Chi-NOG 08

Facebook-Cover-Photo-828x315-e1523933172854

Chicago Network Operators Group 08

Chi-NOG (Chicago Network Operators Group) held their 8th annual meeting this past week. I had the pleasure of attending once again and wanted to post a few of the items I took away from this year’s meeting. Check the links in the post for speaker profiles and slides from the talks.

Opening Remarks

Tom Kacprzynski, Chi-NOG Co-Founder, opened the conference with some background on the conference.

  • Network Engineers tend to be silo’ed people working on their own stuff. Vision of Chi-NOG is to get folks out to visit with others and collaborate
  • Started in 20018, 8th Annual conference
  • Attendance has been growing every year
  • This year, for the first time, they are going to be doing two different tracks as they had a lot of topic submissions
  • SIDE NOTE: VidScale is hiring so if you are a Network Engineer, get in contact with Tom

Tom handed it over to Eric Dominguez, Director of Technology at ServerCentral who is the Platinum Sponsor this year. Eric talked a little bit about who ServerCentral is and how excited they are to sponsor Chi-NOG.

Ethernet Past and Future: Finding the Right LeverPeter Jones, Distinguished Engineer at Cisco

Peter walked us through a fascinating talk on history of Ethernet as well as new developments in the area. Peter presented some analysts numbers on the speeds of ports, types of cabling, wired vs. wireless and more that are trending. It will be interesting to see how the embedded cabling has an effect on the speeds of the ports sold. Peter wrapped up his talk with an overview of what the standards bodies for Ethernet (IEEE 802.3, NBASE-T Alliance, etc.) are working on.

Link State for Data Center FabricsRuss White, Network Architect at LinkedIn

Russ was up next with a talk on the various routing protocols that can be used in the data center to build a layer 3 fabric:

  • Companies running BGP today (legacy): FB, Microsoft, LinkedIn, Google
  • Facebook is moving to Open/R (+BGP)
  • LinkedIn is moving to OpenFabric
  • What changed?
    • Our perception of policy is changing (SDN, complexity of mixing policy and reachability)
    • Our perception of configuration is changing (Single source of truth vs. minimal or no configuration)
  • BGP scaling advantages are not needed in the DC.
  • Why IS-IS?
    • Easer to modify than OSPF
    • Flooding domains are less entangled
    • Packet format is TLV based
    • Easier incremental/partial SPF
  • Fabric Location part of the OpenFabric drafts

Seamless MPLSVinit Jain, Technical Leader at Cisco

Vinit followed Russ with a description on Seamless MPLS or what some call End-to-End MPLS:

  • Mobile Transport Market Conditions
    • High capacity requirements from edge to core
    • Higher scale as LTE drives ubiquitous mobile broadband
    • Support for multiple and mixed topologies
    • Need for graceful service integration and integration into existing infrastructure
    • Need to support transport for all services
  • Seamless MPLS Overview
    • An efficient MPLS transport architecture
    • Virtualized to support many services on one infrastructure
    • Relying on an intelligent hierarchy to scale to new challenges
    • Enabling seamless operation for network and service resilience
    • Separating transport from service operations with single touch point service enablement and continuous OAM
    • Integrating alternate access technologies on same infrastructure while still enabling Fixed and Mobile Services
  • Seamless MPLS Components
    • BGP Labels (RFC 3107)
    • LFA (RFC 5286) & R-LFA (draft-shand-remote-lfa)
    • BGP PIC (Prefix-Independent Protection)/BGP FRR
  • Seamless MPLS Architecture Models
    • Small Network: TDM Backhaul
    • Small Network: MPLS Access
    • Large Network: Ethernet/TDM Access
    • Large Network: MPLS Access

Multi-cloud the next generation cloud infrastructureDeepti Chandra, Sr. Systems Engineer at Juniper

The next session I sat through was Deepti’s discussion about how to manage networks across multi-cloud environments. Central to her talk was various datacenter architectures like BGP/EVPN/VxLAN. Here are the notes I took away:

  • Leveraging multiple public clouds give benefits in redundancy and leveraging the key advantages of each cloud.
  • Public clouds are designed to be a closed system
  • SDN controller needs to give you a single orchestrating across clouds
  • Interconnect Fabrics (Private Multicloud)
  • Data Center Requirements
    • Design Requirements – open, agile, resilient, low-latency, simple, flexible
    • Tech Attributes – easy scale out, non-blocking, fast fail-over, any service anywhere, no vendor lock-in, no steep learning curve, EW + NS + DCI
  • BGP/EVPN/VxLAN gives you one technology to cover all the design and tech requirements
  • Gives you deployment flexibility as you can place your hosts/containers anywhere in the PODs.
  • EVPN – DCI Design Options
    • OTT DCI
    • DCI with Data Plane Stitching
    • Segmentation of DC & WAN domains (clear demarcation of DC and WAN boundaries, connecting infra is EVPN aware)
    • Layer 3 DCI (L3 in the core, EVPN-VxLAN in the DC)
  • Type 5 Route allows both L2/L3 in the same VRF
    • Very similar to L3 VPN route but also includes the Eth-TagID
  • Discussion of VMTO (Tromboning of traffic when the L3 gateway is not in the local DC)

AI Considerations for an Automated Cyber Security StrategyRon Winward, Security Evangelist at Radware

During the tracks, Ron gave a very fascinating talk – as always – on how implications AI has on Cyber-security:

  • Explained the difference between False Negatives and False Positives and why both are a problem.
  • Discussed the difference between Detection Algorithms & Machine Learning (Deep Learning Neural Nets)
  • Neural Networks need data! Good data and lots of it!
  • Size matters when it comes to neural nets. Small amounts of data limit the usefulness of the neural net.
    • Underfitting and Overfitting
  • Deep Learning systems are not good at handling changing and dynamic environments.
  • Attacking Deep Learning Systems:
    • Poisioning Attacks
    • Evasion Attacks
    • Studies in Adversarial Machine Learning
  • Weaponizing ML
    • Increasingly Evasive Malware
    • Hivenets and Swarmbots
    • Advanced Spear Phising at Scale
    • Raising the Noise Floor
  • DeepHack – DEF CON 25
    • Open-source hacking AI
    • Bot learns how to break into web applications using a neural network, trial-and-error
  • Deep Learning Applicability
    • Learning in the presence of adversaries (Good Data >>> Bad Data)
    • Applicability today: crowd sourcing or global community
    • Cloud application and Threat Intelligence

The State of Networking: Why Analytics and Monitoring are More Important Than EverAvi Freedman, Co-Founder and CEO at Kentik

Last, but certainly not least, was Avi’s state on why monitoring a network is even more critical now than it has ever been. DISCLAIMER: I work for Kentik for my day job.

  • Network is now a critical piece of just about every business
  • Not having visibility in to the traffic is no longer an option
  • Network visibility can be compared to FedEx package tracking – have to know what is going where at all times
  • In most NOCs – tools, tools everywhere but how do you make sense of all the information
  • Different groups in the organization want different types of data:
    • NetOps – are we providing a great digital experience?
    • NetEng – Is the network the problem?
    • SecOps – Are we under DDoS attack?
    • Finance – What does this traffic cost?
    • Sales/BD – Where should we invest going forward?
  • The only way to really do this is with network traffic data (flow)
  • A lot of flow tools exist but it is very hard to scale unless they have:
    • Flexible ingest layer that can accept different flow types and enrich with meta data (BGP, Geo, Threat)
    • Distributed storage to store data quickly
    • Query layer to scale queries across multiple compute nodes for quick response times
    • RestAPIs for integration with other tools

 

 

Summary

These were all the sessions I was able to make it to. I am sure there was additional content which I missed. The majority of the slide decks are published on the Chi-NOG 08 agenda. Keep an eye on Chi-NOG’s website for upcoming video posts from all the sessions as well.

Published by Justin

Justin Ryburn is the VP of Globl Solutions Engineering at network traffic intelligence company Kentik. He has 25 years of experience in operations, engineering, sales, and marketing with service providers and vendors. Justin contributed content to Cyber Forensics (Auerbach Publishing, 2007) and authored Day One: Deploying BGP FlowSpec (Juniper, 2015). He has also spoken at numerous industry conferences on the topics of network monitoring and security. Justin currently lives in St. Louis with his wife and two kids. His blog is at ryburn.org and you can follow him on Twitter or LinkedIn.

Conferences

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: