topic of DDoS attacks. After providing an overview of worrying trends in the scale and frequency of DDoS attacks, the talk turned to the issue of “DDoS for hire”. Today, users can pay to make use of Booter Services, which enable them to launch a number of DDoS attacks over a fixed period, often providing user-friendly interfaces that help users better manage those attacks. The speaker, Danniel Kopp (DE-CIX) went into detail on an experiment he and his colleagues have been running to better measure such attacks, by building a server and network set up to attack themselves and record the attack traffic. As a result, they were able to map out the NTP DDoS attack landscape and come up with an advanced blackholing technique for DDoS mitigation that is more fine-grained and so more effective than typical blackholing.

RACI attendee Oleksandr Tsaruk talked about Hybrid Nature of Modern Threats for Cybersecurity and Information Security, providing an interesting theoretical exploration of the potential for social, ethical, and political disruption brought about by the fourth industrial revolution.

Turning back to the topic of IPv4 runout, Petrit Hasani from the RIPE NCC gave an overview from the perspective of the RIR. The talk was prompted a discussion about the RIPE NCC’s policies on these matters, as well as specific policy proposals – e.g. policy proposal 2019-02 “IPv4 Waiting List Implementation”. Since RIPE NCC members are responsible for shaping policy around IPv4 exhaustion, rather than the RIPE NCC itself, the speaker urged members in the audience to get involved in the policy development process.

Jan Zorz presented on NAT64Check Version 2. NAT64check is an Open Source tool supported by the Internet Society that can be used to test, for example, whether a specific website is actually reachable over IPv4, IPv6, or NAT64. After explaining some of the technical motivations for developing such a tool, Jan talked about applications and what changed with version 2. Jen Linkova went next, talking about why people need to stop letting common misconceptions about IPv6 prevent them from deploying it. The talk raised a lively discussion on how best to tackle perceived hurdles for IPv6 adoption.

On to the closing plenary, Oleg Muravskiy from the RIPE NCC came on stage to talk about Routing Security and why it is important now. Having co-developed standard for IRR and RPKI, and as one of the RPKI trust anchors, the RIPE NCC has long been involved in efforts to ensure secure routing. Oleg provided an overview of developments in Routing Security from the early days right up to the latest in RPKI. RPKI, which provides improved security by tying ASNs and IP addresses to digital certificates, is now in production. Oleg explained the design of RPKI and took the audience through different options for creating RPKI objects. RPKI is proving effective, yet global coverage remains low. The message: start creating your ROAs now! Two talks from Eugene Bogomazov (Qrator Labs) followed, both delving further into issues in Routing, one on developments in methods for traffic redirection, and one addressing the question of why there are so many bad routes on the Internet.

With that, Martina De Mas closed another hugely successful ENOG meeting, a meeting that provided attendees with a unique opportunity to discuss cutting edge developments in the Internet community, to delve into issues at large in the ENOG region, and to network with each other.

The meeting presentations discussed were given in English and Russian. On-site translation facilities were provided to attendees. The presentations are available in the archive and session videos in both English and Russian are available on the ENOG YouTube Channel.