Minutes
Tuesday, 21 April 2015
Plenary
Panel on Internet Governance
Moderator: Paul Rendek, RIPE NCC
Panelists:
- Vladimir Radunović, DiploFoundation
- Désirée Miloshevic, Internet Society (ISOC)
There was discussion about why network operators should care about the politics of Internet governance, and Désirée and Paul explained the possible outcomes and impact if bodies such as the ITU or individual governments get involved in making regulations.
There was also discussion about where Internet governance should lie in terms of the public sphere and the need to protect end users from malevolence while maintaining their trust. Désirée mentioned that the Center for International Governance Innovation recently conducted a survey that showed that 75% of respondents want to see a multi-stakeholder model of Internet governance. On the other hand, Vladimir pointed out that the Internet has grown far beyond what it was built to be by the technical community at its inception and is now so integrated into citizens' lives that it perhaps needs to be governed in a different way than it traditionally has been, perhaps with a top-down governmental approach to regulation.
Some attendees pointed out that it is difficult for the technical community to know what's happening across their own borders, because some fragmentation has already taken place in terms of Internet operations. Paul encouraged attendees to get involved with what's happening in their own countries rather than trying to understand the entire Internet governance sphere, which is simply too broad and overwhelming.
Opening Plenary
Welcome
- Serge Radovcic, RIPE NCC
- Zoran Perović, Serbian Open eXchange (SOX)
- Dušan Stojičević, Serbian National Internet Domain Registry (RNIDS)
- Jan Žorž, Programme Committee Chair
RIPE vs RIPE NCC: From the Beginning to After the NTIA Transition
- Hans Petter Holen, RIPE Chair
Hans Petter gave an overview of the differences between RIPE, the open Internet community that drives Internet number resource policy in Europe, the Middle East and parts of Central Asia, and the RIPE NCC, the membership-based organisation that acts as the Regional Internet Registry (RIR) for that region and the secretariat for the RIPE community.
He then explained some of the activities that the community and the RIPE NCC are involved with in the Internet governance sphere, specifically in relation to the IANA stewardship transition and their contributions to the proposal that the numbers community has come up with. He also explained the global policy development process and how the Address Supporting Organization (ASO) works with ICANN.
PDP: Time to Join
- Marco Schmidt, RIPE NCC
Marco explained how the Policy Development Process (PDP) works in the RIPE community and gave an overview of some of the current policy proposals being discussed. He pointed out that the SEE region doesn't currently contribute to the process much compared to other areas in the RIPE NCC service region, and encouraged everyone to get involved.
Janos Zsako, Advisor to the RIPE NCC Executive Board, clarified that the RIPE NCC Executive Board has no role in developing policy, which is done solely by the RIPE community and is a completely open process in which anyone can get involved.
RIPE NCC Academy
- Rumy Spratley-Kanis, RIPE NCC
Rumy gave an overview of the RIPE NCC's different training activities available to RIPE NCC members and the wider Internet community, including six different in-person training courses, workshops-on-demand for such organisations as law enforcement agencies, and webinars on a range of topics that are open to everyone. She also introduced the RIPE NCC Academy, an online learning platform recently launched by the RIPE NCC that allows users to learn about technical topics at their own pace online and receive a certificate upon successful completion.
IPv6 Plenary
IPv6 Troubleshooting for Helpdesks Using isp.test-ipv6.com
- Jan Žorž, Internet Society (ISOC)
Jan explained how the recent RIPE Document ripe-631, “IPv6 Troubleshooting for Residential ISP Helpdesks”, came about and how it can be used for any ISP helpdesk staff in troubleshooting IPv6 issues. The document is a “best current operational practices (BCOP)” document, which is one that describes best current operational practices on a particular topic, as agreed on by subject matter experts and which is periodically reviewed by the Internet community.
IPv6 at Home
- Nathalie Kunneke-Trenaman, RIPE NCC
Nathalie told the tale of how she and her husband tried to make every Internet-connected device in their home IPv6-capable, and the various financial and technical pitfalls they encountered along the way.
IPv6 RIPEness: From Four to Five Stars
- Vesna Manojlovic, RIPE NCC
Vesna explained the ins and outs of IPv6 RIPEness, the RIPE NCC's rating system for LIRs' IPv6 readiness. She explained how LIRs can be awarded one through four stars, as well as the requirements for obtaining the recently added fifth star, which measures actual deployment rather than just readiness.
Lightning Talks
Possibilities of using RIPE Atlas for improvement of the electronic heath system in Republic of Macedonia
- Vladislav Bidikov, Faculty of Computer Science and Engineering
Vladislav explained his plan to deploy a RIPE Atlas probe in every medical institution in Macedonia, in order to monitor connectivity in their networks and motivate ISPs in the region to improve their services.
Kaveh Ranjbar and Vesna Manojlovic, RIPE NCC, both expressed their interest in the project and said the RIPE NCC will work with Vladislav to help implement his idea. They also said they are interested in other community initiatives that could use RIPE Atlas or the RIPE NCC's other technical services, such as hosting a K-root node or Routing Information Service (RIS) collector.
Keep Calm and Apply BCP38
- Berislav Todorovic, Liberty Global
Berislav explained how there are three large “elephants” standing on the back of the IP system: BGP, DNS and people (including end users, operators and engineers). He warned that all three of those are weak, but that the “people” component is the most difficult one to tackle. As a step in the right direction, he encouraged everyone to learn more about BCP38, which deals with handling spoofing and filtering.
IXP-Jedi
- Vesna Manojlovic, RIPE NCC
Vesna gave an overview of a tool called “IXP-Jedi”, developed by Emile Aben at the RIPE NCC. The interactive tool measures how many “local” paths stay local as measured by RIPE Atlas probes, by determining which IXPs packets travel through, and looks at the difference between IPv4 and IPv6 paths. She explained how network operators can use this tool to optimise their ASN's routing.
Wednesday, 22 April 2015
Infrastructure Plenary
Waltzing on That Gentle Trade‐off Between Internet Routes and FIB Space: An SDN Story
- David Barroso, Spotify and Paolo Lucente, pmacct
Paolo introduced a different way of operating BGP, peering and routing in an SDN world, which involves selecting only the “needed” routes from the RIB (routing information base) so they can fit on an FIB switch (forwarding information base). He explained the technical details involved and announced that a pilot will be run soon by Spotify in cooperation with a major IXP in Europe.
DDoS Mitigation at CloudFlare
- Martin Levy, CloudFlare
Martin explained the mechanics of different DDoS attacks, from IP spoofing to DNS amplification to NTP amplification. He looked at the evolving landscape of DDoS attacks and the different methodologies involved. He then explained how operators can spend just five minutes to help ensure they don't become vulnerable to attackers by working with commodity servers and vendor routers to reduce the burden of filtering traffic on their servers.
Open Cloud eXchange (OCX)
- Damir Regvart, CARNet
Damir gave an overview of Géant's Open Cloud eXchange (gOCX), which delivers cloud services to campus-based users, and detailed several use cases for the service, including processing large amounts of scientific data, video editing and streaming, and network monitoring.
IXP Plenary
IXP Panel: Keeping Local Content Local
Moderator: Bijal Sanghani, Euro-IX
Panelists:
- Zoran Perovic, SOX
- Franck Simon, France-IX
- Martin Semrad, NIX.cz
- Mario Klobucar, CIX
Bijal gave an overview of Euro-IX's activities, services and tools. Each of the panelists then gave an overview of their respective organisations' operations and view of their particular region, including what they do to keep local traffic local and the different challenges involved.
Attendees asked about how the different IXPs cooperate with others in the community and how they set up peering arrangements with neighbouring IXPs, and the panelists each explained how things work in their own organisations.
Bijal asked how much of each panelist's traffic is local. Frank said that much of their content is not only local, but actually French. Zoran explained how only recently has local content started to be hosted within Serbia. Martin explained how the situation also changed recently in the Czech Republic, with more data centers becoming available and more content being hosted in the country and in the local language, but said that it's different in each country.
Policy and Governance Plenary
ENISA Efforts for Securing European Internet Infrastructure
- Rossella Mattioli, European Union Agency for Network and Information Security (ENISA)
Rossella gave an overview of ENISA's activities in securing Europe's information society, which spans policy implementation, providing training, publishing reports, making recommendations and helping mobilise communities within the region. She outlined some of the current threats to Internet integrity, including infrastructure vulnerabilities, interdependencies and privacy concerns, and outlined some best practices to counter DNS and routing threats as well as DDoS attacks.
Paul Rendek, RIPE NCC, thanked Rossella for her efforts and said that the RIPE NCC is happy to cooperate with her and ENISA.
Croatian National CERT
- Darko Perhoc, CARNet, National CERT
Darko gave an overview of the Croatian National CERT (HR-CERT), the national authority responsible for the prevention of and protection from computer threats to public information systems in Croatia. He explained its history, structure, activities and operations.
Finnish Cyber Defense Model - Guided Tour
- Sindri Bjarnason, Codenomicon
Sindri outlined Finland's national cyber security strategies, pointing out that Finland has been ranked as the “cleanest” nation in terms of network abuse. He attributed this success to several factors, including threat intelligence sharing across national borders, an open dialogue with the research/academic community, a multi-national network abuse response, and others.
Paul Rendek, RIPE NCC, encouraged attendees to learn from Finland's model and asked how knowledge exchange could work with other countries, such as those in the SEE region. Sindri responded that they are willing to openly share their data and strategies, and simply want to help other regions in dealing with similar issues. Paul thanked Sindri for coming to the SEE Meeting and sharing his experiences with that region's community.
Legal Framework on Information Security and CERT/CSIRT Issues
- Nebojša Vasiljević, Ministry of Trade and Telecommunications
Nebojša outlined Serbia's various security strategies, including the development of an information society in Serbia by 2020, a national security strategy, and the development of an electronic communications strategy. He also reviewed the country's various laws that regulate electronic communications, data protection, cybercrime and related issues.
Development of e-Government Services
- Dušan Stojanović, Directorate for e- Government, Ministry of Public Administration and Local Self-Government
Dušan showcased Serbia's different e-government services, which span legislation, data registers, interoperability, services for citizens and education. He explained how the government aims to be able to offer better services with faster response times while decreasing the possibility for errors and corruption with this initiative. He also detailed plans to keep citizens' data private and secure while integrating it into these online services.
Measurements Plenary
Internet Quality Measurements
- Vladica Tintor, Regulatory Agency for Electronic Communications (RATEL)
Vladica explained how quality of service is a main feature of net neutrality, and how RATEL measures quality of service in three ways in Serbia: ISP reports, client-side reference measurement software, and measurements made at user premises. He detailed how RATEL measures throughput, one-way delay, jitter and packet loss via various technologies, including a van equipped with an antenna and scanners for monitoring the quality of wireless telecom networks.
Vesna Manojlovic, RIPE NCC, asked whether Vladica had considered using RIPE Atlas for their ISP measurements, and Vladica said they hadn't. Vesna said she would follow up with him.
There was also a question about whether Vladica had considered using any client-side apps to make their own measurements, and Vladica said they are considering building such an app.
Measuring the Health of the Internet: Even in Real Time
- Massimo Candela, RIPE NCC
Massimo gave an overview of RIPEstat, the RIPE NCC's source of information on specific IP prefixes and ASNs, and RIPE Atlas, the RIPE NCC's global Internet measurement network. He showed how the two tools can be used together to analyse network events, such as using RIPEstat's BGPlay widget and RIPE Atlas' seismograph tool to visualise a recent incident when Facebook went offline. He also introduced the new RIPE Atlas streaming architecture, which allows users to tap into a continuous stream of measurement results in real time as they are sent by the RIPE Atlas probes.
If You Can't Measure It, How Do You Know If It Works?
- Matija Grabnar, NetTV Plus
Matija gave an overview of NetTV Plus, which streams live TV channels over the Internet to clients all over the world, and explained how they go about performance monitoring, troubleshooting, maintenance prediction, optimisation support and configuration management. He said that customer complaints have fallen by more than 90% thanks to their measurement efforts, which employ a mixture of monitoring tools Munin and Nagios.
Performance Gains With Ansible in CDN Environment
- Sibin Arsenijevic, NetTV Plus
Sibin detailed his experiences using Ansible, an open-source software platform to configure and manage hardware, to help solve issues they had with provisioning a constantly growing number of machines and the time and resources that took. He explained Ansible's benefits and limitations, and how NetTV Plus, an online streaming service for live TV channels, employs playbooks to quickly and easily patch their systems.
Closing Plenary
Vesna Manojlovic, RIPE NCC, wrapped up the meeting and thanked the hosts, sponsors and SEE Programme Committee. She said the meeting had been very well attended and was the biggest SEE Meeting to date, with 235 checked in participants from 18 different countries, including 134 participants from Serbia, and had included a lot of interesting content. She invited everyone to the next SEE Meeting, SEE 5, which will take place in Tirana, Albania from 19-20 April 2016. In the meantime, she encouraged everyone to attend RIPE 70 in Amsterdam, Netherlands from 11-15 May 2015 and RIPE 71 in Bucharest, Romania from 16-20 November 2015.