Fall 2016 NetGurus Meeting Internet2 will provide NetGurus a room to be set in a closed Board style conference seating to support ~30 participants . The meeting will take place the Thursday after the Technology Exchange (Sept. 26-28, 2016) conference concludes. We will have a projector and screen available if needed by participants. Summary Location | Miami, FL | Room | Trade (Lobby Level) | Date | Sept. 29, 2016 | Time | 9:00am - 5:00pm |
NOTE: Breakfast and lunch are on your own. A morning and afternoon break with snacks and beverages will be provided. We will go to dinner as a group the night before. Tentative Agenda Time | Activity |
---|
Breakfast | On your own | 9:00am | Gurus start | 10:30-11:00am | Break and networking (Brickell Foyer - Lobby Level) | Noon | Lunch on your own | 3-3:30pm | Break and networking (Brickell Foyer - Lobby Level) | 6:00pm*** | Gurus and Guests Dinner |
***Note that the dinner is on Wednesday night, instead of after the meeting Thursday. Attendance Contact Dan Brisson (dbrisson@uvm.edu) or Cas D'Angelo (cas.dangelo@oit.gatech.edu) to RSVP and for topics you wish to discuss during the meeting. Attendance limit is 30. Name | Email |
---|
Dan Brisson | dbrisson@uvm.edu | Cas D'Angelo | cas.dangelo@oit.gatech.edu | Peter Gutierrez | peterg@nic.umass.edu | John Kristoff | jtk@depaul.edu | Drew Lake | rlake2@depaul.edu | Dan Magorian | Dan.Magorian@jhuapl.edu | Andrew Gallo | agallo@gwu.edu | Danny Shue | danny_shue@unc.edu | Mike Van Norman | mvn@ucla.edu | Tony Brock | anthony.brock@oregonstate.edu | Yul Pyun | ypyun@usc.edu | Joe Rogers | joe@usf.edu | Jose Dominguez | jad@uoregon.edu | David Teach | dteach@uoregon.edu | Matt Wilson | mwilson@northwestern.edu | Amy Liebowitz | amylieb@umich.edu | Charles Rumford | charlesr@isc.upenn.edu | Dwayne Fennell | dfennel@clemson.edu | Matt Zekauskas | matt@internet2.edu | Matthew Almand | matthew-almand@tamu.edu | Randy Dahilig | randyfd@triton.uog.edu | Jose Santiago | jdsantiago@triton.uog.edu | Brian Flanagan | brian.flanagan@oit.gatech.edu | Liane Tarouco | liane@penta.ufrgs.br | Adair Thaxton | sthaxton@email.unc.edu | Chris Cook | chris.cook@nyu.edu | Noaman Khan | noaman@gwu.edu | Joe Marentette | jmarentette@wustl.edu | Dan Matthews | dcm81@case.edu |
Discussion Topics and Notes Topics are submitted by participants. Please contact Dan Brisson (dbrisson@uvm.edu) or Cas D'Angelo (cas.dangelo@oit.gatech.edu) to add an item to the agenda. - Internet2 network futures plan - What does the next generation network need to look like?
DDoS attack mitigation - This topic was covered fairly heavily during the conference due to Internet2's interest in offering this service
- NoX working with Akamai on a solution for members
- Concerns about large scale attacks against an entire /16, not just a single or a couple of hosts
- Use a CDN for critical web assets instead of paying for DDoS mitigation services
- Cost of impact:
- Multiple happy Arbor customers
- Create a common list of contacts to call when under a DDoS
- Talk with local Risk Management office about DDoS to assist with costs
- 3 out of 30 participants paying for DDoS mitigation services
- 15 out 30 use RTBH
Cloud/Data center outsourcing, experiences, challenges - One school with "cloud first initiative" - explore cloud first for any new service
- Virtualize and move servers to cloud
- Another school with initiative 3yrs ago to move 75% of services to cloud - estimate that today only 3 out of a couple hundred have moved
- Legacy app issues
- Readying application developers an issue
- Cloud is more expensive than led to believe
- Looking now at private cloud now
- Differences in offerings from cloud vendors
- Bandwidth
- IPSec
- Resources available to researchers
- 10 schools with private cloud service on campus - openstack
- Only one school with "bursting into the cloud"
- Report of a CIO forum with 4 CIOs speaking of advantages of the cloud
- Keeping expertise in-house doesn't make sense
- Rather have people manage relationships
- How can we as network engineers be in the loop on enabling the move to the cloud
- Cloud automation
- One school looking at Clicker for DNS automation
- Another school going with Cisco offering
- Ties into ServiceNow, Infoblox, Firewalls
- Cloudlab mentioned
- Setup VRF for connection to cloud
- 3/4s of participants using VRFs on campus today
- 5 with more than 10 vrfs on an interface
Automated network configuration management tools and techniques - Php/ipam used by one school
- good documentation for automatic provisioning
- Digital Ocean
- Netbotz
- Netdot
- swiss army knife
- does not support VRFs
- Custom scripts to check:
- Configs
- ACLs not in use
- DNS consistency
- Check ospf database
- Spectrum
- Akips
- Infoblox
- Ansible & RANCID
- Solarwinds
- Netflow: SILK
- Splunk
IPv6 deployment: L2 monitoring and auditing, IPv4 congruency
- Netdb to scrape mac/ipv6 address
- Slaac in use, b/c of Android not supporting DHCPv6
- Anti-spoofing v6 ACLs
- Ptp links at /127 out of a /64
- FHRP protections still holding back until it’s on par with v4
- V4 and v6 ACL congruence
- Concern of rogue RAs
- Issues with appliances supporting v6 routing protocols such as OSPF, ISIS, BGP
Dinner Options Pollos Jarras
|